diff --git a/assets/argo/argo-cd-5.34.1.tgz b/assets/argo/argo-cd-5.34.1.tgz new file mode 100644 index 000000000..7f5f59615 Binary files /dev/null and b/assets/argo/argo-cd-5.34.1.tgz differ diff --git a/assets/bitnami/airflow-14.2.2.tgz b/assets/bitnami/airflow-14.2.2.tgz new file mode 100644 index 000000000..4ec7441a5 Binary files /dev/null and b/assets/bitnami/airflow-14.2.2.tgz differ diff --git a/assets/bitnami/cassandra-10.3.1.tgz b/assets/bitnami/cassandra-10.3.1.tgz new file mode 100644 index 000000000..f5a4f9cbf Binary files /dev/null and b/assets/bitnami/cassandra-10.3.1.tgz differ diff --git a/assets/bitnami/kafka-22.1.2.tgz b/assets/bitnami/kafka-22.1.2.tgz new file mode 100644 index 000000000..eb24bedc8 Binary files /dev/null and b/assets/bitnami/kafka-22.1.2.tgz differ diff --git a/assets/bitnami/redis-17.11.2.tgz b/assets/bitnami/redis-17.11.2.tgz new file mode 100644 index 000000000..5c1c8b5fe Binary files /dev/null and b/assets/bitnami/redis-17.11.2.tgz differ diff --git a/assets/bitnami/spark-6.6.2.tgz b/assets/bitnami/spark-6.6.2.tgz new file mode 100644 index 000000000..a7155f430 Binary files /dev/null and b/assets/bitnami/spark-6.6.2.tgz differ diff --git a/assets/bitnami/wordpress-16.1.5.tgz b/assets/bitnami/wordpress-16.1.5.tgz new file mode 100644 index 000000000..2e29d7243 Binary files /dev/null and b/assets/bitnami/wordpress-16.1.5.tgz differ diff --git a/assets/btp/chronicle-0.1.14.tgz b/assets/btp/chronicle-0.1.14.tgz new file mode 100644 index 000000000..ffdf4be6b Binary files /dev/null and b/assets/btp/chronicle-0.1.14.tgz differ diff --git a/assets/citrix/citrix-cpx-with-ingress-controller-1.32.7.tgz b/assets/citrix/citrix-cpx-with-ingress-controller-1.32.7.tgz new file mode 100644 index 000000000..ce668622f Binary files /dev/null and b/assets/citrix/citrix-cpx-with-ingress-controller-1.32.7.tgz differ diff --git a/assets/citrix/citrix-ingress-controller-1.32.7.tgz b/assets/citrix/citrix-ingress-controller-1.32.7.tgz new file mode 100644 index 000000000..e0f8af0e2 Binary files /dev/null and b/assets/citrix/citrix-ingress-controller-1.32.7.tgz differ diff --git a/assets/codefresh/cf-runtime-1.0.6.tgz b/assets/codefresh/cf-runtime-1.0.6.tgz new file mode 100644 index 000000000..d72507a5f Binary files /dev/null and b/assets/codefresh/cf-runtime-1.0.6.tgz differ diff --git a/assets/datadog/datadog-3.29.2.tgz b/assets/datadog/datadog-3.29.2.tgz new file mode 100644 index 000000000..5c9ba12e9 Binary files /dev/null and b/assets/datadog/datadog-3.29.2.tgz differ diff --git a/assets/gitlab/gitlab-6.11.4.tgz b/assets/gitlab/gitlab-6.11.4.tgz new file mode 100644 index 000000000..ebd0af15b Binary files /dev/null and b/assets/gitlab/gitlab-6.11.4.tgz differ diff --git a/assets/harbor/harbor-1.12.1.tgz b/assets/harbor/harbor-1.12.1.tgz new file mode 100644 index 000000000..9b0578f6d Binary files /dev/null and b/assets/harbor/harbor-1.12.1.tgz differ diff --git a/assets/kong/kong-2.21.0.tgz b/assets/kong/kong-2.21.0.tgz new file mode 100644 index 000000000..55274b854 Binary files /dev/null and b/assets/kong/kong-2.21.0.tgz differ diff --git a/assets/new-relic/nri-bundle-5.0.15.tgz b/assets/new-relic/nri-bundle-5.0.15.tgz new file mode 100644 index 000000000..368886e64 Binary files /dev/null and b/assets/new-relic/nri-bundle-5.0.15.tgz differ diff --git a/assets/pixie/pixie-operator-chart-0.1.1.tgz b/assets/pixie/pixie-operator-chart-0.1.1.tgz index 86b3ae61e..5294495fa 100644 Binary files a/assets/pixie/pixie-operator-chart-0.1.1.tgz and b/assets/pixie/pixie-operator-chart-0.1.1.tgz differ diff --git a/assets/redpanda/redpanda-4.0.17.tgz b/assets/redpanda/redpanda-4.0.17.tgz new file mode 100644 index 000000000..0d55cdb0d Binary files /dev/null and b/assets/redpanda/redpanda-4.0.17.tgz differ diff --git a/assets/speedscale/speedscale-operator-1.3.3.tgz b/assets/speedscale/speedscale-operator-1.3.3.tgz new file mode 100644 index 000000000..4345cc02d Binary files /dev/null and b/assets/speedscale/speedscale-operator-1.3.3.tgz differ diff --git a/assets/sysdig/sysdig-1.15.88.tgz b/assets/sysdig/sysdig-1.15.88.tgz new file mode 100644 index 000000000..c1285b86a Binary files /dev/null and b/assets/sysdig/sysdig-1.15.88.tgz differ diff --git a/assets/triggermesh/triggermesh-0.8.1.tgz b/assets/triggermesh/triggermesh-0.8.1.tgz new file mode 100644 index 000000000..d1f388203 Binary files /dev/null and b/assets/triggermesh/triggermesh-0.8.1.tgz differ diff --git a/assets/yugabyte/yugabyte-2.18.0.tgz b/assets/yugabyte/yugabyte-2.18.0.tgz new file mode 100644 index 000000000..51b4e00f2 Binary files /dev/null and b/assets/yugabyte/yugabyte-2.18.0.tgz differ diff --git a/assets/yugabyte/yugaware-2.18.0.tgz b/assets/yugabyte/yugaware-2.18.0.tgz new file mode 100644 index 000000000..f31f92437 Binary files /dev/null and b/assets/yugabyte/yugaware-2.18.0.tgz differ diff --git a/charts/argo/argo-cd/Chart.yaml b/charts/argo/argo-cd/Chart.yaml index 24312b065..4329fe523 100644 --- a/charts/argo/argo-cd/Chart.yaml +++ b/charts/argo/argo-cd/Chart.yaml @@ -1,7 +1,7 @@ annotations: artifacthub.io/changes: | - - kind: changed - description: Update redis-ha to v4.23.0 + - kind: added + description: Add new bitbucket cloud SSH key to configs.ssh.knownHosts artifacthub.io/signKey: | fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc @@ -32,4 +32,4 @@ name: argo-cd sources: - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd - https://github.com/argoproj/argo-cd -version: 5.33.4 +version: 5.34.1 diff --git a/charts/argo/argo-cd/README.md b/charts/argo/argo-cd/README.md index 4519caec7..1fa388ed5 100644 --- a/charts/argo/argo-cd/README.md +++ b/charts/argo/argo-cd/README.md @@ -594,6 +594,7 @@ NAME: my-release | repoServer.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the repo server | | repoServer.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | repoServer.initContainers | list | `[]` | Init containers to add to the repo server pods | +| repoServer.lifecycle | object | `{}` | Specify postStart and preStop lifecycle hooks for your argo-repo-server container | | repoServer.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | repoServer.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | repoServer.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | diff --git a/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml index 0226b48fc..4f2c45bdb 100644 --- a/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -275,6 +275,10 @@ spec: {{- toYaml .Values.repoServer.resources | nindent 10 }} securityContext: {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }} + {{- with .Values.repoServer.lifecycle }} + lifecycle: + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.repoServer.extraContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} diff --git a/charts/argo/argo-cd/values.yaml b/charts/argo/argo-cd/values.yaml index 2ad1b9181..2906eb82b 100644 --- a/charts/argo/argo-cd/values.yaml +++ b/charts/argo/argo-cd/values.yaml @@ -315,6 +315,8 @@ configs: # -- Known hosts to be added to the known host list by default. # @default -- See [values.yaml] knownHosts: | + bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO + bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl @@ -2059,6 +2061,9 @@ repoServer: # - secretRef: # name: secret-name + # -- Specify postStart and preStop lifecycle hooks for your argo-repo-server container + lifecycle: {} + # -- Additional containers to be added to the repo server pod ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/config-management-plugins/ ## Note: Supports use of custom Helm templates diff --git a/charts/bitnami/airflow/Chart.lock b/charts/bitnami/airflow/Chart.lock index a2cdb6b14..ecd56379c 100644 --- a/charts/bitnami/airflow/Chart.lock +++ b/charts/bitnami/airflow/Chart.lock @@ -4,9 +4,9 @@ dependencies: version: 17.10.3 - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 12.5.1 + version: 12.5.2 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.3.0 -digest: sha256:9299cf5d7e82e4ea6c33e1ecc32eb02ae581664403edcb8630cc270e8fa8ba8e -generated: "2023-05-15T17:12:01.855038165Z" +digest: sha256:6649288f0ca3caa371884aac03ecd59d9197130cda0adb7529616a62ae1cc316 +generated: "2023-05-16T15:46:17.181715321Z" diff --git a/charts/bitnami/airflow/Chart.yaml b/charts/bitnami/airflow/Chart.yaml index 2d1d1fbc7..64d93a8ff 100644 --- a/charts/bitnami/airflow/Chart.yaml +++ b/charts/bitnami/airflow/Chart.yaml @@ -37,4 +37,4 @@ maintainers: name: airflow sources: - https://github.com/bitnami/charts/tree/main/bitnami/airflow -version: 14.2.1 +version: 14.2.2 diff --git a/charts/bitnami/airflow/README.md b/charts/bitnami/airflow/README.md index 4ff4caa51..3f66e61b0 100644 --- a/charts/bitnami/airflow/README.md +++ b/charts/bitnami/airflow/README.md @@ -107,7 +107,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | -------------------- | | `web.image.registry` | Airflow image registry | `docker.io` | | `web.image.repository` | Airflow image repository | `bitnami/airflow` | -| `web.image.tag` | Airflow image tag (immutable tags are recommended) | `2.6.0-debian-11-r5` | +| `web.image.tag` | Airflow image tag (immutable tags are recommended) | `2.6.0-debian-11-r7` | | `web.image.digest` | Airflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `web.image.pullPolicy` | Airflow image pull policy | `IfNotPresent` | | `web.image.pullSecrets` | Airflow image pull secrets | `[]` | @@ -182,7 +182,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------------- | | `scheduler.image.registry` | Airflow Scheduler image registry | `docker.io` | | `scheduler.image.repository` | Airflow Scheduler image repository | `bitnami/airflow-scheduler` | -| `scheduler.image.tag` | Airflow Scheduler image tag (immutable tags are recommended) | `2.6.0-debian-11-r3` | +| `scheduler.image.tag` | Airflow Scheduler image tag (immutable tags are recommended) | `2.6.0-debian-11-r4` | | `scheduler.image.digest` | Airflow Schefuler image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `scheduler.image.pullPolicy` | Airflow Scheduler image pull policy | `IfNotPresent` | | `scheduler.image.pullSecrets` | Airflow Scheduler image pull secrets | `[]` | @@ -236,7 +236,7 @@ The command removes all the Kubernetes components associated with the chart and | ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------------------ | | `worker.image.registry` | Airflow Worker image registry | `docker.io` | | `worker.image.repository` | Airflow Worker image repository | `bitnami/airflow-worker` | -| `worker.image.tag` | Airflow Worker image tag (immutable tags are recommended) | `2.6.0-debian-11-r3` | +| `worker.image.tag` | Airflow Worker image tag (immutable tags are recommended) | `2.6.0-debian-11-r4` | | `worker.image.digest` | Airflow Worker image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `worker.image.pullPolicy` | Airflow Worker image pull policy | `IfNotPresent` | | `worker.image.pullSecrets` | Airflow Worker image pull secrets | `[]` | diff --git a/charts/bitnami/airflow/charts/postgresql/Chart.yaml b/charts/bitnami/airflow/charts/postgresql/Chart.yaml index ee34d6af9..38b285b4c 100644 --- a/charts/bitnami/airflow/charts/postgresql/Chart.yaml +++ b/charts/bitnami/airflow/charts/postgresql/Chart.yaml @@ -27,4 +27,4 @@ maintainers: name: postgresql sources: - https://github.com/bitnami/charts/tree/main/bitnami/postgresql -version: 12.5.1 +version: 12.5.2 diff --git a/charts/bitnami/airflow/charts/postgresql/README.md b/charts/bitnami/airflow/charts/postgresql/README.md index f44a01f42..865a5580c 100644 --- a/charts/bitnami/airflow/charts/postgresql/README.md +++ b/charts/bitnami/airflow/charts/postgresql/README.md @@ -360,13 +360,13 @@ kubectl delete pvc -l release=my-release | `networkPolicy.ingressRules.primaryAccessOnlyFrom.enabled` | Enable ingress rule that makes PostgreSQL primary node only accessible from a particular origin. | `false` | | `networkPolicy.ingressRules.primaryAccessOnlyFrom.namespaceSelector` | Namespace selector label that is allowed to access the PostgreSQL primary node. This label will be used to identified the allowed namespace(s). | `{}` | | `networkPolicy.ingressRules.primaryAccessOnlyFrom.podSelector` | Pods selector label that is allowed to access the PostgreSQL primary node. This label will be used to identified the allowed pod(s). | `{}` | -| `networkPolicy.ingressRules.primaryAccessOnlyFrom.customRules` | Custom network policy for the PostgreSQL primary node. | `{}` | +| `networkPolicy.ingressRules.primaryAccessOnlyFrom.customRules` | Custom network policy for the PostgreSQL primary node. | `[]` | | `networkPolicy.ingressRules.readReplicasAccessOnlyFrom.enabled` | Enable ingress rule that makes PostgreSQL read-only nodes only accessible from a particular origin. | `false` | | `networkPolicy.ingressRules.readReplicasAccessOnlyFrom.namespaceSelector` | Namespace selector label that is allowed to access the PostgreSQL read-only nodes. This label will be used to identified the allowed namespace(s). | `{}` | | `networkPolicy.ingressRules.readReplicasAccessOnlyFrom.podSelector` | Pods selector label that is allowed to access the PostgreSQL read-only nodes. This label will be used to identified the allowed pod(s). | `{}` | -| `networkPolicy.ingressRules.readReplicasAccessOnlyFrom.customRules` | Custom network policy for the PostgreSQL read-only nodes. | `{}` | +| `networkPolicy.ingressRules.readReplicasAccessOnlyFrom.customRules` | Custom network policy for the PostgreSQL read-only nodes. | `[]` | | `networkPolicy.egressRules.denyConnectionsToExternal` | Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53). | `false` | -| `networkPolicy.egressRules.customRules` | Custom network policy rule | `{}` | +| `networkPolicy.egressRules.customRules` | Custom network policy rule | `[]` | ### Volume Permissions parameters diff --git a/charts/bitnami/airflow/charts/postgresql/values.yaml b/charts/bitnami/airflow/charts/postgresql/values.yaml index 7cdfff109..ec802fe44 100644 --- a/charts/bitnami/airflow/charts/postgresql/values.yaml +++ b/charts/bitnami/airflow/charts/postgresql/values.yaml @@ -1051,7 +1051,7 @@ networkPolicy: ## @param networkPolicy.ingressRules.primaryAccessOnlyFrom.enabled Enable ingress rule that makes PostgreSQL primary node only accessible from a particular origin. ## @param networkPolicy.ingressRules.primaryAccessOnlyFrom.namespaceSelector [object] Namespace selector label that is allowed to access the PostgreSQL primary node. This label will be used to identified the allowed namespace(s). ## @param networkPolicy.ingressRules.primaryAccessOnlyFrom.podSelector [object] Pods selector label that is allowed to access the PostgreSQL primary node. This label will be used to identified the allowed pod(s). - ## @param networkPolicy.ingressRules.primaryAccessOnlyFrom.customRules [object] Custom network policy for the PostgreSQL primary node. + ## @param networkPolicy.ingressRules.primaryAccessOnlyFrom.customRules Custom network policy for the PostgreSQL primary node. ## primaryAccessOnlyFrom: enabled: false @@ -1073,11 +1073,11 @@ networkPolicy: ## matchLabels: ## label: example ## - customRules: {} + customRules: [] ## @param networkPolicy.ingressRules.readReplicasAccessOnlyFrom.enabled Enable ingress rule that makes PostgreSQL read-only nodes only accessible from a particular origin. ## @param networkPolicy.ingressRules.readReplicasAccessOnlyFrom.namespaceSelector [object] Namespace selector label that is allowed to access the PostgreSQL read-only nodes. This label will be used to identified the allowed namespace(s). ## @param networkPolicy.ingressRules.readReplicasAccessOnlyFrom.podSelector [object] Pods selector label that is allowed to access the PostgreSQL read-only nodes. This label will be used to identified the allowed pod(s). - ## @param networkPolicy.ingressRules.readReplicasAccessOnlyFrom.customRules [object] Custom network policy for the PostgreSQL read-only nodes. + ## @param networkPolicy.ingressRules.readReplicasAccessOnlyFrom.customRules Custom network policy for the PostgreSQL read-only nodes. ## readReplicasAccessOnlyFrom: enabled: false @@ -1099,9 +1099,9 @@ networkPolicy: ## matchLabels: ## label: example ## - customRules: {} + customRules: [] ## @param networkPolicy.egressRules.denyConnectionsToExternal Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53). - ## @param networkPolicy.egressRules.customRules [object] Custom network policy rule + ## @param networkPolicy.egressRules.customRules Custom network policy rule ## egressRules: # Deny connections to external. This is not compatible with an external database. @@ -1114,7 +1114,7 @@ networkPolicy: ## matchLabels: ## label: example ## - customRules: {} + customRules: [] ## @section Volume Permissions parameters ## diff --git a/charts/bitnami/airflow/values.yaml b/charts/bitnami/airflow/values.yaml index 7f70bc04a..215d9b78e 100644 --- a/charts/bitnami/airflow/values.yaml +++ b/charts/bitnami/airflow/values.yaml @@ -185,7 +185,7 @@ web: image: registry: docker.io repository: bitnami/airflow - tag: 2.6.0-debian-11-r5 + tag: 2.6.0-debian-11-r7 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -443,7 +443,7 @@ scheduler: image: registry: docker.io repository: bitnami/airflow-scheduler - tag: 2.6.0-debian-11-r3 + tag: 2.6.0-debian-11-r4 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -647,7 +647,7 @@ worker: image: registry: docker.io repository: bitnami/airflow-worker - tag: 2.6.0-debian-11-r3 + tag: 2.6.0-debian-11-r4 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/charts/bitnami/cassandra/Chart.lock b/charts/bitnami/cassandra/Chart.lock index 8a89073ec..bedcd5ec5 100644 --- a/charts/bitnami/cassandra/Chart.lock +++ b/charts/bitnami/cassandra/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.2.5 -digest: sha256:318f438acfeaced11d9060877d615caf1985417d2865810defaa886d3496f8d3 -generated: "2023-05-09T09:07:28.918839878Z" + version: 2.3.0 +digest: sha256:11bbe86be64062d37b725f4dbc909aba3585b4976624ee9d27522366d3f956ea +generated: "2023-05-16T18:20:15.336798984Z" diff --git a/charts/bitnami/cassandra/Chart.yaml b/charts/bitnami/cassandra/Chart.yaml index b3e2d9115..59a60ae47 100644 --- a/charts/bitnami/cassandra/Chart.yaml +++ b/charts/bitnami/cassandra/Chart.yaml @@ -16,17 +16,16 @@ dependencies: description: Apache Cassandra is an open source distributed database management system designed to handle large amounts of data across many servers, providing high availability with no single point of failure. -home: https://github.com/bitnami/charts/tree/main/bitnami/cassandra +home: https://bitnami.com icon: https://svn.apache.org/repos/asf/comdev/project-logos/originals/cassandra-4.svg keywords: - cassandra - database - nosql maintainers: -- name: Bitnami +- name: VMware, Inc. url: https://github.com/bitnami/charts name: cassandra sources: -- https://github.com/bitnami/containers/tree/main/bitnami/cassandra -- http://cassandra.apache.org -version: 10.2.2 +- https://github.com/bitnami/charts/tree/main/bitnami/cassandra +version: 10.3.1 diff --git a/charts/bitnami/cassandra/README.md b/charts/bitnami/cassandra/README.md index e36d655c6..c6a32ae5c 100644 --- a/charts/bitnami/cassandra/README.md +++ b/charts/bitnami/cassandra/README.md @@ -75,40 +75,40 @@ The command removes all the Kubernetes components associated with the chart and ### Cassandra parameters -| Name | Description | Value | -| ----------------------------- | ---------------------------------------------------------------------------------------------------------------------- | -------------------- | -| `image.registry` | Cassandra image registry | `docker.io` | -| `image.repository` | Cassandra image repository | `bitnami/cassandra` | -| `image.tag` | Cassandra image tag (immutable tags are recommended) | `4.1.1-debian-11-r9` | -| `image.digest` | Cassandra image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Cassandra image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | -| `dbUser.user` | Cassandra admin user | `cassandra` | -| `dbUser.forcePassword` | Force the user to provide a non | `false` | -| `dbUser.password` | Password for `dbUser.user`. Randomly generated if empty | `""` | -| `dbUser.existingSecret` | Use an existing secret object for `dbUser.user` password (will ignore `dbUser.password`) | `""` | -| `initDBConfigMap` | ConfigMap with cql scripts. Useful for creating a keyspace and pre-populating data | `""` | -| `initDBSecret` | Secret with cql script (with sensitive data). Useful for creating a keyspace and pre-populating data | `""` | -| `existingConfiguration` | ConfigMap with custom cassandra configuration files. This overrides any other Cassandra configuration set in the chart | `""` | -| `cluster.name` | Cassandra cluster name | `cassandra` | -| `cluster.seedCount` | Number of seed nodes | `1` | -| `cluster.numTokens` | Number of tokens for each node | `256` | -| `cluster.datacenter` | Datacenter name | `dc1` | -| `cluster.rack` | Rack name | `rack1` | -| `cluster.endpointSnitch` | Endpoint Snitch | `SimpleSnitch` | -| `cluster.internodeEncryption` | DEPRECATED: use tls.internode and tls.client instead. Encryption values. | `none` | -| `cluster.clientEncryption` | Client Encryption | `false` | -| `cluster.extraSeeds` | For an external/second cassandra ring. | `[]` | -| `cluster.enableUDF` | Enable User defined functions | `false` | -| `jvm.extraOpts` | Set the value for Java Virtual Machine extra options | `""` | -| `jvm.maxHeapSize` | Set Java Virtual Machine maximum heap size (MAX_HEAP_SIZE). Calculated automatically if `nil` | `""` | -| `jvm.newHeapSize` | Set Java Virtual Machine new heap size (HEAP_NEWSIZE). Calculated automatically if `nil` | `""` | -| `command` | Command for running the container (set to default if not set). Use array form | `[]` | -| `args` | Args for running the container (set to default if not set). Use array form | `[]` | -| `extraEnvVars` | Extra environment variables to be set on cassandra container | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | +| Name | Description | Value | +| ----------------------------- | ---------------------------------------------------------------------------------------------------------------------- | --------------------- | +| `image.registry` | Cassandra image registry | `docker.io` | +| `image.repository` | Cassandra image repository | `bitnami/cassandra` | +| `image.tag` | Cassandra image tag (immutable tags are recommended) | `4.1.1-debian-11-r12` | +| `image.digest` | Cassandra image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Cassandra image pull secrets | `[]` | +| `image.debug` | Enable image debug mode | `false` | +| `dbUser.user` | Cassandra admin user | `cassandra` | +| `dbUser.forcePassword` | Force the user to provide a non | `false` | +| `dbUser.password` | Password for `dbUser.user`. Randomly generated if empty | `""` | +| `dbUser.existingSecret` | Use an existing secret object for `dbUser.user` password (will ignore `dbUser.password`) | `""` | +| `initDBConfigMap` | ConfigMap with cql scripts. Useful for creating a keyspace and pre-populating data | `""` | +| `initDBSecret` | Secret with cql script (with sensitive data). Useful for creating a keyspace and pre-populating data | `""` | +| `existingConfiguration` | ConfigMap with custom cassandra configuration files. This overrides any other Cassandra configuration set in the chart | `""` | +| `cluster.name` | Cassandra cluster name | `cassandra` | +| `cluster.seedCount` | Number of seed nodes | `1` | +| `cluster.numTokens` | Number of tokens for each node | `256` | +| `cluster.datacenter` | Datacenter name | `dc1` | +| `cluster.rack` | Rack name | `rack1` | +| `cluster.endpointSnitch` | Endpoint Snitch | `SimpleSnitch` | +| `cluster.internodeEncryption` | DEPRECATED: use tls.internode and tls.client instead. Encryption values. | `none` | +| `cluster.clientEncryption` | Client Encryption | `false` | +| `cluster.extraSeeds` | For an external/second cassandra ring. | `[]` | +| `cluster.enableUDF` | Enable User defined functions | `false` | +| `jvm.extraOpts` | Set the value for Java Virtual Machine extra options | `""` | +| `jvm.maxHeapSize` | Set Java Virtual Machine maximum heap size (MAX_HEAP_SIZE). Calculated automatically if `nil` | `""` | +| `jvm.newHeapSize` | Set Java Virtual Machine new heap size (HEAP_NEWSIZE). Calculated automatically if `nil` | `""` | +| `command` | Command for running the container (set to default if not set). Use array form | `[]` | +| `args` | Args for running the container (set to default if not set). Use array form | `[]` | +| `extraEnvVars` | Extra environment variables to be set on cassandra container | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | ### Statefulset parameters @@ -229,7 +229,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | | `volumePermissions.image.registry` | Init container volume image registry | `docker.io` | | `volumePermissions.image.repository` | Init container volume image repository | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Init container volume image tag (immutable tags are recommended) | `11-debian-11-r114` | +| `volumePermissions.image.tag` | Init container volume image tag (immutable tags are recommended) | `11-debian-11-r116` | | `volumePermissions.image.digest` | Init container volume image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Init container volume pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | @@ -244,7 +244,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a side-car prometheus exporter | `false` | | `metrics.image.registry` | Cassandra exporter image registry | `docker.io` | | `metrics.image.repository` | Cassandra exporter image name | `bitnami/cassandra-exporter` | -| `metrics.image.tag` | Cassandra exporter image tag | `2.3.8-debian-11-r117` | +| `metrics.image.tag` | Cassandra exporter image tag | `2.3.8-debian-11-r119` | | `metrics.image.digest` | Cassandra exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | diff --git a/charts/bitnami/cassandra/charts/common/Chart.yaml b/charts/bitnami/cassandra/charts/common/Chart.yaml index 8f0fff689..220717ee1 100644 --- a/charts/bitnami/cassandra/charts/common/Chart.yaml +++ b/charts/bitnami/cassandra/charts/common/Chart.yaml @@ -2,10 +2,10 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 2.2.5 +appVersion: 2.3.0 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. -home: https://github.com/bitnami/charts/tree/main/bitnami/common +home: https://bitnami.com icon: https://bitnami.com/downloads/logos/bitnami-mark.png keywords: - common @@ -14,11 +14,10 @@ keywords: - function - bitnami maintainers: -- name: Bitnami +- name: VMware, Inc. url: https://github.com/bitnami/charts name: common sources: - https://github.com/bitnami/charts -- https://www.bitnami.com/ type: library -version: 2.2.5 +version: 2.3.0 diff --git a/charts/bitnami/cassandra/charts/common/README.md b/charts/bitnami/cassandra/charts/common/README.md index 6381c3b72..72fca33da 100644 --- a/charts/bitnami/cassandra/charts/common/README.md +++ b/charts/bitnami/cassandra/charts/common/README.md @@ -2,6 +2,8 @@ A [Helm Library Chart](https://helm.sh/docs/topics/library_charts/#helm) for grouping common logic between Bitnami charts. +Looking to use our applications in production? Try [VMware Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog. + ## TL;DR ```yaml diff --git a/charts/bitnami/cassandra/charts/common/templates/_images.tpl b/charts/bitnami/cassandra/charts/common/templates/_images.tpl index 2e7b15151..d60c22e25 100644 --- a/charts/bitnami/cassandra/charts/common/templates/_images.tpl +++ b/charts/bitnami/cassandra/charts/common/templates/_images.tpl @@ -45,7 +45,7 @@ Return the proper Docker Image Registry Secret Names (deprecated: use common.ima {{- if (not (empty $pullSecrets)) }} imagePullSecrets: - {{- range $pullSecrets }} + {{- range $pullSecrets | uniq }} - name: {{ . }} {{- end }} {{- end }} @@ -73,7 +73,7 @@ Return the proper Docker Image Registry Secret Names evaluating values as templa {{- if (not (empty $pullSecrets)) }} imagePullSecrets: - {{- range $pullSecrets }} + {{- range $pullSecrets | uniq }} - name: {{ . }} {{- end }} {{- end }} diff --git a/charts/bitnami/cassandra/values.yaml b/charts/bitnami/cassandra/values.yaml index 379f01539..23fe59877 100644 --- a/charts/bitnami/cassandra/values.yaml +++ b/charts/bitnami/cassandra/values.yaml @@ -73,7 +73,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/cassandra - tag: 4.1.1-debian-11-r9 + tag: 4.1.1-debian-11-r12 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -610,7 +610,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/bitnami-shell - tag: 11-debian-11-r114 + tag: 11-debian-11-r116 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -679,7 +679,7 @@ metrics: registry: docker.io pullPolicy: IfNotPresent repository: bitnami/cassandra-exporter - tag: 2.3.8-debian-11-r117 + tag: 2.3.8-debian-11-r119 digest: "" ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. diff --git a/charts/bitnami/kafka/Chart.yaml b/charts/bitnami/kafka/Chart.yaml index 4b3034eef..458387e6b 100644 --- a/charts/bitnami/kafka/Chart.yaml +++ b/charts/bitnami/kafka/Chart.yaml @@ -34,4 +34,4 @@ maintainers: name: kafka sources: - https://github.com/bitnami/charts/tree/main/bitnami/kafka -version: 22.1.1 +version: 22.1.2 diff --git a/charts/bitnami/kafka/README.md b/charts/bitnami/kafka/README.md index 4fd28b228..2870e1534 100644 --- a/charts/bitnami/kafka/README.md +++ b/charts/bitnami/kafka/README.md @@ -8,6 +8,8 @@ Apache Kafka is a distributed streaming platform designed to build real-time pip Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement. +Looking to use Apache Kafka in production? Try [VMware Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog. + ## TL;DR ```console diff --git a/charts/bitnami/kafka/templates/_helpers.tpl b/charts/bitnami/kafka/templates/_helpers.tpl index 1b4820189..73c1b332d 100644 --- a/charts/bitnami/kafka/templates/_helpers.tpl +++ b/charts/bitnami/kafka/templates/_helpers.tpl @@ -519,8 +519,8 @@ kafka: .Values.auth.tls.existingSecrets {{/* Validate values of Kafka provisioning - keyPasswordSecretKey, keystorePasswordSecretKey or truststorePasswordSecretKey must not be used without passwordsSecret */}} {{- define "kafka.validateValues.tlsPasswords" -}} -{{- if and (include "kafka.client.tlsEncryption" .) (not .Values.auth.tls.passwordsSecret) }} -{{- if or .Values.auth.tls.keyPasswordSecretKey .Values.auth.tls.keystorePasswordSecretKey .Values.auth.tls.truststorePasswordSecretKey }} +{{- if and (include "kafka.client.tlsEncryption" .) (not .Values.provisioning.auth.tls.passwordsSecret) }} +{{- if or .Values.provisioning.auth.tls.keyPasswordSecretKey .Values.provisioning.auth.tls.keystorePasswordSecretKey .Values.provisioning.auth.tls.truststorePasswordSecretKey }} kafka: auth.tls.keyPasswordSecretKey,auth.tls.keystorePasswordSecretKey,auth.tls.truststorePasswordSecretKey auth.tls.keyPasswordSecretKey,auth.tls.keystorePasswordSecretKey,auth.tls.truststorePasswordSecretKey must not be used without passwordsSecret setted. @@ -552,4 +552,4 @@ kafka: Kraft mode .Values.kraft.controllerQuorumVoters must not be empty if .Values.kraft.enabled set to true and .Values.kraft.processRoles does not contain "controller". If you deploy brokers without controllers you have to define external controllers with .Values.kraft.controllerQuorumVoters {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/charts/bitnami/kafka/templates/networkpolicy-ingress.yaml b/charts/bitnami/kafka/templates/networkpolicy-ingress.yaml index 258dcabb6..fa3824095 100644 --- a/charts/bitnami/kafka/templates/networkpolicy-ingress.yaml +++ b/charts/bitnami/kafka/templates/networkpolicy-ingress.yaml @@ -41,7 +41,7 @@ spec: {{- if .Values.externalAccess.enabled }} - ports: - port: {{ .Values.containerPorts.external }} - {{- if .Values.externalAccess.from }} + {{- if .Values.networkPolicy.externalAccess.from }} from: {{- include "common.tplvalues.render" ( dict "value" .Values.networkPolicy.externalAccess.from "context" $ ) | nindent 8 }} {{- end }} {{- end }} diff --git a/charts/bitnami/kafka/templates/scripts-configmap.yaml b/charts/bitnami/kafka/templates/scripts-configmap.yaml index b5191ee1b..3f2604657 100644 --- a/charts/bitnami/kafka/templates/scripts-configmap.yaml +++ b/charts/bitnami/kafka/templates/scripts-configmap.yaml @@ -78,7 +78,7 @@ data: ID="${MY_POD_NAME#"{{ $fullname }}-"}" # If process.roles is not set at all, it is assumed to be in ZooKeeper mode. # https://kafka.apache.org/documentation/#kraft_role - + if [[ -f "{{ .Values.logsDirs | splitList "," | first }}/meta.properties" ]]; then if [[ $KAFKA_CFG_PROCESS_ROLES == "" ]]; then export KAFKA_CFG_BROKER_ID="$(grep "broker.id" "{{ .Values.logsDirs | splitList "," | first }}/meta.properties" | awk -F '=' '{print $2}')" @@ -97,8 +97,8 @@ data: node_id={{ .Values.minId }} pod_id=0 while : - do - VOTERS="${VOTERS}$node_id@{{ include "common.names.fullname" . }}-$pod_id.{{ include "common.names.fullname" . }}-headless.{{ $releaseNamespace }}.svc.{{ $clusterDomain }}:{{ .Values.containerPorts.controller }}" + do + VOTERS="${VOTERS}$node_id@{{ include "common.names.fullname" . }}-$pod_id.{{ include "common.names.fullname" . }}-headless.{{ $releaseNamespace }}.svc.{{ $clusterDomain }}:{{ .Values.service.ports.controller }}" node_id=$(( $node_id + 1 )) pod_id=$(( $pod_id + 1 )) if [[ $pod_id -ge {{ .Values.replicaCount }} ]]; then @@ -123,14 +123,14 @@ data: {{- end }} export EXTERNAL_ACCESS_PORT={{ .Values.externalAccess.service.ports.external }} {{- else if eq .Values.externalAccess.service.type "NodePort" }} - {{- if and .Values.externalAccess.service.usePodIPs .Values.externalAccess.autoDiscovery.enabled }} + {{- if .Values.externalAccess.service.domain }} + export EXTERNAL_ACCESS_HOST={{ .Values.externalAccess.service.domain }} + {{- else if and .Values.externalAccess.service.usePodIPs .Values.externalAccess.autoDiscovery.enabled }} export EXTERNAL_ACCESS_HOST="${MY_POD_IP}" {{- else if or .Values.externalAccess.service.useHostIPs .Values.externalAccess.autoDiscovery.enabled }} export EXTERNAL_ACCESS_HOST="${HOST_IP}" {{- else if and .Values.externalAccess.service.externalIPs (not .Values.externalAccess.autoDiscovery.enabled) }} export EXTERNAL_ACCESS_HOST=$(echo '{{ .Values.externalAccess.service.externalIPs }}' | tr -d '[]' | cut -d ' ' -f "$(($ID + 1))") - {{- else if .Values.externalAccess.service.domain }} - export EXTERNAL_ACCESS_HOST={{ .Values.externalAccess.service.domain }} {{- else }} export EXTERNAL_ACCESS_HOST=$(curl -s https://ipinfo.io/ip) {{- end }} diff --git a/charts/bitnami/kafka/templates/statefulset.yaml b/charts/bitnami/kafka/templates/statefulset.yaml index 5fbc17187..12f9a6e16 100644 --- a/charts/bitnami/kafka/templates/statefulset.yaml +++ b/charts/bitnami/kafka/templates/statefulset.yaml @@ -185,21 +185,19 @@ spec: - name: KAFKA_INTER_BROKER_LISTENER_NAME value: {{ .Values.interBrokerListenerName | quote }} - name: KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP + {{- $securityProtocolMap := list }} {{- if .Values.listenerSecurityProtocolMap }} - value: {{ .Values.listenerSecurityProtocolMap | quote }} - {{- else if .Values.externalAccess.enabled }} - {{- if .Values.kraft.enabled }} - value: "INTERNAL:{{ $interBrokerProtocol }},CLIENT:{{ $clientProtocol }},CONTROLLER:{{ $controllerProtocol }},EXTERNAL:{{ $externalClientProtocol }}" - {{- else }} - value: "INTERNAL:{{ $interBrokerProtocol }},CLIENT:{{ $clientProtocol }},EXTERNAL:{{ $externalClientProtocol }}" - {{- end}} + {{- $securityProtocolMap = append $securityProtocolMap .Values.listenerSecurityProtocolMap }} {{- else }} - {{- if .Values.kraft.enabled }} - value: "INTERNAL:{{ $interBrokerProtocol }},CLIENT:{{ $clientProtocol }},CONTROLLER:{{ $controllerProtocol }}" - {{- else }} - value: "INTERNAL:{{ $interBrokerProtocol }},CLIENT:{{ $clientProtocol }}" - {{- end }} + {{- $securityProtocolMap = append $securityProtocolMap (printf "INTERNAL:%s,CLIENT:%s" $interBrokerProtocol $clientProtocol) }} + {{- if .Values.kraft.enabled }} + {{- $securityProtocolMap = append $securityProtocolMap (printf "CONTROLLER:%s" $controllerProtocol) }} + {{- end}} + {{- if .Values.externalAccess.enabled }} + {{- $securityProtocolMap = append $securityProtocolMap (printf "EXTERNAL:%s" $externalClientProtocol) }} {{- end }} + {{- end }} + value: {{ join "," $securityProtocolMap | quote }} {{- if or ($clientProtocol | regexFind "SASL") ($externalClientProtocol | regexFind "SASL") ($interBrokerProtocol | regexFind "SASL") .Values.auth.sasl.jaas.zookeeperUser }} - name: KAFKA_CFG_SASL_ENABLED_MECHANISMS value: {{ upper .Values.auth.sasl.mechanisms | quote }} @@ -207,21 +205,19 @@ spec: value: {{ upper .Values.auth.sasl.interBrokerMechanism | quote }} {{- end }} - name: KAFKA_CFG_LISTENERS + {{- $listeners := list }} {{- if .Values.listeners }} - value: {{ join "," .Values.listeners }} - {{- else if .Values.externalAccess.enabled }} - {{- if .Values.kraft.enabled }} - value: "INTERNAL://:{{ .Values.containerPorts.internal }},CLIENT://:{{ .Values.containerPorts.client }},CONTROLLER://:{{ .Values.containerPorts.controller }},EXTERNAL://:{{ .Values.containerPorts.external }}" - {{- else }} - value: "INTERNAL://:{{ .Values.containerPorts.internal }},CLIENT://:{{ .Values.containerPorts.client }},EXTERNAL://:{{ .Values.containerPorts.external }}" - {{- end }} + {{- $listeners = .Values.listeners }} {{- else }} - {{- if .Values.kraft.enabled }} - value: "INTERNAL://:{{ .Values.containerPorts.internal }},CLIENT://:{{ .Values.containerPorts.client }},CONTROLLER://:{{ .Values.containerPorts.controller }}" - {{- else }} - value: "INTERNAL://:{{ .Values.containerPorts.internal }},CLIENT://:{{ .Values.containerPorts.client }}" - {{- end }} + {{- $listeners = append $listeners (printf "INTERNAL://:%d,CLIENT://:%d" (int .Values.containerPorts.internal) (int .Values.containerPorts.client)) }} + {{- if .Values.kraft.enabled }} + {{- $listeners = append $listeners (printf "CONTROLLER://:%d" (int .Values.containerPorts.controller)) }} + {{- end}} + {{- if .Values.externalAccess.enabled }} + {{- $listeners = append $listeners (printf "EXTERNAL://:%d" (int .Values.containerPorts.external)) }} {{- end }} + {{- end }} + value: {{ join "," $listeners | quote }} {{- if .Values.externalAccess.enabled }} {{- if .Values.externalAccess.autoDiscovery.enabled }} - name: SHARED_FILE @@ -371,15 +367,15 @@ spec: value: {{ .Values.allowEveryoneIfNoAclFound | quote }} - name: KAFKA_CFG_SUPER_USERS value: {{ .Values.superUsers | quote }} + - name: KAFKA_ENABLE_KRAFT + value: {{ ternary "true" "false" .Values.kraft.enabled | quote }} {{- if .Values.kraft.enabled }} - name: KAFKA_KRAFT_CLUSTER_ID - value: {{ .Values.kraft.clusterId | quote }} + value: {{ .Values.kraft.clusterId | quote }} - name: KAFKA_CFG_PROCESS_ROLES - value: {{ .Values.kraft.processRoles | quote }} + value: {{ .Values.kraft.processRoles | quote }} - name: KAFKA_CFG_CONTROLLER_LISTENER_NAMES - value: {{ .Values.kraft.controllerListenerNames | quote }} - - name: KAFKA_ENABLE_KRAFT - value: "true" + value: {{ .Values.kraft.controllerListenerNames | quote }} {{- if .Values.kraft.controllerQuorumVoters }} - name: KAFKA_CFG_CONTROLLER_QUORUM_VOTERS value: {{ .Values.kraft.controllerQuorumVoters}} diff --git a/charts/bitnami/kafka/templates/svc-headless.yaml b/charts/bitnami/kafka/templates/svc-headless.yaml index 8611308da..e2f0eeb5f 100644 --- a/charts/bitnami/kafka/templates/svc-headless.yaml +++ b/charts/bitnami/kafka/templates/svc-headless.yaml @@ -36,7 +36,7 @@ spec: {{- if and .Values.kraft.enabled (contains "controller" .Values.kraft.processRoles) }} - name: tcp-controller protocol: TCP - port: {{ .Values.containerPorts.controller }} + port: {{ .Values.service.ports.controller }} targetPort: kafka-ctlr {{- end }} selector: {{- include "common.labels.matchLabels" . | nindent 4 }} diff --git a/charts/bitnami/redis/Chart.yaml b/charts/bitnami/redis/Chart.yaml index 60851e431..ee46c1cf0 100644 --- a/charts/bitnami/redis/Chart.yaml +++ b/charts/bitnami/redis/Chart.yaml @@ -16,16 +16,16 @@ dependencies: description: Redis(R) is an open source, advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. -home: https://github.com/bitnami/charts/tree/main/bitnami/redis +home: https://bitnami.com icon: https://redis.com/wp-content/uploads/2021/08/redis-logo.png keywords: - redis - keyvalue - database maintainers: -- name: Bitnami +- name: VMware, Inc. url: https://github.com/bitnami/charts name: redis sources: -- https://github.com/bitnami/containers/tree/main/bitnami/redis -version: 17.10.3 +- https://github.com/bitnami/charts/tree/main/bitnami/redis +version: 17.11.2 diff --git a/charts/bitnami/redis/README.md b/charts/bitnami/redis/README.md index 8e91ebdeb..4e8044819 100644 --- a/charts/bitnami/redis/README.md +++ b/charts/bitnami/redis/README.md @@ -8,6 +8,8 @@ Redis(R) is an open source, advanced key-value store. It is often referred to as Disclaimer: Redis is a registered trademark of Redis Ltd. Any rights therein are reserved to Redis Ltd. Any use by Bitnami is for referential purposes only and does not indicate any sponsorship, endorsement, or affiliation between Redis Ltd. +Looking to use Redis® in production? Try [VMware Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog. + ## TL;DR ```console @@ -495,6 +497,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.service.loadBalancerIP` | Redis® exporter service Load Balancer IP | `""` | | `metrics.service.loadBalancerSourceRanges` | Redis® exporter service Load Balancer sources | `[]` | | `metrics.service.annotations` | Additional custom annotations for Redis® exporter service | `{}` | +| `metrics.service.clusterIP` | Redis® exporter service Cluster IP | `""` | | `metrics.serviceMonitor.enabled` | Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator | `false` | | `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | | `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | diff --git a/charts/bitnami/redis/templates/master/application.yaml b/charts/bitnami/redis/templates/master/application.yaml index 184916c71..bf38acf03 100644 --- a/charts/bitnami/redis/templates/master/application.yaml +++ b/charts/bitnami/redis/templates/master/application.yaml @@ -500,7 +500,7 @@ spec: labels: {{- include "common.labels.matchLabels" . | nindent 10 }} app.kubernetes.io/component: master {{- if .Values.master.persistence.labels }} - {{- toYaml .Values.master.persistence.labels | nindent 4 }} + {{- toYaml .Values.master.persistence.labels | nindent 10 }} {{- end }} {{- if .Values.master.persistence.annotations }} annotations: {{- toYaml .Values.master.persistence.annotations | nindent 10 }} diff --git a/charts/bitnami/redis/templates/metrics-svc.yaml b/charts/bitnami/redis/templates/metrics-svc.yaml index 13c552f38..3eeafc756 100644 --- a/charts/bitnami/redis/templates/metrics-svc.yaml +++ b/charts/bitnami/redis/templates/metrics-svc.yaml @@ -20,6 +20,9 @@ metadata: {{- end }} spec: type: {{ .Values.metrics.service.type }} + {{- if and .Values.metrics.service.clusterIP (eq .Values.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.metrics.service.clusterIP }} + {{- end }} {{- if eq .Values.metrics.service.type "LoadBalancer" }} externalTrafficPolicy: {{ .Values.metrics.service.externalTrafficPolicy }} {{- end }} diff --git a/charts/bitnami/redis/templates/replicas/statefulset.yaml b/charts/bitnami/redis/templates/replicas/statefulset.yaml index 8a856abf1..0bfe0b5b9 100644 --- a/charts/bitnami/redis/templates/replicas/statefulset.yaml +++ b/charts/bitnami/redis/templates/replicas/statefulset.yaml @@ -497,7 +497,7 @@ spec: labels: {{- include "common.labels.matchLabels" . | nindent 10 }} app.kubernetes.io/component: replica {{- if .Values.replica.persistence.labels }} - {{- toYaml .Values.replica.persistence.labels | nindent 4 }} + {{- toYaml .Values.replica.persistence.labels | nindent 10 }} {{- end }} {{- if .Values.replica.persistence.annotations }} annotations: {{- toYaml .Values.replica.persistence.annotations | nindent 10 }} diff --git a/charts/bitnami/redis/templates/scripts-configmap.yaml b/charts/bitnami/redis/templates/scripts-configmap.yaml index b15c44af7..7c2b334be 100644 --- a/charts/bitnami/redis/templates/scripts-configmap.yaml +++ b/charts/bitnami/redis/templates/scripts-configmap.yaml @@ -77,7 +77,7 @@ data: REDIS_SERVICE="{{ template "common.names.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}" fi - SENTINEL_SERVICE_PORT=$(get_port "{{ include "common.names.fullname" . }}" "TCP_SENTINEL") + SENTINEL_SERVICE_PORT=$(get_port "{{ include "common.names.fullname" . }}" "SENTINEL") validate_quorum() { if is_boolean_yes "$REDIS_TLS_ENABLED"; then quorum_info_command="{{- if and .Values.auth.enabled .Values.auth.sentinel }}REDISCLI_AUTH="\$REDIS_PASSWORD" {{ end }}redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT --tls --cert ${REDIS_TLS_CERT_FILE} --key ${REDIS_TLS_KEY_FILE} --cacert ${REDIS_TLS_CA_FILE} sentinel master {{ .Values.sentinel.masterSet }}" @@ -302,7 +302,7 @@ data: SERVPORT=$(get_port "$HOSTNAME" "SENTINEL") REDISPORT=$(get_port "$HOSTNAME" "REDIS") - SENTINEL_SERVICE_PORT=$(get_port "{{ include "common.names.fullname" . }}" "TCP_SENTINEL") + SENTINEL_SERVICE_PORT=$(get_port "{{ include "common.names.fullname" . }}" "SENTINEL") sentinel_conf_set() { local -r key="${1:?missing key}" @@ -449,8 +449,6 @@ data: . /opt/bitnami/scripts/libos.sh HEADLESS_SERVICE="{{ template "common.names.fullname" . }}-headless.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}" - SENTINEL_SERVICE_ENV_NAME={{ printf "%s%s" (upper (include "common.names.fullname" .)| replace "-" "_") "_SERVICE_PORT_TCP_SENTINEL" }} - SENTINEL_SERVICE_PORT=${!SENTINEL_SERVICE_ENV_NAME} get_full_hostname() { hostname="$1" @@ -481,9 +479,9 @@ data: run_sentinel_command() { if is_boolean_yes "$REDIS_SENTINEL_TLS_ENABLED"; then - redis-cli -h "$REDIS_SERVICE" -p "$SENTINEL_SERVICE_PORT" --tls --cert "$REDIS_SENTINEL_TLS_CERT_FILE" --key "$REDIS_SENTINEL_TLS_KEY_FILE" --cacert "$REDIS_SENTINEL_TLS_CA_FILE" sentinel "$@" + redis-cli -h "$REDIS_SERVICE" -p "$REDIS_SENTINEL_PORT" --tls --cert "$REDIS_SENTINEL_TLS_CERT_FILE" --key "$REDIS_SENTINEL_TLS_KEY_FILE" --cacert "$REDIS_SENTINEL_TLS_CA_FILE" sentinel "$@" else - redis-cli -h "$REDIS_SERVICE" -p "$SENTINEL_SERVICE_PORT" sentinel "$@" + redis-cli -h "$REDIS_SERVICE" -p "$REDIS_SENTINEL_PORT" sentinel "$@" fi } sentinel_failover_finished() { @@ -531,8 +529,6 @@ data: } HEADLESS_SERVICE="{{ template "common.names.fullname" . }}-headless.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}" - SENTINEL_SERVICE_ENV_NAME={{ printf "%s%s" (upper (include "common.names.fullname" .)| replace "-" "_") "_SERVICE_PORT_TCP_SENTINEL" }} - SENTINEL_SERVICE_PORT=${!SENTINEL_SERVICE_ENV_NAME} get_full_hostname() { hostname="$1" @@ -563,9 +559,9 @@ data: run_sentinel_command() { if is_boolean_yes "$REDIS_SENTINEL_TLS_ENABLED"; then - {{ .Values.auth.sentinel | ternary "" "env -u REDISCLI_AUTH " -}} redis-cli -h "$REDIS_SERVICE" -p "$SENTINEL_SERVICE_PORT" --tls --cert "$REDIS_SENTINEL_TLS_CERT_FILE" --key "$REDIS_SENTINEL_TLS_KEY_FILE" --cacert "$REDIS_SENTINEL_TLS_CA_FILE" sentinel "$@" + {{ .Values.auth.sentinel | ternary "" "env -u REDISCLI_AUTH " -}} redis-cli -h "$REDIS_SERVICE" -p "$REDIS_SENTINEL_PORT" --tls --cert "$REDIS_SENTINEL_TLS_CERT_FILE" --key "$REDIS_SENTINEL_TLS_KEY_FILE" --cacert "$REDIS_SENTINEL_TLS_CA_FILE" sentinel "$@" else - {{ .Values.auth.sentinel | ternary "" "env -u REDISCLI_AUTH " -}} redis-cli -h "$REDIS_SERVICE" -p "$SENTINEL_SERVICE_PORT" sentinel "$@" + {{ .Values.auth.sentinel | ternary "" "env -u REDISCLI_AUTH " -}} redis-cli -h "$REDIS_SERVICE" -p "$REDIS_SENTINEL_PORT" sentinel "$@" fi } sentinel_failover_finished() { diff --git a/charts/bitnami/redis/values.yaml b/charts/bitnami/redis/values.yaml index 3ed37e66b..da8cc25e2 100644 --- a/charts/bitnami/redis/values.yaml +++ b/charts/bitnami/redis/values.yaml @@ -1589,6 +1589,9 @@ metrics: ## @param metrics.service.annotations Additional custom annotations for Redis® exporter service ## annotations: {} + ## @param metrics.service.clusterIP Redis® exporter service Cluster IP + ## + clusterIP: "" ## Prometheus Service Monitor ## ref: https://github.com/coreos/prometheus-operator ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint diff --git a/charts/bitnami/spark/Chart.yaml b/charts/bitnami/spark/Chart.yaml index 7e4517fdc..c800a1a74 100644 --- a/charts/bitnami/spark/Chart.yaml +++ b/charts/bitnami/spark/Chart.yaml @@ -27,4 +27,4 @@ maintainers: name: spark sources: - https://github.com/bitnami/charts/tree/main/bitnami/spark -version: 6.6.1 +version: 6.6.2 diff --git a/charts/bitnami/spark/README.md b/charts/bitnami/spark/README.md index 3024e39de..cbbef6fe2 100644 --- a/charts/bitnami/spark/README.md +++ b/charts/bitnami/spark/README.md @@ -84,7 +84,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------- | ----------------------------------------------------------------------------------------------------- | --------------------- | | `image.registry` | Spark image registry | `docker.io` | | `image.repository` | Spark image repository | `bitnami/spark` | -| `image.tag` | Spark image tag (immutable tags are recommended) | `3.3.2-debian-11-r27` | +| `image.tag` | Spark image tag (immutable tags are recommended) | `3.3.2-debian-11-r28` | | `image.digest` | Spark image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | Spark image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | diff --git a/charts/bitnami/spark/values.yaml b/charts/bitnami/spark/values.yaml index 4c2b45350..5bcd07585 100644 --- a/charts/bitnami/spark/values.yaml +++ b/charts/bitnami/spark/values.yaml @@ -92,7 +92,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/spark - tag: 3.3.2-debian-11-r27 + tag: 3.3.2-debian-11-r28 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/charts/bitnami/wordpress/Chart.lock b/charts/bitnami/wordpress/Chart.lock index e47617ebe..dd2e3f6ad 100644 --- a/charts/bitnami/wordpress/Chart.lock +++ b/charts/bitnami/wordpress/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: memcached repository: oci://registry-1.docker.io/bitnamicharts - version: 6.4.2 + version: 6.5.1 - name: mariadb repository: oci://registry-1.docker.io/bitnamicharts - version: 12.2.2 + version: 12.2.3 - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.2.5 -digest: sha256:033438c997c901df94e343f56eab63fe55c9c2c71e0c04d9a95e2d27d60eb417 -generated: "2023-05-11T19:30:55.4078027Z" + version: 2.3.0 +digest: sha256:220319398a85a996e25863bac89c26538955c239c8c848a9ccb7ec618b205de7 +generated: "2023-05-17T07:52:56.060555972Z" diff --git a/charts/bitnami/wordpress/Chart.yaml b/charts/bitnami/wordpress/Chart.yaml index 7db32fbc2..03e044e36 100644 --- a/charts/bitnami/wordpress/Chart.yaml +++ b/charts/bitnami/wordpress/Chart.yaml @@ -6,7 +6,7 @@ annotations: category: CMS licenses: Apache-2.0 apiVersion: v2 -appVersion: 6.2.0 +appVersion: 6.2.1 dependencies: - condition: memcached.enabled name: memcached @@ -40,4 +40,4 @@ maintainers: name: wordpress sources: - https://github.com/bitnami/charts/tree/main/bitnami/wordpress -version: 16.1.2 +version: 16.1.5 diff --git a/charts/bitnami/wordpress/README.md b/charts/bitnami/wordpress/README.md index 2da3ad742..f09c8e5a4 100644 --- a/charts/bitnami/wordpress/README.md +++ b/charts/bitnami/wordpress/README.md @@ -76,15 +76,15 @@ The command removes all the Kubernetes components associated with the chart and ### WordPress Image parameters -| Name | Description | Value | -| ------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | WordPress image registry | `docker.io` | -| `image.repository` | WordPress image repository | `bitnami/wordpress` | -| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.2.0-debian-11-r22` | -| `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` | -| `image.pullSecrets` | WordPress image pull secrets | `[]` | -| `image.debug` | Specify if debug values should be set | `false` | +| Name | Description | Value | +| ------------------- | --------------------------------------------------------------------------------------------------------- | -------------------- | +| `image.registry` | WordPress image registry | `docker.io` | +| `image.repository` | WordPress image repository | `bitnami/wordpress` | +| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.2.1-debian-11-r1` | +| `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` | +| `image.pullSecrets` | WordPress image pull secrets | `[]` | +| `image.debug` | Specify if debug values should be set | `false` | ### WordPress Configuration parameters @@ -172,6 +172,7 @@ The command removes all the Kubernetes components associated with the chart and | `containerSecurityContext.runAsUser` | Set WordPress container's Security Context runAsUser | `1001` | | `containerSecurityContext.runAsNonRoot` | Set WordPress container's Security Context runAsNonRoot | `true` | | `containerSecurityContext.allowPrivilegeEscalation` | Set WordPress container's privilege escalation | `false` | +| `containerSecurityContext.readOnlyRootFilesystem` | Set WordPress container's Security Context readOnlyRootFilesystem | `false` | | `containerSecurityContext.capabilities.drop` | Set WordPress container's Security Context runAsNonRoot | `["ALL"]` | | `livenessProbe.enabled` | Enable livenessProbe on WordPress containers | `true` | | `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | @@ -246,7 +247,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | | `volumePermissions.image.registry` | Bitnami Shell image registry | `docker.io` | | `volumePermissions.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r115` | +| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r117` | | `volumePermissions.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` | @@ -278,7 +279,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` | | `metrics.image.registry` | Apache exporter image registry | `docker.io` | | `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `0.13.3-debian-11-r5` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `0.13.3-debian-11-r7` | | `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Apache exporter image pull secrets | `[]` | diff --git a/charts/bitnami/wordpress/charts/common/Chart.yaml b/charts/bitnami/wordpress/charts/common/Chart.yaml index 8f0fff689..220717ee1 100644 --- a/charts/bitnami/wordpress/charts/common/Chart.yaml +++ b/charts/bitnami/wordpress/charts/common/Chart.yaml @@ -2,10 +2,10 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 2.2.5 +appVersion: 2.3.0 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. -home: https://github.com/bitnami/charts/tree/main/bitnami/common +home: https://bitnami.com icon: https://bitnami.com/downloads/logos/bitnami-mark.png keywords: - common @@ -14,11 +14,10 @@ keywords: - function - bitnami maintainers: -- name: Bitnami +- name: VMware, Inc. url: https://github.com/bitnami/charts name: common sources: - https://github.com/bitnami/charts -- https://www.bitnami.com/ type: library -version: 2.2.5 +version: 2.3.0 diff --git a/charts/bitnami/wordpress/charts/common/README.md b/charts/bitnami/wordpress/charts/common/README.md index 6381c3b72..72fca33da 100644 --- a/charts/bitnami/wordpress/charts/common/README.md +++ b/charts/bitnami/wordpress/charts/common/README.md @@ -2,6 +2,8 @@ A [Helm Library Chart](https://helm.sh/docs/topics/library_charts/#helm) for grouping common logic between Bitnami charts. +Looking to use our applications in production? Try [VMware Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog. + ## TL;DR ```yaml diff --git a/charts/bitnami/wordpress/charts/common/templates/_images.tpl b/charts/bitnami/wordpress/charts/common/templates/_images.tpl index 2e7b15151..d60c22e25 100644 --- a/charts/bitnami/wordpress/charts/common/templates/_images.tpl +++ b/charts/bitnami/wordpress/charts/common/templates/_images.tpl @@ -45,7 +45,7 @@ Return the proper Docker Image Registry Secret Names (deprecated: use common.ima {{- if (not (empty $pullSecrets)) }} imagePullSecrets: - {{- range $pullSecrets }} + {{- range $pullSecrets | uniq }} - name: {{ . }} {{- end }} {{- end }} @@ -73,7 +73,7 @@ Return the proper Docker Image Registry Secret Names evaluating values as templa {{- if (not (empty $pullSecrets)) }} imagePullSecrets: - {{- range $pullSecrets }} + {{- range $pullSecrets | uniq }} - name: {{ . }} {{- end }} {{- end }} diff --git a/charts/bitnami/wordpress/charts/mariadb/Chart.yaml b/charts/bitnami/wordpress/charts/mariadb/Chart.yaml index 1dd6ab55c..4f319980f 100644 --- a/charts/bitnami/wordpress/charts/mariadb/Chart.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/Chart.yaml @@ -26,4 +26,4 @@ maintainers: name: mariadb sources: - https://github.com/bitnami/charts/tree/main/bitnami/mariadb -version: 12.2.2 +version: 12.2.3 diff --git a/charts/bitnami/wordpress/charts/mariadb/README.md b/charts/bitnami/wordpress/charts/mariadb/README.md index bca5c0fd9..576576a80 100644 --- a/charts/bitnami/wordpress/charts/mariadb/README.md +++ b/charts/bitnami/wordpress/charts/mariadb/README.md @@ -8,8 +8,6 @@ MariaDB is an open source, community-developed SQL database server that is widel Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement. -Looking to use MariaDB in production? Try [VMware Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog. - ## TL;DR ```console @@ -86,7 +84,7 @@ The command removes all the Kubernetes components associated with the chart and | -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | | `image.registry` | MariaDB image registry | `docker.io` | | `image.repository` | MariaDB image repository | `bitnami/mariadb` | -| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.11.3-debian-11-r0` | +| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.11.3-debian-11-r1` | | `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | diff --git a/charts/bitnami/wordpress/charts/mariadb/values.yaml b/charts/bitnami/wordpress/charts/mariadb/values.yaml index e432f1c11..d98fb62c2 100644 --- a/charts/bitnami/wordpress/charts/mariadb/values.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/values.yaml @@ -87,7 +87,7 @@ serviceBindings: image: registry: docker.io repository: bitnami/mariadb - tag: 10.11.3-debian-11-r0 + tag: 10.11.3-debian-11-r1 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/charts/bitnami/wordpress/charts/memcached/Chart.lock b/charts/bitnami/wordpress/charts/memcached/Chart.lock index 327ab1f48..b2d8bab03 100644 --- a/charts/bitnami/wordpress/charts/memcached/Chart.lock +++ b/charts/bitnami/wordpress/charts/memcached/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.2.5 -digest: sha256:318f438acfeaced11d9060877d615caf1985417d2865810defaa886d3496f8d3 -generated: "2023-05-08T19:59:40.217353224Z" + version: 2.3.0 +digest: sha256:11bbe86be64062d37b725f4dbc909aba3585b4976624ee9d27522366d3f956ea +generated: "2023-05-13T00:58:36.826773609Z" diff --git a/charts/bitnami/wordpress/charts/memcached/Chart.yaml b/charts/bitnami/wordpress/charts/memcached/Chart.yaml index a7748b3b1..a1f2d4870 100644 --- a/charts/bitnami/wordpress/charts/memcached/Chart.yaml +++ b/charts/bitnami/wordpress/charts/memcached/Chart.yaml @@ -2,7 +2,7 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 1.6.19 +appVersion: 1.6.20 dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts @@ -12,16 +12,15 @@ dependencies: description: Memcached is an high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. -home: https://github.com/bitnami/charts/tree/main/bitnami/memcached +home: https://bitnami.com icon: https://bitnami.com/assets/stacks/memcached/img/memcached-stack-220x234.png keywords: - memcached - cache maintainers: -- name: Bitnami +- name: VMware, Inc. url: https://github.com/bitnami/charts name: memcached sources: -- https://github.com/bitnami/containers/tree/main/bitnami/memcached -- http://memcached.org/ -version: 6.4.2 +- https://github.com/bitnami/charts/tree/main/bitnami/memcached +version: 6.5.1 diff --git a/charts/bitnami/wordpress/charts/memcached/README.md b/charts/bitnami/wordpress/charts/memcached/README.md index 295e0ac6d..5e85cfc55 100644 --- a/charts/bitnami/wordpress/charts/memcached/README.md +++ b/charts/bitnami/wordpress/charts/memcached/README.md @@ -74,25 +74,25 @@ The command removes all the Kubernetes components associated with the chart and ### Memcached parameters -| Name | Description | Value | -| ----------------------------- | --------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | Memcached image registry | `docker.io` | -| `image.repository` | Memcached image repository | `bitnami/memcached` | -| `image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.19-debian-11-r19` | -| `image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Memcached image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug values should be set | `false` | -| `architecture` | Memcached architecture. Allowed values: standalone or high-availability | `standalone` | -| `auth.enabled` | Enable Memcached authentication | `false` | -| `auth.username` | Memcached admin user | `""` | -| `auth.password` | Memcached admin password | `""` | -| `auth.existingPasswordSecret` | Existing secret with Memcached credentials (must contain a value for `memcached-password` key) | `""` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `extraEnvVars` | Array with extra environment variables to add to Memcached nodes | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Memcached nodes | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Memcached nodes | `""` | +| Name | Description | Value | +| ----------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | +| `image.registry` | Memcached image registry | `docker.io` | +| `image.repository` | Memcached image repository | `bitnami/memcached` | +| `image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.20-debian-11-r0` | +| `image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Memcached image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug values should be set | `false` | +| `architecture` | Memcached architecture. Allowed values: standalone or high-availability | `standalone` | +| `auth.enabled` | Enable Memcached authentication | `false` | +| `auth.username` | Memcached admin user | `""` | +| `auth.password` | Memcached admin password | `""` | +| `auth.existingPasswordSecret` | Existing secret with Memcached credentials (must contain a value for `memcached-password` key) | `""` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `extraEnvVars` | Array with extra environment variables to add to Memcached nodes | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Memcached nodes | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Memcached nodes | `""` | ### Deployment/Statefulset parameters @@ -205,7 +205,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | | `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | | `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r114` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r115` | | `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | @@ -215,7 +215,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a side-car prometheus exporter | `false` | | `metrics.image.registry` | Memcached exporter image registry | `docker.io` | | `metrics.image.repository` | Memcached exporter image repository | `bitnami/memcached-exporter` | -| `metrics.image.tag` | Memcached exporter image tag (immutable tags are recommended) | `0.11.3-debian-11-r8` | +| `metrics.image.tag` | Memcached exporter image tag (immutable tags are recommended) | `0.11.3-debian-11-r10` | | `metrics.image.digest` | Memcached exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | diff --git a/charts/bitnami/wordpress/charts/memcached/charts/common/Chart.yaml b/charts/bitnami/wordpress/charts/memcached/charts/common/Chart.yaml index 8f0fff689..220717ee1 100644 --- a/charts/bitnami/wordpress/charts/memcached/charts/common/Chart.yaml +++ b/charts/bitnami/wordpress/charts/memcached/charts/common/Chart.yaml @@ -2,10 +2,10 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 2.2.5 +appVersion: 2.3.0 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. -home: https://github.com/bitnami/charts/tree/main/bitnami/common +home: https://bitnami.com icon: https://bitnami.com/downloads/logos/bitnami-mark.png keywords: - common @@ -14,11 +14,10 @@ keywords: - function - bitnami maintainers: -- name: Bitnami +- name: VMware, Inc. url: https://github.com/bitnami/charts name: common sources: - https://github.com/bitnami/charts -- https://www.bitnami.com/ type: library -version: 2.2.5 +version: 2.3.0 diff --git a/charts/bitnami/wordpress/charts/memcached/charts/common/README.md b/charts/bitnami/wordpress/charts/memcached/charts/common/README.md index 6381c3b72..72fca33da 100644 --- a/charts/bitnami/wordpress/charts/memcached/charts/common/README.md +++ b/charts/bitnami/wordpress/charts/memcached/charts/common/README.md @@ -2,6 +2,8 @@ A [Helm Library Chart](https://helm.sh/docs/topics/library_charts/#helm) for grouping common logic between Bitnami charts. +Looking to use our applications in production? Try [VMware Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog. + ## TL;DR ```yaml diff --git a/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_images.tpl b/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_images.tpl index 2e7b15151..d60c22e25 100644 --- a/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_images.tpl +++ b/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_images.tpl @@ -45,7 +45,7 @@ Return the proper Docker Image Registry Secret Names (deprecated: use common.ima {{- if (not (empty $pullSecrets)) }} imagePullSecrets: - {{- range $pullSecrets }} + {{- range $pullSecrets | uniq }} - name: {{ . }} {{- end }} {{- end }} @@ -73,7 +73,7 @@ Return the proper Docker Image Registry Secret Names evaluating values as templa {{- if (not (empty $pullSecrets)) }} imagePullSecrets: - {{- range $pullSecrets }} + {{- range $pullSecrets | uniq }} - name: {{ . }} {{- end }} {{- end }} diff --git a/charts/bitnami/wordpress/charts/memcached/values.yaml b/charts/bitnami/wordpress/charts/memcached/values.yaml index ebe040d1b..1f6b9dc37 100644 --- a/charts/bitnami/wordpress/charts/memcached/values.yaml +++ b/charts/bitnami/wordpress/charts/memcached/values.yaml @@ -70,7 +70,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/memcached - tag: 1.6.19-debian-11-r19 + tag: 1.6.20-debian-11-r0 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -512,7 +512,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/bitnami-shell - tag: 11-debian-11-r114 + tag: 11-debian-11-r115 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -557,7 +557,7 @@ metrics: image: registry: docker.io repository: bitnami/memcached-exporter - tag: 0.11.3-debian-11-r8 + tag: 0.11.3-debian-11-r10 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/bitnami/wordpress/values.yaml b/charts/bitnami/wordpress/values.yaml index 590c41425..360c88402 100644 --- a/charts/bitnami/wordpress/values.yaml +++ b/charts/bitnami/wordpress/values.yaml @@ -73,7 +73,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/wordpress - tag: 6.2.0-debian-11-r22 + tag: 6.2.1-debian-11-r1 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -412,6 +412,7 @@ podSecurityContext: ## @param containerSecurityContext.runAsUser Set WordPress container's Security Context runAsUser ## @param containerSecurityContext.runAsNonRoot Set WordPress container's Security Context runAsNonRoot ## @param containerSecurityContext.allowPrivilegeEscalation Set WordPress container's privilege escalation +## @param containerSecurityContext.readOnlyRootFilesystem Set WordPress container's Security Context readOnlyRootFilesystem ## @param containerSecurityContext.capabilities.drop Set WordPress container's Security Context runAsNonRoot ## containerSecurityContext: @@ -419,6 +420,7 @@ containerSecurityContext: runAsUser: 1001 runAsNonRoot: true allowPrivilegeEscalation: false + readOnlyRootFilesystem: false capabilities: drop: ["ALL"] ## Configure extra options for WordPress containers' liveness, readiness and startup probes @@ -761,7 +763,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/bitnami-shell - tag: 11-debian-11-r115 + tag: 11-debian-11-r117 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -855,7 +857,7 @@ metrics: image: registry: docker.io repository: bitnami/apache-exporter - tag: 0.13.3-debian-11-r5 + tag: 0.13.3-debian-11-r7 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/btp/chronicle/Chart.yaml b/charts/btp/chronicle/Chart.yaml index d330a5064..0e3732f49 100644 --- a/charts/btp/chronicle/Chart.yaml +++ b/charts/btp/chronicle/Chart.yaml @@ -22,4 +22,4 @@ keywords: - blockchain name: chronicle type: application -version: 0.1.13 +version: 0.1.14 diff --git a/charts/btp/chronicle/templates/tests/api-test.yaml b/charts/btp/chronicle/templates/tests/api-test.yaml new file mode 100644 index 000000000..1e27ad2e5 --- /dev/null +++ b/charts/btp/chronicle/templates/tests/api-test.yaml @@ -0,0 +1,23 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.names.fullname" . }}-api-test + labels: {{ include "chronicle.labels" . | nindent 4 }} + component: api-test + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + spec: + containers: + - name: test + {{- include "lib.image" (dict "imageRoot" .Values.test.image "global" .Values.global ) | nindent 10 }} + command: {{ .Values.test.command }} + env: + - name: HOST + value: {{ include "chronicle.service.name" . }}-chronicle-api + - name: PORT + value: {{ .Values.port | quote }} + serviceAccountName: {{ include "lib.serviceAccountName" . }} + restartPolicy: Never diff --git a/charts/btp/chronicle/values.yaml b/charts/btp/chronicle/values.yaml index 9b15d1a7b..edb43612a 100644 --- a/charts/btp/chronicle/values.yaml +++ b/charts/btp/chronicle/values.yaml @@ -36,6 +36,18 @@ volumes: {} ## @md | `affinity`| custom affinity rules for the chronicle pod | {} | affinity: {} +test: + ## @md | `test.command` | the command to run in the api-test container | ["/usr/local/bin/subscribe-submit-compare"] | + command: ["/usr/local/bin/subscribe-submit-test"] + ## @md | `api-test-container.image` | the image to use for the api-test container | blockchaintp/chronicle-api-test | + image: + ## @md | `test.image.pullPolicy` | the image pull policy | IfNotPresent | + pullPolicy: IfNotPresent + ## @md | `test.image.repository` | the image repository | blockchaintp/chronicle-helm-api-test | + repository: blockchaintp/chronicle-helm-api-test + ## @md | `test.image.tag` | the image tag | latest | + tag: latest + ## @md | `extraVolumes` | a list of additional volumes to add to chronicle | [] | extraVolumes: [] ## @md | `extraVolumeMounts` | a list of additional volume mounts to add to chronicle | [] | diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml b/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml index fb2a513d9..347ddd33d 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml +++ b/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=v1.16.0-0' catalog.cattle.io/release-name: citrix-cpx-with-ingress-controller apiVersion: v2 -appVersion: 1.30.1 +appVersion: 1.32.7 description: A Helm chart for Citrix ADC CPX with Citrix ingress Controller running as sidecar. home: https://www.cloud.com @@ -18,4 +18,4 @@ maintainers: name: citrix-cpx-with-ingress-controller sources: - https://github.com/citrix/citrix-k8s-ingress-controller -version: 1.30.1 +version: 1.32.7 diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/README.md b/charts/citrix/citrix-cpx-with-ingress-controller/README.md index 99d689131..f363d2f19 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/README.md +++ b/charts/citrix/citrix-cpx-with-ingress-controller/README.md @@ -455,7 +455,7 @@ The following table lists the configurable parameters of the Citrix ADC CPX with | daemonSet | Optional | False | Set this to true if Citrix ADC CPX needs to be deployed as DaemonSet. | | cic.imageRegistry | Mandatory | `quay.io` | The Citrix ingress controller image registry | | cic.imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The Citrix ingress controller image repository | -| cic.imageTag | Mandatory | `1.30.1` | The Citrix ingress controller image tag | +| cic.imageTag | Mandatory | `1.32.7` | The Citrix ingress controller image tag | | cic.pullPolicy | Mandatory | IfNotPresent | The Citrix ingress controller image pull policy. | | cic.required | Mandatory | true | CIC to be run as sidecar with Citrix ADC CPX | | cic.resources | Optional | {} | CPU/Memory resource requests/limits for Citrix Ingress Controller container | diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/templates/cic_crds.yaml b/charts/citrix/citrix-cpx-with-ingress-controller/templates/cic_crds.yaml index b1c287d23..04ab36605 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/templates/cic_crds.yaml +++ b/charts/citrix/citrix-cpx-with-ingress-controller/templates/cic_crds.yaml @@ -1996,8 +1996,14 @@ spec: type: string enum: ['ON', 'OFF'] device_fingerprint: + type: string + enum: ['ON', 'OFF'] + device_fingerprint_action: type: object x-kubernetes-preserve-unknown-fields: true + headless_browser: + type: string + enum: ['ON','OFF'] reputation: type: string enum: ['ON', 'OFF'] @@ -2025,6 +2031,12 @@ spec: ip: type: object x-kubernetes-preserve-unknown-fields: true + ipv6: + type: object + x-kubernetes-preserve-unknown-fields: true + ipv6_subnet: + type: object + x-kubernetes-preserve-unknown-fields: true expression: type: object x-kubernetes-preserve-unknown-fields: true @@ -2040,6 +2052,12 @@ spec: ip: type: object x-kubernetes-preserve-unknown-fields: true + ipv6: + type: object + x-kubernetes-preserve-unknown-fields: true + ipv6_subnet: + type: object + x-kubernetes-preserve-unknown-fields: true expression: type: object x-kubernetes-preserve-unknown-fields: true @@ -2057,6 +2075,9 @@ spec: cookie: type: object x-kubernetes-preserve-unknown-fields: true + geolocation: + type: object + x-kubernetes-preserve-unknown-fields: true reputation: type: object x-kubernetes-preserve-unknown-fields: true @@ -2066,6 +2087,18 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true properties: + logexp: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + properties: + kbmexpr: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + properties: tps: type: object properties: @@ -2078,6 +2111,9 @@ spec: ip: type: object x-kubernetes-preserve-unknown-fields: true + url: + type: object + x-kubernetes-preserve-unknown-fields: true trapinsertion: type: object x-kubernetes-preserve-unknown-fields: true diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml b/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml index 0adcb9205..da75965bf 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml +++ b/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml @@ -82,7 +82,7 @@ servicePorts: [] cic: imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller - imageTag: 1.30.1 + imageTag: 1.32.7 image: "{{ .Values.cic.imageRegistry }}/{{ .Values.cic.imageRepository }}:{{ .Values.cic.imageTag }}" pullPolicy: IfNotPresent required: true diff --git a/charts/citrix/citrix-ingress-controller/Chart.yaml b/charts/citrix/citrix-ingress-controller/Chart.yaml index 9f70d06cc..44dd51a17 100644 --- a/charts/citrix/citrix-ingress-controller/Chart.yaml +++ b/charts/citrix/citrix-ingress-controller/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=v1.16.0-0' catalog.cattle.io/release-name: citrix-ingress-controller apiVersion: v2 -appVersion: 1.30.1 +appVersion: 1.32.7 description: A Helm chart for Citrix Ingress Controller configuring MPX/VPX. home: https://www.cloud.com icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png @@ -17,4 +17,4 @@ maintainers: name: citrix-ingress-controller sources: - https://github.com/citrix/citrix-k8s-ingress-controller -version: 1.30.1 +version: 1.32.7 diff --git a/charts/citrix/citrix-ingress-controller/README.md b/charts/citrix/citrix-ingress-controller/README.md index f4751b7ac..5f6711c37 100644 --- a/charts/citrix/citrix-ingress-controller/README.md +++ b/charts/citrix/citrix-ingress-controller/README.md @@ -316,7 +316,7 @@ The following table lists the mandatory and optional parameters that you can con | license.accept | Mandatory | no | Set `yes` to accept the CIC end user license agreement. | | imageRegistry | Mandatory | `quay.io` | The Citrix ingress controller image registry | | imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The Citrix ingress controller image repository | -| imageTag | Mandatory | `1.30.1` | The Citrix ingress controller image tag | +| imageTag | Mandatory | `1.32.7` | The Citrix ingress controller image tag | | pullPolicy | Mandatory | IfNotPresent | The CIC image pull policy. | | imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). | | nameOverride | Optional | N/A | String to partially override deployment fullname template with a string (will prepend the release name) | diff --git a/charts/citrix/citrix-ingress-controller/templates/cic_crds.yaml b/charts/citrix/citrix-ingress-controller/templates/cic_crds.yaml index b1c287d23..04ab36605 100644 --- a/charts/citrix/citrix-ingress-controller/templates/cic_crds.yaml +++ b/charts/citrix/citrix-ingress-controller/templates/cic_crds.yaml @@ -1996,8 +1996,14 @@ spec: type: string enum: ['ON', 'OFF'] device_fingerprint: + type: string + enum: ['ON', 'OFF'] + device_fingerprint_action: type: object x-kubernetes-preserve-unknown-fields: true + headless_browser: + type: string + enum: ['ON','OFF'] reputation: type: string enum: ['ON', 'OFF'] @@ -2025,6 +2031,12 @@ spec: ip: type: object x-kubernetes-preserve-unknown-fields: true + ipv6: + type: object + x-kubernetes-preserve-unknown-fields: true + ipv6_subnet: + type: object + x-kubernetes-preserve-unknown-fields: true expression: type: object x-kubernetes-preserve-unknown-fields: true @@ -2040,6 +2052,12 @@ spec: ip: type: object x-kubernetes-preserve-unknown-fields: true + ipv6: + type: object + x-kubernetes-preserve-unknown-fields: true + ipv6_subnet: + type: object + x-kubernetes-preserve-unknown-fields: true expression: type: object x-kubernetes-preserve-unknown-fields: true @@ -2057,6 +2075,9 @@ spec: cookie: type: object x-kubernetes-preserve-unknown-fields: true + geolocation: + type: object + x-kubernetes-preserve-unknown-fields: true reputation: type: object x-kubernetes-preserve-unknown-fields: true @@ -2066,6 +2087,18 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true properties: + logexp: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + properties: + kbmexpr: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + properties: tps: type: object properties: @@ -2078,6 +2111,9 @@ spec: ip: type: object x-kubernetes-preserve-unknown-fields: true + url: + type: object + x-kubernetes-preserve-unknown-fields: true trapinsertion: type: object x-kubernetes-preserve-unknown-fields: true diff --git a/charts/citrix/citrix-ingress-controller/values.yaml b/charts/citrix/citrix-ingress-controller/values.yaml index 7c1531e05..5c5ef0340 100644 --- a/charts/citrix/citrix-ingress-controller/values.yaml +++ b/charts/citrix/citrix-ingress-controller/values.yaml @@ -5,7 +5,7 @@ # Citrix Ingress Controller config details imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller -imageTag: 1.30.1 +imageTag: 1.32.7 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] diff --git a/charts/codefresh/cf-runtime/Chart.yaml b/charts/codefresh/cf-runtime/Chart.yaml index cc812aa34..53c020ebd 100644 --- a/charts/codefresh/cf-runtime/Chart.yaml +++ b/charts/codefresh/cf-runtime/Chart.yaml @@ -15,4 +15,4 @@ maintainers: - name: codefresh url: https://codefresh-io.github.io/ name: cf-runtime -version: 1.0.5 +version: 1.0.6 diff --git a/charts/codefresh/cf-runtime/README.md b/charts/codefresh/cf-runtime/README.md index 99b2cdfb8..ee827e8bc 100644 --- a/charts/codefresh/cf-runtime/README.md +++ b/charts/codefresh/cf-runtime/README.md @@ -1,6 +1,6 @@ ## Codefresh Runner -![Version: 1.0.5](https://img.shields.io/badge/Version-1.0.5-informational?style=flat-square) +![Version: 1.0.6](https://img.shields.io/badge/Version-1.0.6-informational?style=flat-square) ## Prerequisites @@ -92,7 +92,7 @@ Kubernetes: `>=1.19.0-0` | re.dindDaemon.tlsverify | bool | `true` | | | re.serviceAccount | object | `{"annotations":{}}` | Set annotation on engine Service Account Ref: https://codefresh.io/docs/docs/administration/codefresh-runner/#injecting-aws-arn-roles-into-the-cluster | | runner.env | object | `{}` | Add additional env vars | -| runner.image | string | `"codefresh/venona:1.9.14"` | Set runner image | +| runner.image | string | `"codefresh/venona:1.9.15"` | Set runner image | | runner.nodeSelector | object | `{}` | Set runner node selector | | runner.resources | object | `{}` | Set runner requests and limits | | runner.tolerations | list | `[]` | Set runner tolerations | diff --git a/charts/codefresh/cf-runtime/values.yaml b/charts/codefresh/cf-runtime/values.yaml index f4490b6f3..dff6b73ca 100644 --- a/charts/codefresh/cf-runtime/values.yaml +++ b/charts/codefresh/cf-runtime/values.yaml @@ -27,7 +27,7 @@ dockerRegistry: "quay.io" # @default -- See below runner: # -- Set runner image - image: "codefresh/venona:1.9.14" + image: "codefresh/venona:1.9.15" # -- Add additional env vars env: {} # E.g. diff --git a/charts/datadog/datadog/CHANGELOG.md b/charts/datadog/datadog/CHANGELOG.md index 301ddea61..2f466a85b 100644 --- a/charts/datadog/datadog/CHANGELOG.md +++ b/charts/datadog/datadog/CHANGELOG.md @@ -1,5 +1,9 @@ # Datadog changelog +## 3.29.2 + +* Default `Agent` and `Cluster-Agent` to `7.44.1` version. + ## 3.29.1 * Add `customresourcedefinitions` option to enable CRD metrics collection in KSM Core. diff --git a/charts/datadog/datadog/Chart.yaml b/charts/datadog/datadog/Chart.yaml index 6188ead16..2a85bcaf8 100644 --- a/charts/datadog/datadog/Chart.yaml +++ b/charts/datadog/datadog/Chart.yaml @@ -19,4 +19,4 @@ name: datadog sources: - https://app.datadoghq.com/account/settings#agent/kubernetes - https://github.com/DataDog/datadog-agent -version: 3.29.1 +version: 3.29.2 diff --git a/charts/datadog/datadog/README.md b/charts/datadog/datadog/README.md index 26356c278..213d815d9 100644 --- a/charts/datadog/datadog/README.md +++ b/charts/datadog/datadog/README.md @@ -1,6 +1,6 @@ # Datadog -![Version: 3.29.1](https://img.shields.io/badge/Version-3.29.1-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) +![Version: 3.29.2](https://img.shields.io/badge/Version-3.29.2-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/). @@ -449,7 +449,7 @@ helm install \ | agents.image.pullPolicy | string | `"IfNotPresent"` | Datadog Agent image pull policy | | agents.image.pullSecrets | list | `[]` | Datadog Agent repository pullSecret (ex: specify docker registry credentials) | | agents.image.repository | string | `nil` | Override default registry + image.name for Agent | -| agents.image.tag | string | `"7.44.0"` | Define the Agent version to use | +| agents.image.tag | string | `"7.44.1"` | Define the Agent version to use | | agents.image.tagSuffix | string | `""` | Suffix to append to Agent tag | | agents.localService.forceLocalServiceEnabled | bool | `false` | Force the creation of the internal traffic policy service to target the agent running on the local node. By default, the internal traffic service is created only on Kubernetes 1.22+ where the feature became beta and enabled by default. This option allows to force the creation of the internal traffic service on kubernetes 1.21 where the feature was alpha and required a feature gate to be explicitly enabled. | | agents.localService.overrideName | string | `""` | Name of the internal traffic service to target the agent running on the local node | @@ -511,7 +511,7 @@ helm install \ | clusterAgent.image.pullPolicy | string | `"IfNotPresent"` | Cluster Agent image pullPolicy | | clusterAgent.image.pullSecrets | list | `[]` | Cluster Agent repository pullSecret (ex: specify docker registry credentials) | | clusterAgent.image.repository | string | `nil` | Override default registry + image.name for Cluster Agent | -| clusterAgent.image.tag | string | `"7.44.0"` | Cluster Agent image tag to use | +| clusterAgent.image.tag | string | `"7.44.1"` | Cluster Agent image tag to use | | clusterAgent.livenessProbe | object | Every 15s / 6 KO / 1 OK | Override default Cluster Agent liveness probe settings | | clusterAgent.metricsProvider.aggregator | string | `"avg"` | Define the aggregator the cluster agent will use to process the metrics. The options are (avg, min, max, sum) | | clusterAgent.metricsProvider.createReaderRbac | bool | `true` | Create `external-metrics-reader` RBAC automatically (to allow HPA to read data from Cluster Agent) | @@ -561,7 +561,7 @@ helm install \ | clusterChecksRunner.image.pullPolicy | string | `"IfNotPresent"` | Datadog Agent image pull policy | | clusterChecksRunner.image.pullSecrets | list | `[]` | Datadog Agent repository pullSecret (ex: specify docker registry credentials) | | clusterChecksRunner.image.repository | string | `nil` | Override default registry + image.name for Cluster Check Runners | -| clusterChecksRunner.image.tag | string | `"7.44.0"` | Define the Agent version to use | +| clusterChecksRunner.image.tag | string | `"7.44.1"` | Define the Agent version to use | | clusterChecksRunner.image.tagSuffix | string | `""` | Suffix to append to Agent tag | | clusterChecksRunner.livenessProbe | object | Every 15s / 6 KO / 1 OK | Override default agent liveness probe settings | | clusterChecksRunner.networkPolicy.create | bool | `false` | If true, create a NetworkPolicy for the cluster checks runners. DEPRECATED. Use datadog.networkPolicy.create instead | diff --git a/charts/datadog/datadog/values.yaml b/charts/datadog/datadog/values.yaml index bf25db255..2e1f82ad8 100644 --- a/charts/datadog/datadog/values.yaml +++ b/charts/datadog/datadog/values.yaml @@ -811,7 +811,7 @@ clusterAgent: name: cluster-agent # clusterAgent.image.tag -- Cluster Agent image tag to use - tag: 7.44.0 + tag: 7.44.1 # clusterAgent.image.digest -- Cluster Agent image digest to use, takes precedence over tag if specified digest: "" @@ -1205,7 +1205,7 @@ agents: name: agent # agents.image.tag -- Define the Agent version to use - tag: 7.44.0 + tag: 7.44.1 # agents.image.digest -- Define Agent image digest to use, takes precedence over tag if specified digest: "" @@ -1671,7 +1671,7 @@ clusterChecksRunner: name: agent # clusterChecksRunner.image.tag -- Define the Agent version to use - tag: 7.44.0 + tag: 7.44.1 # clusterChecksRunner.image.digest -- Define Agent image digest to use, takes precedence over tag if specified digest: "" diff --git a/charts/gitlab/gitlab/CHANGELOG.md b/charts/gitlab/gitlab/CHANGELOG.md index c4fa87fc1..842d607c3 100644 --- a/charts/gitlab/gitlab/CHANGELOG.md +++ b/charts/gitlab/gitlab/CHANGELOG.md @@ -2,6 +2,16 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 6.11.4 (2023-05-16) + +### Added (1 change) + +- [Add SMTP read and write timeout values](gitlab-org/charts/gitlab@e340af25bb5f51ab21ca76fefb3c70c063baadf1) ([merge request](gitlab-org/charts/gitlab!3160)) + +### Fixed (1 change) + +- [Validate that SMTP settings do not enable both TLS and STARTTLS](gitlab-org/charts/gitlab@24172826e46afc3a585df642123ba946bce2d9e3) ([merge request](gitlab-org/charts/gitlab!3163)) + ## 6.11.3 (2023-05-10) No changes. diff --git a/charts/gitlab/gitlab/Chart.yaml b/charts/gitlab/gitlab/Chart.yaml index 68f7a69f6..b7b77a20c 100644 --- a/charts/gitlab/gitlab/Chart.yaml +++ b/charts/gitlab/gitlab/Chart.yaml @@ -3,7 +3,7 @@ annotations: catalog.cattle.io/display-name: GitLab catalog.cattle.io/release-name: gitlab apiVersion: v1 -appVersion: 15.11.3 +appVersion: v15.11.4 description: The One DevOps Platform home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png @@ -15,4 +15,4 @@ maintainers: name: gitlab sources: - https://gitlab.com/gitlab-org/charts/gitlab -version: 6.11.3 +version: 6.11.4 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml index 0db08874d..0c00cac6e 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.3 +appVersion: v15.11.4 description: GitLab Geo logcursor home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -12,4 +12,4 @@ name: geo-logcursor sources: - https://gitlab.com/charts/gitlab/tree/master/charts/gitlab/charts/geo-logcursor - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails -version: 6.11.3 +version: 6.11.4 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml index edbd1f4ba..c3e9a23dd 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.3 +appVersion: 15.11.4 description: Git RPC service for handling all the git calls made by GitLab home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: gitaly sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitaly - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly -version: 6.11.3 +version: 6.11.4 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml index 63f79e2b6..5c20d98ed 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml @@ -14,4 +14,4 @@ sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-exporter - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-exporter - https://gitlab.com/gitlab-org/gitlab-exporter -version: 6.11.3 +version: 6.11.4 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml index 2818e6591..48ac5aeb3 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.3 +appVersion: v15.11.4 description: Adapt the Grafana chart to interface to the GitLab App home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: gitlab-grafana sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-grafana - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-grafana -version: 6.11.3 +version: 6.11.4 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml index fe9b16f9d..a622a5a13 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.3 +appVersion: 15.11.4 description: Daemon for serving static websites from GitLab projects home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -14,4 +14,4 @@ sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-pages - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-pages - https://gitlab.com/gitlab-org/gitlab-pages -version: 6.11.3 +version: 6.11.4 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml index 2aab5f898..10d4fceb0 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml @@ -14,4 +14,4 @@ name: gitlab-shell sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-shell - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-shell -version: 6.11.3 +version: 6.11.4 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml index 7f46aead9..b7921d1a4 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml @@ -17,4 +17,4 @@ name: kas sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-kas - https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent -version: 6.11.3 +version: 6.11.4 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml index 4456ea7e9..3b7effff2 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 0.0.19 +appVersion: v15.11.4 description: Handling incoming emails home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: mailroom sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/mailroom - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-mailroom -version: 6.11.3 +version: 6.11.4 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml index 8c3d9dbdd..f56c5e4ed 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.3 +appVersion: v15.11.4 description: Database migrations and other versioning tasks for upgrading Gitlab home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -12,4 +12,4 @@ name: migrations sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/migrations - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails -version: 6.11.3 +version: 6.11.4 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml index 19259774a..da4509568 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.3 +appVersion: 15.11.4 description: Praefect is a router and transaction manager for Gitaly, and a required component for running a Gitaly Cluster. home: https://about.gitlab.com/ @@ -16,4 +16,4 @@ sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/praefect - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly - https://gitlab.com/gitlab-org/gitaly/-/tree/master/cmd/praefect -version: 6.11.3 +version: 6.11.4 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml index e4ad6aadf..d51ab78ee 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.3 +appVersion: v15.11.4 description: Gitlab Sidekiq for asynchronous task processing in rails home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: sidekiq sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/sidekiq - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-sidekiq -version: 6.11.3 +version: 6.11.4 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml index 160d51cf0..a30a8124a 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml @@ -14,4 +14,4 @@ name: spamcheck sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/spamcheck - https://gitlab.com/gitlab-org/spamcheck -version: 6.11.3 +version: 6.11.4 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml index bc0842d12..22a96f300 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.3 +appVersion: v15.11.4 description: For manually running rake tasks through kubectl home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: toolbox sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/toolbox - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-toolbox -version: 6.11.3 +version: 6.11.4 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml index d27dfa8b5..08a34fcd9 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.3 +appVersion: v15.11.4 description: HTTP server for Gitlab home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -14,4 +14,4 @@ name: webservice sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/webservice - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-webservice -version: 6.11.3 +version: 6.11.4 diff --git a/charts/gitlab/gitlab/charts/gitlab/templates/_smtp.tpl b/charts/gitlab/gitlab/charts/gitlab/templates/_smtp.tpl index 25fe09407..b6c91888e 100644 --- a/charts/gitlab/gitlab/charts/gitlab/templates/_smtp.tpl +++ b/charts/gitlab/gitlab/charts/gitlab/templates/_smtp.tpl @@ -26,7 +26,13 @@ smtp_settings = { tls: {{ .Values.global.smtp.tls }}, {{- end }} {{- if .Values.global.smtp.openssl_verify_mode }} - openssl_verify_mode: {{ .Values.global.smtp.openssl_verify_mode | quote }} + openssl_verify_mode: {{ .Values.global.smtp.openssl_verify_mode | quote }}, + {{- end }} + {{- if .Values.global.smtp.open_timeout }} + open_timeout: {{ .Values.global.smtp.open_timeout | int }}, + {{- end }} + {{- if .Values.global.smtp.read_timeout }} + read_timeout: {{ .Values.global.smtp.read_timeout | int }} {{- end }} } diff --git a/charts/gitlab/gitlab/requirements.lock b/charts/gitlab/gitlab/requirements.lock index 14d20c5a8..d65923f20 100644 --- a/charts/gitlab/gitlab/requirements.lock +++ b/charts/gitlab/gitlab/requirements.lock @@ -36,4 +36,4 @@ dependencies: repository: https://charts.gitlab.io/ version: 0.3.0 digest: sha256:67477d660a351df330393ce9ed84458eafbc419de2c454339ed7539bde9c45ca -generated: "2023-05-10T20:18:20.96296619Z" +generated: "2023-05-17T06:40:49.376876693Z" diff --git a/charts/gitlab/gitlab/templates/_checkConfig.tpl b/charts/gitlab/gitlab/templates/_checkConfig.tpl index f27c7dd42..7de7ec0b4 100644 --- a/charts/gitlab/gitlab/templates/_checkConfig.tpl +++ b/charts/gitlab/gitlab/templates/_checkConfig.tpl @@ -106,6 +106,7 @@ Due to gotpl scoping, we can't make use of `range`, so we have to add action lin {{- $messages = append $messages (include "gitlab.checkConfig.sentry" .) -}} {{- $messages = append $messages (include "gitlab.checkConfig.gitlab_docs" .) -}} {{- $messages = append $messages (include "gitlab.checkConfig.smtp.openssl_verify_mode" .) -}} +{{- $messages = append $messages (include "gitlab.checkConfig.smtp.tls_kind" .) -}} {{- $messages = append $messages (include "gitlab.checkConfig.globalServiceAccount" .) -}} {{- $messages = append $messages (include "gitlab.duoAuth.checkConfig" .) -}} @@ -205,6 +206,18 @@ smtp: {{- end -}} {{/* END gitlab.checkConfig.smtp.openssl_verify_mode */}} +{{/* +Ensure that either `global.smtp.tls` or `global.smtp.enable_starttls_auto` is set to true, but not both. +*/}} +{{- define "gitlab.checkConfig.smtp.tls_kind" -}} +{{- if and .Values.global.smtp.tls .Values.global.smtp.enable_starttls_auto -}} +smtp: + global.smtp.tls and global.smtp.enable_starttls_auto are mutually exclusive. + Set one of them to false. SMTP providers usually use port 465 for TLS and port 587 for STARTTLS. +{{- end }} +{{- end }} +{{/* END gitlab.checkConfig.smtp.tls_kind */}} + {{/* Ensure that global service account settings are correct. */}} diff --git a/charts/gitlab/gitlab/values.yaml b/charts/gitlab/gitlab/values.yaml index 6650122c7..fada73ac1 100644 --- a/charts/gitlab/gitlab/values.yaml +++ b/charts/gitlab/gitlab/values.yaml @@ -40,7 +40,7 @@ global: edition: ee ## https://docs.gitlab.com/charts/charts/globals#gitlab-version - gitlabVersion: "15.11.3" + gitlabVersion: "15.11.4" ## https://docs.gitlab.com/charts/charts/globals#application-resource application: @@ -672,6 +672,8 @@ global: authentication: "plain" starttls_auto: false openssl_verify_mode: "peer" + open_timeout: 30 + read_timeout: 60 pool: false ## https://docs.gitlab.com/charts/charts/globals#outgoing-email diff --git a/charts/harbor/harbor/Chart.yaml b/charts/harbor/harbor/Chart.yaml index 0a3b228c7..12e364c84 100644 --- a/charts/harbor/harbor/Chart.yaml +++ b/charts/harbor/harbor/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.20-0' catalog.cattle.io/release-name: harbor apiVersion: v1 -appVersion: 2.8.0 +appVersion: 2.8.1 description: An open source trusted cloud native registry that stores, signs, and scans content home: https://goharbor.io @@ -24,4 +24,4 @@ name: harbor sources: - https://github.com/goharbor/harbor - https://github.com/goharbor/harbor-helm -version: 1.12.0 +version: 1.12.1 diff --git a/charts/harbor/harbor/values.yaml b/charts/harbor/harbor/values.yaml index 9400e1d99..125b921ef 100644 --- a/charts/harbor/harbor/values.yaml +++ b/charts/harbor/harbor/values.yaml @@ -400,7 +400,7 @@ enableMigrateHelmHook: false nginx: image: repository: goharbor/nginx-photon - tag: v2.8.0 + tag: v2.8.1 # set the service account to be used, default if left empty serviceAccountName: "" # mount the service account token @@ -422,7 +422,7 @@ nginx: portal: image: repository: goharbor/harbor-portal - tag: v2.8.0 + tag: v2.8.1 # set the service account to be used, default if left empty serviceAccountName: "" # mount the service account token @@ -444,7 +444,7 @@ portal: core: image: repository: goharbor/harbor-core - tag: v2.8.0 + tag: v2.8.1 # set the service account to be used, default if left empty serviceAccountName: "" # mount the service account token @@ -497,7 +497,7 @@ core: jobservice: image: repository: goharbor/harbor-jobservice - tag: v2.8.0 + tag: v2.8.1 replicas: 1 revisionHistoryLimit: 10 # set the service account to be used, default if left empty @@ -545,7 +545,7 @@ registry: registry: image: repository: goharbor/registry-photon - tag: v2.8.0 + tag: v2.8.1 # resources: # requests: # memory: 256Mi @@ -553,7 +553,7 @@ registry: controller: image: repository: goharbor/harbor-registryctl - tag: v2.8.0 + tag: v2.8.1 # resources: # requests: @@ -610,7 +610,7 @@ trivy: # repository the repository for Trivy adapter image repository: goharbor/trivy-adapter-photon # tag the tag for Trivy adapter image - tag: v2.8.0 + tag: v2.8.1 # set the service account to be used, default if left empty serviceAccountName: "" # mount the service account token @@ -685,7 +685,7 @@ notary: automountServiceAccountToken: false image: repository: goharbor/notary-server-photon - tag: v2.8.0 + tag: v2.8.1 replicas: 1 # resources: # requests: @@ -707,7 +707,7 @@ notary: automountServiceAccountToken: false image: repository: goharbor/notary-signer-photon - tag: v2.8.0 + tag: v2.8.1 replicas: 1 # resources: # requests: @@ -739,7 +739,7 @@ database: automountServiceAccountToken: false image: repository: goharbor/harbor-db - tag: v2.8.0 + tag: v2.8.1 # The initial superuser password for internal database password: "changeit" # The size limit for Shared memory, pgSQL use it for shared_buffer @@ -811,7 +811,7 @@ redis: automountServiceAccountToken: false image: repository: goharbor/redis-photon - tag: v2.8.0 + tag: v2.8.1 # resources: # requests: # memory: 256Mi @@ -855,7 +855,7 @@ exporter: automountServiceAccountToken: false image: repository: goharbor/harbor-exporter - tag: v2.8.0 + tag: v2.8.1 nodeSelector: {} tolerations: [] affinity: {} diff --git a/charts/kong/kong/CHANGELOG.md b/charts/kong/kong/CHANGELOG.md index 52a27a32d..84c1385a9 100644 --- a/charts/kong/kong/CHANGELOG.md +++ b/charts/kong/kong/CHANGELOG.md @@ -1,5 +1,17 @@ # Changelog +## 2.21.0 + +### Improvements + +* Added support for `startupProbe` on Kong pods. This can be configured via + `.Values.startupProbe`. To maintain backward compatibility, it is disabled by default. + [#792](https://github.com/Kong/charts/pull/792) +* Customize Admission Webhook namespaceSelectors and compose them from values. + [#794](https://github.com/Kong/charts/pull/794) +* Added `CustomResourceDefinition` `list` and `watch` permissions to controller's ClusterRole. + [#796](https://github.com/Kong/charts/pull/796) + ## 2.20.2 ### Fixed diff --git a/charts/kong/kong/Chart.yaml b/charts/kong/kong/Chart.yaml index 1366517b1..3508fe117 100644 --- a/charts/kong/kong/Chart.yaml +++ b/charts/kong/kong/Chart.yaml @@ -20,4 +20,4 @@ maintainers: name: kong sources: - https://github.com/Kong/charts/tree/main/charts/kong -version: 2.20.2 +version: 2.21.0 diff --git a/charts/kong/kong/README.md b/charts/kong/kong/README.md index 61380b1ee..bc60c4bf8 100644 --- a/charts/kong/kong/README.md +++ b/charts/kong/kong/README.md @@ -736,6 +736,7 @@ section of `values.yaml` file: | admissionWebhook.certificate.provided | Use a provided certificate. When set to false, the chart will automatically generate a certificate. | false | | admissionWebhook.certificate.secretName | Name of the TLS secret for the provided webhook certificate | | | admissionWebhook.certificate.caBundle | PEM encoded CA bundle which will be used to validate the provided webhook certificate | | +| admissionWebhook.namespaceSelector | Add namespaceSelector to the webhook. Please go to [Kubernetes doc for the specs](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#matching-requests-namespaceselector) | | | userDefinedVolumes | Create volumes. Please go to Kubernetes doc for the spec of the volumes | | | userDefinedVolumeMounts | Create volumeMounts. Please go to Kubernetes doc for the spec of the volumeMounts | | | terminationGracePeriodSeconds | Sets the [termination grace period](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#hook-handler-execution) for Deployment pod | 30 | @@ -840,6 +841,7 @@ On the Gateway release side, set either `admin.tls.client.secretName` to the nam | updateStrategy | update strategy for deployment | `{}` | | readinessProbe | Kong readiness probe | | | livenessProbe | Kong liveness probe | | +| startupProbe | Kong startup probe | | | lifecycle | Proxy container lifecycle hooks | see `values.yaml` | | terminationGracePeriodSeconds | Sets the [termination grace period](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#hook-handler-execution) for Deployment pods | 30 | | affinity | Node/pod affinities | | diff --git a/charts/kong/kong/templates/_helpers.tpl b/charts/kong/kong/templates/_helpers.tpl index b4b2f1d90..9d97bf5f6 100644 --- a/charts/kong/kong/templates/_helpers.tpl +++ b/charts/kong/kong/templates/_helpers.tpl @@ -1488,6 +1488,15 @@ Kubernetes Cluster-scoped resources it uses to build Kong configuration. - get - patch - update +{{- if (semverCompare ">= 2.10.0" (include "kong.effectiveVersion" .Values.ingressController.image)) }} +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - list + - watch +{{- end }} {{- if or (.Capabilities.APIVersions.Has "gateway.networking.k8s.io/v1alpha2") (.Capabilities.APIVersions.Has "gateway.networking.k8s.io/v1beta1") }} - apiGroups: - gateway.networking.k8s.io diff --git a/charts/kong/kong/templates/admission-webhook.yaml b/charts/kong/kong/templates/admission-webhook.yaml index 11cbc8593..f887ccf77 100644 --- a/charts/kong/kong/templates/admission-webhook.yaml +++ b/charts/kong/kong/templates/admission-webhook.yaml @@ -42,6 +42,10 @@ metadata: {{- end }} webhooks: - name: validations.kong.konghq.com + {{- with .Values.ingressController.admissionWebhook.namespaceSelector }} + namespaceSelector: + {{- toYaml . | nindent 4 }} + {{- end }} objectSelector: matchExpressions: - key: owner diff --git a/charts/kong/kong/templates/deployment.yaml b/charts/kong/kong/templates/deployment.yaml index a4bb4c0b7..81174655c 100644 --- a/charts/kong/kong/templates/deployment.yaml +++ b/charts/kong/kong/templates/deployment.yaml @@ -273,6 +273,10 @@ spec: {{ toYaml .Values.readinessProbe | indent 10 }} livenessProbe: {{ toYaml .Values.livenessProbe | indent 10 }} + {{- if .Values.startupProbe }} + startupProbe: +{{ toYaml .Values.startupProbe | indent 10 }} + {{- end }} resources: {{ toYaml .Values.resources | indent 10 }} {{- end }} {{/* End of Kong container spec */}} diff --git a/charts/kong/kong/values.yaml b/charts/kong/kong/values.yaml index 4cc0adca3..4db4b720e 100644 --- a/charts/kong/kong/values.yaml +++ b/charts/kong/kong/values.yaml @@ -533,6 +533,7 @@ ingressController: port: 8080 certificate: provided: false + namespaceSelector: {} # Specifiy the secretName when the certificate is provided via a TLS secret # secretName: "" # Specifiy the CA bundle of the provided certificate. @@ -789,6 +790,18 @@ livenessProbe: successThreshold: 1 failureThreshold: 3 +# startupProbe for Kong pods +# startupProbe: +# httpGet: +# path: "/status" +# port: status +# scheme: HTTP +# initialDelaySeconds: 5 +# timeoutSeconds: 5 +# periodSeconds: 2 +# successThreshold: 1 +# failureThreshold: 40 + # Proxy container lifecycle hooks # Ref: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ lifecycle: diff --git a/charts/new-relic/nri-bundle/Chart.lock b/charts/new-relic/nri-bundle/Chart.lock index b4e326b7b..01b8e5d04 100644 --- a/charts/new-relic/nri-bundle/Chart.lock +++ b/charts/new-relic/nri-bundle/Chart.lock @@ -1,19 +1,19 @@ dependencies: - name: newrelic-infrastructure repository: https://newrelic.github.io/nri-kubernetes - version: 3.16.0 + version: 3.17.0 - name: nri-prometheus repository: https://newrelic.github.io/nri-prometheus version: 2.1.16 - name: newrelic-prometheus-agent repository: https://newrelic.github.io/newrelic-prometheus-configurator - version: 1.1.1 + version: 1.2.0 - name: nri-metadata-injection repository: https://newrelic.github.io/k8s-metadata-injection version: 4.3.0 - name: newrelic-k8s-metrics-adapter repository: https://newrelic.github.io/newrelic-k8s-metrics-adapter - version: 1.1.2 + version: 1.2.0 - name: kube-state-metrics repository: https://prometheus-community.github.io/helm-charts version: 4.23.0 @@ -22,15 +22,15 @@ dependencies: version: 3.0.0 - name: newrelic-logging repository: https://newrelic.github.io/helm-charts - version: 1.13.1 + version: 1.14.1 - name: newrelic-pixie repository: https://newrelic.github.io/helm-charts - version: 2.0.6 + version: 2.1.0 - name: pixie-operator-chart repository: https://pixie-operator-charts.storage.googleapis.com version: 0.1.0 - name: newrelic-infra-operator repository: https://newrelic.github.io/newrelic-infra-operator version: 2.2.0 -digest: sha256:839b5c3346fa4bbf8c8b5b18ecb00cb5f28dc2b6dc060c506492dfe1d7e29765 -generated: "2023-05-15T22:42:10.808588714Z" +digest: sha256:0a1f51c3e283d5a873e74ef4994b8569b6b85a9d46adc7514447d4ce2399146d +generated: "2023-05-16T17:44:36.052686458Z" diff --git a/charts/new-relic/nri-bundle/Chart.yaml b/charts/new-relic/nri-bundle/Chart.yaml index c713cc0e6..17f76d7bf 100644 --- a/charts/new-relic/nri-bundle/Chart.yaml +++ b/charts/new-relic/nri-bundle/Chart.yaml @@ -7,7 +7,7 @@ dependencies: - condition: infrastructure.enabled,newrelic-infrastructure.enabled name: newrelic-infrastructure repository: file://./charts/newrelic-infrastructure - version: 3.16.0 + version: 3.17.0 - condition: prometheus.enabled,nri-prometheus.enabled name: nri-prometheus repository: file://./charts/nri-prometheus @@ -15,7 +15,7 @@ dependencies: - condition: newrelic-prometheus-agent.enabled name: newrelic-prometheus-agent repository: file://./charts/newrelic-prometheus-agent - version: 1.1.1 + version: 1.2.0 - condition: webhook.enabled,nri-metadata-injection.enabled name: nri-metadata-injection repository: file://./charts/nri-metadata-injection @@ -23,7 +23,7 @@ dependencies: - condition: metrics-adapter.enabled,newrelic-k8s-metrics-adapter.enabled name: newrelic-k8s-metrics-adapter repository: file://./charts/newrelic-k8s-metrics-adapter - version: 1.1.2 + version: 1.2.0 - condition: ksm.enabled,kube-state-metrics.enabled name: kube-state-metrics repository: file://./charts/kube-state-metrics @@ -35,11 +35,11 @@ dependencies: - condition: logging.enabled,newrelic-logging.enabled name: newrelic-logging repository: file://./charts/newrelic-logging - version: 1.13.1 + version: 1.14.1 - condition: newrelic-pixie.enabled name: newrelic-pixie repository: file://./charts/newrelic-pixie - version: 2.0.6 + version: 2.1.0 - alias: pixie-chart condition: pixie-chart.enabled name: pixie-operator-chart @@ -89,4 +89,4 @@ sources: - https://github.com/newrelic/helm-charts/tree/master/charts/newrelic-logging - https://github.com/newrelic/helm-charts/tree/master/charts/newrelic-pixie - https://github.com/newrelic/newrelic-infra-operator/tree/master/charts/newrelic-infra-operator -version: 5.0.13 +version: 5.0.15 diff --git a/charts/new-relic/nri-bundle/README.md b/charts/new-relic/nri-bundle/README.md index 4482f7da4..01e3f00a4 100644 --- a/charts/new-relic/nri-bundle/README.md +++ b/charts/new-relic/nri-bundle/README.md @@ -145,6 +145,8 @@ Options that can be defined globally include `affinity`, `nodeSelector`, `tolera At the time of writing this document, all the charts from `nri-bundle` except `newrelic-logging` and `synthetics-minion` implements this library and honors global options as described below. +Note, the value table below is automatically generated from `values.yaml` by `helm-docs`. If you need to add new fields or update existing fields, please update the `values.yaml` and then run `helm-docs` to update this value table. + ## Values | Key | Type | Default | Description | @@ -177,7 +179,7 @@ honors global options as described below. | global.serviceAccount.name | string | `nil` | Change the name of the service account. This is honored if you disable on this chart the creation of the service account so you can use your own | | global.tolerations | list | `[]` | Sets pod's tolerations to node taints | | global.verboseLog | bool | false | Sets the debug logs to this integration or all integrations if it is set globally | -| kube-state-metrics.enabled | bool | `false` | Install the [`kube-state-metrics` chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics) from the stable helm charts repository. This is mandatory if `infrastructure.enabled` is set to `true` and the user does not provide its own instance of KSM version >=1.8 and <=2.0 | +| kube-state-metrics.enabled | bool | `false` | Install the [`kube-state-metrics` chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics) from the stable helm charts repository. This is mandatory if `infrastructure.enabled` is set to `true` and the user does not provide its own instance of KSM version >=1.8 and <=2.0. Note, kube-state-metrics v2+ disables labels/annotations metrics by default. You can enable the target labels/annotations metrics to be monitored by using the metricLabelsAllowlist/metricAnnotationsAllowList options described [here](https://github.com/prometheus-community/helm-charts/blob/159cd8e4fb89b8b107dcc100287504bb91bf30e0/charts/kube-state-metrics/values.yaml#L274) in your Kubernetes clusters. | | newrelic-infra-operator.enabled | bool | `false` | Install the [`newrelic-infra-operator` chart](https://github.com/newrelic/newrelic-infra-operator/tree/main/charts/newrelic-infra-operator) (Beta) | | newrelic-infrastructure.enabled | bool | `true` | Install the [`newrelic-infrastructure` chart](https://github.com/newrelic/nri-kubernetes/tree/main/charts/newrelic-infrastructure) | | newrelic-k8s-metrics-adapter.enabled | bool | `false` | Install the [`newrelic-k8s-metrics-adapter.` chart](https://github.com/newrelic/newrelic-k8s-metrics-adapter/tree/main/charts/newrelic-k8s-metrics-adapter) (Beta) | diff --git a/charts/new-relic/nri-bundle/README.md.gotmpl b/charts/new-relic/nri-bundle/README.md.gotmpl index 228c1848c..046148d6e 100644 --- a/charts/new-relic/nri-bundle/README.md.gotmpl +++ b/charts/new-relic/nri-bundle/README.md.gotmpl @@ -147,6 +147,8 @@ Options that can be defined globally include `affinity`, `nodeSelector`, `tolera At the time of writing this document, all the charts from `nri-bundle` except `newrelic-logging` and `synthetics-minion` implements this library and honors global options as described below. +Note, the value table below is automatically generated from `values.yaml` by `helm-docs`. If you need to add new fields or update existing fields, please update the `values.yaml` and then run `helm-docs` to update this value table. + {{ template "chart.valuesSection" . }} {{ if .Maintainers }} diff --git a/charts/new-relic/nri-bundle/charts/newrelic-infrastructure/Chart.yaml b/charts/new-relic/nri-bundle/charts/newrelic-infrastructure/Chart.yaml index 344beb12e..a58545954 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-infrastructure/Chart.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-infrastructure/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 3.11.0 +appVersion: 3.12.0 dependencies: - name: common-library repository: https://helm-charts.newrelic.com @@ -35,4 +35,4 @@ sources: - https://github.com/newrelic/nri-kubernetes/ - https://github.com/newrelic/nri-kubernetes/tree/main/charts/newrelic-infrastructure - https://github.com/newrelic/infrastructure-agent/ -version: 3.16.0 +version: 3.17.0 diff --git a/charts/new-relic/nri-bundle/charts/newrelic-infrastructure/values.yaml b/charts/new-relic/nri-bundle/charts/newrelic-infrastructure/values.yaml index 0bee842d4..f62105f99 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-infrastructure/values.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-infrastructure/values.yaml @@ -23,7 +23,7 @@ images: forwarder: registry: "" repository: newrelic/k8s-events-forwarder - tag: 1.40.1 + tag: 1.41.0 pullPolicy: IfNotPresent # -- Image for the New Relic Infrastructure Agent plus integrations. # @default -- See `values.yaml` diff --git a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/Chart.yaml b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/Chart.yaml index 926ec15a0..60bb88b41 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/Chart.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 0.3.0 +appVersion: 0.4.2 dependencies: - name: common-library repository: https://helm-charts.newrelic.com @@ -34,4 +34,4 @@ name: newrelic-k8s-metrics-adapter sources: - https://github.com/newrelic/newrelic-k8s-metrics-adapter - https://github.com/newrelic/newrelic-k8s-metrics-adapter/tree/main/charts/newrelic-k8s-metrics-adapter -version: 1.1.2 +version: 1.2.0 diff --git a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/ci/test-values.yaml b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/ci/test-values.yaml index aa2c48c09..60f9f3f09 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/ci/test-values.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/ci/test-values.yaml @@ -8,42 +8,6 @@ config: accountID: 111 region: EU -extraEnv: - - name: ENV_VAR1 - value: "var1" - - name: ENV_VAR2 - value: "var2" -extraVolumes: - - name: tmpfs-data - emptyDir: {} -extraVolumeMounts: - - mountPath: /var/db/newrelic-infra/data - name: tmpfs-data -hostNetwork: true -tolerations: - - key: "key1" - operator: "Exists" - effect: "NoSchedule" -nodeSelector: - kubernetes.io/os: linux -affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: kubernetes.io/os - operator: In - values: - - linux - -apiServicePatchJob: - volumes: - - name: tmpfs-data - emptyDir: {} - volumeMounts: - - mountPath: /var/db/newrelic-infra/data - name: tmpfs-data - image: repository: e2e/newrelic-metrics-adapter tag: "test" # Defaults to AppVersion diff --git a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/apiservice_test.yaml b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/apiservice_test.yaml index 1055748d9..086160edc 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/apiservice_test.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/apiservice_test.yaml @@ -7,12 +7,16 @@ release: tests: - it: Annotations are correctly defined set: + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 11111111 certManager: enabled: true asserts: - matchRegex: - path: metadata.annotations.certmanager\.k8s\.io/inject-ca-from + path: metadata.annotations["certmanager.k8s.io/inject-ca-from"] pattern: ^my-namespace\/.*-root-cert - matchRegex: - path: metadata.annotations.cert-manager\.io/inject-ca-from + path: metadata.annotations["cert-manager.io/inject-ca-from"] pattern: ^my-namespace\/.*-root-cert diff --git a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/common_extra_naming_test.yaml b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/common_extra_naming_test.yaml index 4e2ce8e29..82098ba1c 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/common_extra_naming_test.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/common_extra_naming_test.yaml @@ -15,6 +15,7 @@ release: tests: - it: default values has its name correctly defined set: + cluster: test-cluster personalAPIKey: 21321 config: accountID: 11111111 diff --git a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/configmap_test.yaml b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/configmap_test.yaml index 28c8472c0..71b0532fe 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/configmap_test.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/configmap_test.yaml @@ -8,12 +8,13 @@ tests: - it: has the correct region when defined in local values set: personalAPIKey: 21321 + cluster: test-cluster config: accountID: 111 region: A-REGION asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: | accountID: 111 region: A-REGION @@ -21,13 +22,14 @@ tests: - it: has the correct region when global staging set: personalAPIKey: 21321 + cluster: test-cluster config: accountID: 111 global: nrStaging: true asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: | accountID: 111 region: Staging @@ -36,13 +38,14 @@ tests: set: personalAPIKey: 21321 licenseKey: eu-whatever + cluster: test-cluster config: accountID: 111 global: aRandomGlobalValue: true asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: | accountID: 111 region: EU @@ -50,12 +53,13 @@ tests: - it: has the correct region when no global values exist and licenseKey is from eu set: personalAPIKey: 21321 + cluster: test-cluster licenseKey: eu-whatever config: accountID: 111 asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: | accountID: 111 region: EU @@ -63,18 +67,20 @@ tests: - it: has no region when not defined and licenseKey is not from eu set: personalAPIKey: 21321 + cluster: test-cluster licenseKey: us-whatever config: accountID: 111 asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: | accountID: 111 cacheTTLSeconds: 30 - it: has externalMetrics when defined set: personalAPIKey: 21321 + cluster: test-cluster licenseKey: us-whatever config: accountID: 111 @@ -83,7 +89,7 @@ tests: query: "FROM Metric SELECT average(nginx.server.net.requestsPerSecond)" asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: | accountID: 111 cacheTTLSeconds: 30 diff --git a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/hpa_clusterrolebinding_test.yaml b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/hpa_clusterrolebinding_test.yaml index c1db71af7..4fba87fbe 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/hpa_clusterrolebinding_test.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/hpa_clusterrolebinding_test.yaml @@ -6,6 +6,12 @@ release: namespace: my-namespace tests: - it: roleRef.name has its name correctly defined + set: + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION asserts: - matchRegex: path: roleRef.name diff --git a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_cluster_rolebinding_test.yaml b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_cluster_rolebinding_test.yaml index 7e9c99b9e..dd582313e 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_cluster_rolebinding_test.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_cluster_rolebinding_test.yaml @@ -7,6 +7,12 @@ release: namespace: my-namespace tests: - it: roleRef apiGroup and Subjets are correctly defined + set: + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION asserts: - matchRegex: path: roleRef.name diff --git a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_clusterrole_test.yaml b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_clusterrole_test.yaml index 6f198ba65..33a1eaa73 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_clusterrole_test.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_clusterrole_test.yaml @@ -9,6 +9,11 @@ tests: set: rbac: pspEnabled: true + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION asserts: - matchRegex: path: rules[1].resourceNames[0] diff --git a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_common_test.yaml b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_common_test.yaml index 0bc04371c..91cd791d1 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_common_test.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_common_test.yaml @@ -14,6 +14,11 @@ release: tests: - it: If customTLSCertificate and Certmanager enabled do not render set: + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION customTLSCertificate: a-tls-cert certManager: enabled: true diff --git a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_job_createsecret_test.yaml b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_job_createsecret_test.yaml index a9fb6d6ed..6db79234f 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_job_createsecret_test.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_job_createsecret_test.yaml @@ -6,11 +6,23 @@ release: namespace: my-namespace tests: - it: spec metadata name is is correctly defined + set: + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION asserts: - equal: path: spec.template.metadata.name value: my-release-newrelic-k8s-metrics-adapter-apiservice-create - it: container args are correctly defined + set: + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION asserts: - matchRegex: path: spec.template.spec.containers[0].args[1] @@ -20,6 +32,10 @@ tests: pattern: --secret-name=.*-apiservice - it: has the correct image set: + cluster: test-cluster + config: + accountID: 111 + region: A-REGION personalAPIKey: 21321 apiServicePatchJob: image: diff --git a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_job_patchapiservice_test.yaml b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_job_patchapiservice_test.yaml index 602d1b88b..0be083313 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_job_patchapiservice_test.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_patch_job_patchapiservice_test.yaml @@ -6,17 +6,35 @@ release: namespace: my-namespace tests: - it: spec metadata name is is correctly defined + set: + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION asserts: - matchRegex: path: spec.template.metadata.name pattern: .*-apiservice-patch$ - it: container args are correctly defined + set: + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION asserts: - matchRegex: path: spec.template.spec.containers[0].args[2] pattern: ^--secret-name=.*-apiservice - it: serviceAccountName is correctly defined + set: + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION asserts: - matchRegex: path: spec.template.spec.serviceAccountName @@ -24,6 +42,10 @@ tests: - it: has the correct image set: personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION apiServicePatchJob: image: repository: registry.k8s.io/ingress-nginx/kube-webhook-certgen diff --git a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_serviceaccount_test.yaml b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_serviceaccount_test.yaml index 88dbaea89..6c72439a5 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_serviceaccount_test.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/job_serviceaccount_test.yaml @@ -8,6 +8,11 @@ release: tests: - it: RBAC points to the service account that is created by default set: + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION rbac.create: true serviceAccount.create: true asserts: @@ -17,6 +22,11 @@ tests: - it: RBAC points to the service account the user supplies when serviceAccount is disabled set: + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION rbac.create: true serviceAccount.create: false serviceAccount.name: sa-test @@ -27,6 +37,11 @@ tests: - it: RBAC points to the service account the user supplies when serviceAccount is disabled set: + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION rbac.create: true serviceAccount.create: false asserts: diff --git a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/rbac_test.yaml b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/rbac_test.yaml index 7be0b2588..78884c022 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/rbac_test.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/tests/rbac_test.yaml @@ -8,6 +8,11 @@ release: tests: - it: RBAC points to the service account that is created by default set: + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION rbac.create: true serviceAccount.create: true asserts: @@ -17,6 +22,11 @@ tests: - it: RBAC points to the service account the user supplies when serviceAccount is disabled set: + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION rbac.create: true serviceAccount.create: false serviceAccount.name: sa-test @@ -27,6 +37,11 @@ tests: - it: RBAC points to the service account the user supplies when serviceAccount is disabled set: + personalAPIKey: 21321 + cluster: test-cluster + config: + accountID: 111 + region: A-REGION rbac.create: true serviceAccount.create: false asserts: diff --git a/charts/new-relic/nri-bundle/charts/newrelic-logging/Chart.yaml b/charts/new-relic/nri-bundle/charts/newrelic-logging/Chart.yaml index 50f159704..113cb25a2 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-logging/Chart.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-logging/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 1.14.2 +appVersion: 1.16.0 dependencies: - name: common-library repository: https://helm-charts.newrelic.com @@ -17,4 +17,4 @@ maintainers: - name: danybmx - name: sdaubin name: newrelic-logging -version: 1.13.1 +version: 1.14.1 diff --git a/charts/new-relic/nri-bundle/charts/newrelic-logging/README.md b/charts/new-relic/nri-bundle/charts/newrelic-logging/README.md index 70cc19e4d..2ede2e689 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-logging/README.md +++ b/charts/new-relic/nri-bundle/charts/newrelic-logging/README.md @@ -135,6 +135,8 @@ See [values.yaml](values.yaml) for the default values | `updateStrategy` | Strategy for DaemonSet updates (requires Kubernetes >= 1.6) | `RollingUpdate` | | `extraVolumeMounts` | Additional DaemonSet volume mounts | `[]` | | `extraVolumes` | Additional DaemonSet volumes | `[]` | +| `initContainers` | [Init containers](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) that will be executed before the actual container in charge of shipping logs to New Relic is initialized. Use this if you are using a custom Fluent Bit configuration that requires downloading certain files inside the volumes being accessed by the log-shipping pod. | `[]` | +| `windows.initContainers` | [Init containers](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) that will be executed before the actual container in charge of shipping logs to New Relic is initialized. Use this if you are using a custom Fluent Bit configuration that requires downloading certain files inside the volumes being accessed by the log-shipping pod. | `[]` | | `serviceAccount.create` | If true, a service account would be created and assigned to the deployment | `true` | | `serviceAccount.name` | The service account to assign to the deployment. If `serviceAccount.create` is true then this name will be used when creating the service account | | | `serviceAccount.annotations` | The annotations to add to the service account if `serviceAccount.create` is set to true. | | diff --git a/charts/new-relic/nri-bundle/charts/newrelic-logging/k8s/new-relic-fluent-plugin.yml b/charts/new-relic/nri-bundle/charts/newrelic-logging/k8s/new-relic-fluent-plugin.yml index 96664c6a9..c3932bc2b 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-logging/k8s/new-relic-fluent-plugin.yml +++ b/charts/new-relic/nri-bundle/charts/newrelic-logging/k8s/new-relic-fluent-plugin.yml @@ -41,7 +41,7 @@ spec: value: "docker" - name: PATH value: "/var/log/containers/*.log" - image: newrelic/newrelic-fluentbit-output:1.8.1 + image: newrelic/newrelic-fluentbit-output:1.16.0 command: - /fluent-bit/bin/fluent-bit - -c diff --git a/charts/new-relic/nri-bundle/charts/newrelic-logging/templates/daemonset-windows.yaml b/charts/new-relic/nri-bundle/charts/newrelic-logging/templates/daemonset-windows.yaml index bc5ca0baf..76f3c1954 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-logging/templates/daemonset-windows.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-logging/templates/daemonset-windows.yaml @@ -43,6 +43,10 @@ spec: {{- if $.Values.image.pullSecrets }} imagePullSecrets: {{ toYaml $.Values.image.pullSecrets | indent 8 }} + {{- end }} + {{- if $.Values.windows.initContainers }} + initContainers: +{{ toYaml $.Values.windows.initContainers | indent 8 }} {{- end }} containers: - name: {{ template "newrelic-logging.name" $ }} diff --git a/charts/new-relic/nri-bundle/charts/newrelic-logging/templates/daemonset.yaml b/charts/new-relic/nri-bundle/charts/newrelic-logging/templates/daemonset.yaml index 12d6316d0..bc503376b 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-logging/templates/daemonset.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-logging/templates/daemonset.yaml @@ -44,6 +44,10 @@ spec: securityContext: {{- . | nindent 8 }} {{- end }} + {{- if .Values.initContainers }} + initContainers: +{{ toYaml .Values.initContainers | indent 8 }} + {{- end }} containers: - name: {{ template "newrelic-logging.name" . }} {{- with include "newrelic.common.securityContext.container" . }} diff --git a/charts/new-relic/nri-bundle/charts/newrelic-logging/values.yaml b/charts/new-relic/nri-bundle/charts/newrelic-logging/values.yaml index 408c9172f..9f2926e24 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-logging/values.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-logging/values.yaml @@ -73,7 +73,6 @@ fluentBit: # Name dummy # Tag dummy.log - filters: | [FILTER] Name kubernetes @@ -277,3 +276,14 @@ extraVolumes: [] extraVolumeMounts: [] # - name: systemdlog # mountPath: /run/log/journal + +initContainers: +# - name: init +# image: busybox +# command: ["sh", "-c", 'echo "hello world"'] + +windows: + initContainers: +# - name: init +# image: ... +# command: [...] diff --git a/charts/new-relic/nri-bundle/charts/newrelic-pixie/Chart.yaml b/charts/new-relic/nri-bundle/charts/newrelic-pixie/Chart.yaml index c2254fd6e..dc6c155d5 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-pixie/Chart.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-pixie/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 2.0.5 +appVersion: 2.1.2 description: A Helm chart for the New Relic Pixie integration. home: https://hub.docker.com/u/newrelic icon: https://newrelic.com/assets/newrelic/source/NewRelic-logo-square.svg @@ -20,4 +20,4 @@ maintainers: name: newrelic-pixie sources: - https://github.com/newrelic/ -version: 2.0.6 +version: 2.1.0 diff --git a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/CHANGELOG.md b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/CHANGELOG.md index 1d5fa8bfc..820b0374e 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/CHANGELOG.md +++ b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/CHANGELOG.md @@ -6,6 +6,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## Unreleased +## v1.2.0 - 2023-05-12 + +### ⛓️ Dependencies +- Updated newrelic/newrelic-prometheus-configurator to v1.4.0 - [Changelog 🔗](https://github.com/newrelic/newrelic-prometheus-configurator/releases/tag/1.4.0) + ## v1.1.1 - 2023-03-20 ### ⛓️ Dependencies diff --git a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/Chart.yaml b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/Chart.yaml index 33689d6fa..da2487dc7 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/Chart.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/Chart.yaml @@ -1,7 +1,7 @@ annotations: - configuratorVersion: 1.3.0 + configuratorVersion: 1.4.0 apiVersion: v2 -appVersion: v2.37.5 +appVersion: v2.37.8 dependencies: - name: common-library repository: https://helm-charts.newrelic.com @@ -31,4 +31,4 @@ maintainers: url: https://github.com/xqi-nr name: newrelic-prometheus-agent type: application -version: 1.1.1 +version: 1.2.0 diff --git a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/README.md b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/README.md index ec13a0b1b..a9b1cedd3 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/README.md +++ b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/README.md @@ -107,8 +107,6 @@ Notice that at any point you can turn off the integrations filters and scrape al `prometheus.io/scrape: true` by setting `config.kubernetes.integrations_filter.integrations_filter: false` or turning it off in any specific job. -Check the [docs](https://github.com/newrelic/newrelic-prometheus-configurator/blob/main/docs/KubernetesTargetFilter.md) for more information about it usage. - ### Kubernetes job examples #### API Server metrics diff --git a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/README.md.gotmpl b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/README.md.gotmpl index 55d91745d..8738b7329 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/README.md.gotmpl +++ b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/README.md.gotmpl @@ -112,8 +112,6 @@ Notice that at any point you can turn off the integrations filters and scrape al `prometheus.io/scrape: true` by setting `config.kubernetes.integrations_filter.integrations_filter: false` or turning it off in any specific job. -Check the [docs](https://github.com/newrelic/newrelic-prometheus-configurator/blob/main/docs/KubernetesTargetFilter.md) for more information about it usage. - ### Kubernetes job examples #### API Server metrics diff --git a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/release-notes.md b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/release-notes.md index c0f50b381..dc7c5f9fb 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/release-notes.md +++ b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/release-notes.md @@ -1,2 +1,2 @@ ### ⛓️ Dependencies -- Updated common-library to v1.1.1 - [Changelog 🔗](https://github.com/newrelic/helm-charts/releases/tag/common-library-1.1.1) +- Updated newrelic/newrelic-prometheus-configurator to v1.4.0 - [Changelog 🔗](https://github.com/newrelic/newrelic-prometheus-configurator/releases/tag/1.4.0) diff --git a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/tests/configmap_test.yaml b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/tests/configmap_test.yaml index 08a2b985a..9e99b9755 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/tests/configmap_test.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/tests/configmap_test.yaml @@ -8,7 +8,7 @@ tests: cluster: cluster-test asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator newrelic_remote_write: @@ -90,7 +90,7 @@ tests: static_targets: # Set empty to make this test simple asserts: - matchRegex: - path: data.config\.yaml + path: data["config.yaml"] pattern: "newrelic_remote_write:\n staging: true" # We do not want to test the whole YAML - it: fedramp is enabled @@ -105,7 +105,7 @@ tests: static_targets: # Set empty to make this test simple asserts: - matchRegex: - path: data.config\.yaml + path: data["config.yaml"] pattern: "newrelic_remote_write:\n fedramp:\n enabled: true" # We do not want to test the whole YAML - it: config including remote_write most possible sections @@ -134,7 +134,7 @@ tests: kubernetes: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator newrelic_remote_write: @@ -191,7 +191,7 @@ tests: kubernetes: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator newrelic_remote_write: @@ -208,6 +208,7 @@ tests: - it: cluster_name is set from global set: + licenseKey: license-key-test global: cluster: "test" metric_type_override: @@ -218,7 +219,7 @@ tests: kubernetes: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator common: @@ -227,6 +228,7 @@ tests: scrape_interval: 30s - it: cluster_name local value has precedence over global precedence set: + licenseKey: license-key-test global: cluster: "test" cluster: "test2" @@ -238,7 +240,7 @@ tests: kubernetes: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator common: @@ -247,6 +249,7 @@ tests: scrape_interval: 30s - it: cluster_name is not overwritten from customAttributes set: + licenseKey: license-key-test global: cluster: "test" cluster: "test2" @@ -260,7 +263,7 @@ tests: kubernetes: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator common: @@ -270,6 +273,7 @@ tests: - it: cluster_name has precedence over extra labels has precedence over customAttributes set: + licenseKey: license-key-test cluster: test customAttributes: attribute: "value" @@ -288,7 +292,7 @@ tests: kubernetes: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator common: @@ -372,7 +376,7 @@ tests: kubernetes: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator static_targets: @@ -482,7 +486,7 @@ tests: static_targets: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator common: @@ -536,7 +540,7 @@ tests: static_targets: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator common: @@ -557,7 +561,7 @@ tests: static_targets: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator common: diff --git a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/tests/integration_filters_test.yaml b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/tests/integration_filters_test.yaml index ad44c1d1b..d1813f135 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/tests/integration_filters_test.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/tests/integration_filters_test.yaml @@ -16,7 +16,7 @@ tests: static_targets: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator common: @@ -74,7 +74,7 @@ tests: static_targets: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator common: diff --git a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/tests/lowdatamode_configmap_test.yaml b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/tests/lowdatamode_configmap_test.yaml index 41ff30570..ac3953df6 100644 --- a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/tests/lowdatamode_configmap_test.yaml +++ b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/tests/lowdatamode_configmap_test.yaml @@ -15,7 +15,7 @@ tests: kubernetes: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator newrelic_remote_write: @@ -43,7 +43,7 @@ tests: kubernetes: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator newrelic_remote_write: @@ -72,7 +72,7 @@ tests: kubernetes: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator newrelic_remote_write: @@ -105,7 +105,7 @@ tests: kubernetes: asserts: - equal: - path: data.config\.yaml + path: data["config.yaml"] value: |- # Configuration for newrelic-prometheus-configurator newrelic_remote_write: diff --git a/charts/new-relic/nri-bundle/values.yaml b/charts/new-relic/nri-bundle/values.yaml index 9752fe683..17b166ae6 100644 --- a/charts/new-relic/nri-bundle/values.yaml +++ b/charts/new-relic/nri-bundle/values.yaml @@ -12,7 +12,9 @@ nri-metadata-injection: kube-state-metrics: # kube-state-metrics.enabled -- Install the [`kube-state-metrics` chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics) from the stable helm charts repository. - # This is mandatory if `infrastructure.enabled` is set to `true` and the user does not provide its own instance of KSM version >=1.8 and <=2.0 + # This is mandatory if `infrastructure.enabled` is set to `true` and the user does not provide its own instance of KSM version >=1.8 and <=2.0. Note, kube-state-metrics v2+ disables labels/annotations + # metrics by default. You can enable the target labels/annotations metrics to be monitored by using the metricLabelsAllowlist/metricAnnotationsAllowList options described [here](https://github.com/prometheus-community/helm-charts/blob/159cd8e4fb89b8b107dcc100287504bb91bf30e0/charts/kube-state-metrics/values.yaml#L274) in + # your Kubernetes clusters. enabled: false nri-kube-events: diff --git a/charts/redpanda/redpanda/Chart.yaml b/charts/redpanda/redpanda/Chart.yaml index 0db57ea65..5b6b0e2b5 100644 --- a/charts/redpanda/redpanda/Chart.yaml +++ b/charts/redpanda/redpanda/Chart.yaml @@ -31,4 +31,4 @@ name: redpanda sources: - https://github.com/redpanda-data/helm-charts type: application -version: 4.0.16 +version: 4.0.17 diff --git a/charts/redpanda/redpanda/templates/service.internal.yaml b/charts/redpanda/redpanda/templates/service.internal.yaml index 73374ea53..922f74c83 100644 --- a/charts/redpanda/redpanda/templates/service.internal.yaml +++ b/charts/redpanda/redpanda/templates/service.internal.yaml @@ -16,14 +16,15 @@ limitations under the License. */}} --- # This service is only used to create the DNS enteries for each pod in -# the stateful set. This service should not be used by any client -# application +# the stateful set and allow the serviceMonitor to target the pods. +# This service should not be used by any client application apiVersion: v1 kind: Service metadata: name: {{ include "redpanda.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: + monitoring.redpanda.com/enabled: {{ .Values.monitoring.enabled | quote }} {{- with include "full.labels" . }} {{- . | nindent 4 }} {{- end }} @@ -34,3 +35,8 @@ spec: selector: app.kubernetes.io/name: {{ template "redpanda.name" . }} app.kubernetes.io/instance: {{ .Release.Name | quote }} + ports: + - name: admin + protocol: TCP + targetPort: {{ .Values.listeners.admin.port }} + port: {{ .Values.listeners.admin.port }} \ No newline at end of file diff --git a/charts/redpanda/redpanda/templates/servicemonitor.yaml b/charts/redpanda/redpanda/templates/servicemonitor.yaml new file mode 100644 index 000000000..e59895d3f --- /dev/null +++ b/charts/redpanda/redpanda/templates/servicemonitor.yaml @@ -0,0 +1,39 @@ +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.monitoring.enabled }} +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +--- +# This servicemonitor is used by Prometheus Operator to scrape the metrics +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "redpanda.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: +{{- with include "full.labels" . }} + {{- . | nindent 4 }} +{{- end }} +spec: + endpoints: + - interval: {{ .Values.monitoring.scrapeInterval }} + path: /public_metrics + targetPort: admin + selector: + matchLabels: + monitoring.redpanda.com/enabled: "true" + app.kubernetes.io/name: {{ template "redpanda.name" . }} + app.kubernetes.io/instance: {{ .Release.Name | quote }} +{{- end }} \ No newline at end of file diff --git a/charts/redpanda/redpanda/values.schema.json b/charts/redpanda/redpanda/values.schema.json index 40193cec4..bfb43a6a3 100644 --- a/charts/redpanda/redpanda/values.schema.json +++ b/charts/redpanda/redpanda/values.schema.json @@ -221,6 +221,22 @@ } } }, + "monitoring": { + "type": "object", + "required": [ + "enabled", + "scrapeInterval" + ], + "properties": { + "enabled": { + "type": "boolean" + }, + "scrapeInterval": { + "type": "string", + "pattern": ".*[smh]$" + } + } + }, "resources": { "type": "object", "required": [ diff --git a/charts/redpanda/redpanda/values.yaml b/charts/redpanda/redpanda/values.yaml index 86e9b3b4c..1bf1d3e09 100644 --- a/charts/redpanda/redpanda/values.yaml +++ b/charts/redpanda/redpanda/values.yaml @@ -214,6 +214,12 @@ logging: # Your cluster ID (optional) # clusterId: your-helm-cluster +# -- Monitoring. +# This will create a ServiceMonitor that can be used by Prometheus-Operator or VictoriaMetrics-Operator to scrape the metrics. +monitoring: + enabled: false + scrapeInterval: 30s + # -- Pod resource management. # This section simplifies resource allocation # by providing a single location where resources are defined. diff --git a/charts/speedscale/speedscale-operator/Chart.yaml b/charts/speedscale/speedscale-operator/Chart.yaml index 91e47c3a8..8c1322fd0 100644 --- a/charts/speedscale/speedscale-operator/Chart.yaml +++ b/charts/speedscale/speedscale-operator/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>= 1.17.0-0' catalog.cattle.io/release-name: speedscale-operator apiVersion: v1 -appVersion: 1.3.22 +appVersion: 1.3.33 description: Stress test your APIs with real world scenarios. Collect and replay traffic without scripting. home: https://speedscale.com @@ -24,4 +24,4 @@ maintainers: - email: support@speedscale.com name: Speedscale Support name: speedscale-operator -version: 1.3.2 +version: 1.3.3 diff --git a/charts/speedscale/speedscale-operator/README.md b/charts/speedscale/speedscale-operator/README.md index ec999d2f9..d19337286 100644 --- a/charts/speedscale/speedscale-operator/README.md +++ b/charts/speedscale/speedscale-operator/README.md @@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. -### Upgrade to 1.3.2 +### Upgrade to 1.3.3 ```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.2/templates/crds/trafficreplays.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.3/templates/crds/trafficreplays.yaml ``` ### Upgrade to 1.1.0 diff --git a/charts/speedscale/speedscale-operator/app-readme.md b/charts/speedscale/speedscale-operator/app-readme.md index ec999d2f9..d19337286 100644 --- a/charts/speedscale/speedscale-operator/app-readme.md +++ b/charts/speedscale/speedscale-operator/app-readme.md @@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. -### Upgrade to 1.3.2 +### Upgrade to 1.3.3 ```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.2/templates/crds/trafficreplays.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.3/templates/crds/trafficreplays.yaml ``` ### Upgrade to 1.1.0 diff --git a/charts/speedscale/speedscale-operator/values.yaml b/charts/speedscale/speedscale-operator/values.yaml index 6b65cede8..7ab9dac16 100644 --- a/charts/speedscale/speedscale-operator/values.yaml +++ b/charts/speedscale/speedscale-operator/values.yaml @@ -20,7 +20,7 @@ clusterName: "my-cluster" # Speedscale components image settings. image: registry: gcr.io/speedscale - tag: v1.3.22 + tag: v1.3.33 pullPolicy: Always # Log level for Speedscale components. diff --git a/charts/sysdig/sysdig/CHANGELOG.md b/charts/sysdig/sysdig/CHANGELOG.md index bb3302105..c8c35de6f 100644 --- a/charts/sysdig/sysdig/CHANGELOG.md +++ b/charts/sysdig/sysdig/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.15.88 +### Chores +* **sysdig** [c8398346](https://github.com/sysdiglabs/charts/commit/c83983463b32841eef524f9cf2302a67088363d5): bump agent version to 12.14.1 ([#1105](https://github.com/sysdiglabs/charts/issues/1105)) # v1.15.87 ### Chores * **sysdig** [82bedb7](https://github.com/sysdiglabs/charts/commit/82bedb791cc03edd950e96fb973531add97ad47c): bump agent version to 12.14.0 ([#1075](https://github.com/sysdiglabs/charts/issues/1075)) diff --git a/charts/sysdig/sysdig/Chart.yaml b/charts/sysdig/sysdig/Chart.yaml index 64c5dcb83..a1c7dccdc 100644 --- a/charts/sysdig/sysdig/Chart.yaml +++ b/charts/sysdig/sysdig/Chart.yaml @@ -3,7 +3,7 @@ annotations: catalog.cattle.io/display-name: Sysdig catalog.cattle.io/release-name: sysdig apiVersion: v1 -appVersion: 12.14.0 +appVersion: 12.14.1 description: Sysdig Monitor and Secure agent home: https://www.sysdig.com/ icon: https://avatars.githubusercontent.com/u/5068817?s=200&v=4 @@ -29,4 +29,4 @@ name: sysdig sources: - https://app.sysdigcloud.com/#/settings/user - https://github.com/draios/sysdig -version: 1.15.87 +version: 1.15.88 diff --git a/charts/sysdig/sysdig/README.md b/charts/sysdig/sysdig/README.md index df19db0cf..a402b2b76 100644 --- a/charts/sysdig/sysdig/README.md +++ b/charts/sysdig/sysdig/README.md @@ -84,7 +84,7 @@ The following table lists the configurable parameters of the Sysdig chart and th |----------------------------------------------------------------------|------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------| | `image.registry` | Sysdig Agent image registry | `quay.io` | | `image.repository` | The image repository to pull from | `sysdig/agent` | -| `image.tag` | The image tag to pull | `12.14.0` | +| `image.tag` | The image tag to pull | `12.14.1` | | `image.digest` | The image digest to pull | ` ` | | `image.pullPolicy` | The Image pull policy | `IfNotPresent` | | `image.pullSecrets` | Image pull secrets | `nil` | diff --git a/charts/sysdig/sysdig/RELEASE-NOTES.md b/charts/sysdig/sysdig/RELEASE-NOTES.md index 839a48cae..b2c5974f1 100644 --- a/charts/sysdig/sysdig/RELEASE-NOTES.md +++ b/charts/sysdig/sysdig/RELEASE-NOTES.md @@ -1,6 +1,6 @@ # What's Changed ### Chores -- **sysdig** [82bedb7](https://github.com/sysdiglabs/charts/commit/82bedb791cc03edd950e96fb973531add97ad47c): bump agent version to 12.14.0 ([#1075](https://github.com/sysdiglabs/charts/issues/1075)) +- **sysdig** [c8398346](https://github.com/sysdiglabs/charts/commit/c83983463b32841eef524f9cf2302a67088363d5): bump agent version to 12.14.1 ([#1105](https://github.com/sysdiglabs/charts/issues/1105)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.7.7...sysdig-1.15.87 +#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.8.3...sysdig-1.15.88 diff --git a/charts/sysdig/sysdig/values.yaml b/charts/sysdig/sysdig/values.yaml index 4b4d35af9..cd71193d6 100644 --- a/charts/sysdig/sysdig/values.yaml +++ b/charts/sysdig/sysdig/values.yaml @@ -8,7 +8,7 @@ image: registry: quay.io repository: sysdig/agent - tag: 12.14.0 + tag: 12.14.1 # Specify a imagePullPolicy # Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' # ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images diff --git a/charts/triggermesh/triggermesh/Chart.lock b/charts/triggermesh/triggermesh/Chart.lock index 2d8157447..29fda0c4f 100644 --- a/charts/triggermesh/triggermesh/Chart.lock +++ b/charts/triggermesh/triggermesh/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: triggermesh-core repository: https://storage.googleapis.com/triggermesh-charts - version: 1.1.1 -digest: sha256:c5be13db3d6ec1f432e294520702633f3ff597ebcedb59fcfcc4283a7eda2cba -generated: "2023-03-30T13:02:18.993598+05:30" + version: 1.2.1 +digest: sha256:11544a42549f7092647d99af4be8dbda9ec94acfde7bb474035b3f693ca3faf4 +generated: "2023-05-18T15:00:40.136286+05:30" diff --git a/charts/triggermesh/triggermesh/Chart.yaml b/charts/triggermesh/triggermesh/Chart.yaml index a026b02d0..ca1863f05 100644 --- a/charts/triggermesh/triggermesh/Chart.yaml +++ b/charts/triggermesh/triggermesh/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.20-0' catalog.cattle.io/release-name: triggermesh apiVersion: v2 -appVersion: v1.24.4 +appVersion: v1.25.0 dependencies: - condition: triggermesh-core.enabled name: triggermesh-core @@ -13,9 +13,9 @@ dependencies: - triggermesh - triggermesh-core - brokers - version: 1.1.x + version: 1.2.x description: A Helm chart deploying TriggerMesh Open Source Components icon: https://partner-charts.rancher.io/assets/logos/triggermesh.svg name: triggermesh type: application -version: 0.7.3 +version: 0.8.1 diff --git a/charts/triggermesh/triggermesh/charts/triggermesh-core/Chart.yaml b/charts/triggermesh/triggermesh/charts/triggermesh-core/Chart.yaml index b7054ea1d..1f925f0d6 100644 --- a/charts/triggermesh/triggermesh/charts/triggermesh-core/Chart.yaml +++ b/charts/triggermesh/triggermesh/charts/triggermesh-core/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 -appVersion: v1.2.1 +appVersion: v1.3.0 description: A Helm chart deploying TriggerMesh Core Open Source Components name: triggermesh-core type: application -version: 1.1.1 +version: 1.2.1 diff --git a/charts/triggermesh/triggermesh/charts/triggermesh-core/crds/triggermesh-core-crds.yaml b/charts/triggermesh/triggermesh/charts/triggermesh-core/crds/triggermesh-core-crds.yaml index 877f46eab..c807d3ac3 100644 --- a/charts/triggermesh/triggermesh/charts/triggermesh-core/crds/triggermesh-core-crds.yaml +++ b/charts/triggermesh/triggermesh/charts/triggermesh-core/crds/triggermesh-core-crds.yaml @@ -201,11 +201,47 @@ spec: type: string key: type: string + tlsCACertificate: + description: Contains a CA certificate used to connect to Redis. + type: object + properties: + secretKeyRef: + description: A reference to a Kubernetes Secret object. + type: object + properties: + name: + type: string + key: + type: string + tlsCertificate: + description: Contains a certificate used to connect to authenticate to Redis. + type: object + properties: + secretKeyRef: + description: A reference to a Kubernetes Secret object. + type: object + properties: + name: + type: string + key: + type: string + tlsKey: + description: Contains a key certificate used to connect to authenticate to Redis. + type: object + properties: + secretKeyRef: + description: A reference to a Kubernetes Secret object. + type: object + properties: + name: + type: string + key: + type: string tlsEnabled: description: Use TLS enctrypted Redis connection. type: boolean tlsSkipVerify: - description: Skip TLS certificate verification. + description: Skip TLS certificate verification. If caCertificate is set, tlsSkipVerify will default to false. type: boolean oneOf: - required: [url] @@ -217,6 +253,9 @@ spec: description: Maximum number of items (approximate) the Redis stream can host. type: integer default: 1000 + enableTrackingID: + description: Whether the Redis ID for the event is added as a CloudEvents attribute. Defaults to false + type: boolean broker: description: Broker options. type: object diff --git a/charts/triggermesh/triggermesh/charts/triggermesh-core/templates/clusterroles.yaml b/charts/triggermesh/triggermesh/charts/triggermesh-core/templates/clusterroles.yaml index fa7a1c723..e06ed339a 100644 --- a/charts/triggermesh/triggermesh/charts/triggermesh-core/templates/clusterroles.yaml +++ b/charts/triggermesh/triggermesh/charts/triggermesh-core/templates/clusterroles.yaml @@ -56,7 +56,7 @@ metadata: rbac.authorization.k8s.io/aggregate-to-view: "true" rules: - apiGroups: - - eveinting.triggermesh.io + - eventing.triggermesh.io resources: ["*"] verbs: - get diff --git a/charts/triggermesh/triggermesh/charts/triggermesh-core/templates/deployment.yaml b/charts/triggermesh/triggermesh/charts/triggermesh-core/templates/deployment.yaml index bacad7f1a..8e1086b75 100644 --- a/charts/triggermesh/triggermesh/charts/triggermesh-core/templates/deployment.yaml +++ b/charts/triggermesh/triggermesh/charts/triggermesh-core/templates/deployment.yaml @@ -43,7 +43,7 @@ spec: containers: - name: controller terminationMessagePolicy: FallbackToLogsOnError - image: "{{ .Values.image.registry }}/triggermesh-core:{{ .Values.image.tag | default .Chart.AppVersion }}" + image: "{{ .Values.image.registry }}/core-controller:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} env: - name: SYSTEM_NAMESPACE diff --git a/charts/triggermesh/triggermesh/crds/triggermesh-crds.yaml b/charts/triggermesh/triggermesh/crds/triggermesh-crds.yaml index 3a64007a9..99a8fb6d0 100644 --- a/charts/triggermesh/triggermesh/crds/triggermesh-crds.yaml +++ b/charts/triggermesh/triggermesh/crds/triggermesh-crds.yaml @@ -114,6 +114,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -152,6 +161,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -190,7 +204,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -213,6 +227,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - sink @@ -434,6 +457,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -472,6 +504,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -510,7 +547,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -533,6 +570,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - region - metricQueries @@ -710,6 +756,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -748,6 +803,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -786,7 +846,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -809,6 +869,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - branch @@ -973,6 +1042,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -1011,6 +1089,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -1049,7 +1132,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -1072,6 +1155,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - sink @@ -1234,6 +1326,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -1272,6 +1373,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -1310,7 +1416,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -1333,6 +1439,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - sink @@ -1495,6 +1610,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -1533,6 +1657,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -1571,7 +1700,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -1594,6 +1723,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - sink @@ -1769,6 +1907,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: |- (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For @@ -1816,6 +1963,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -1854,7 +2006,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -1877,6 +2029,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - sink @@ -2048,6 +2209,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -2086,6 +2256,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -2124,7 +2299,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -2147,6 +2322,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - sink @@ -2317,6 +2501,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -2355,6 +2548,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -2393,7 +2591,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -2416,6 +2614,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - pollingInterval @@ -2651,6 +2858,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: |- (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For @@ -2698,6 +2914,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -2736,7 +2957,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -2759,6 +2980,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - eventTypes @@ -2983,6 +3213,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -3021,7 +3256,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -3044,6 +3279,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - sink @@ -3230,6 +3474,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -3276,6 +3529,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -3314,7 +3572,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -3337,6 +3595,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - sink @@ -3609,6 +3876,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -3647,7 +3919,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -3670,6 +3942,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - subscriptionID - destination @@ -3996,6 +4277,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -4034,7 +4320,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -4057,6 +4343,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - storageAccountID - endpoint @@ -4327,6 +4622,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -4365,7 +4665,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -4388,6 +4688,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - scope - endpoint @@ -4506,7 +4815,7 @@ spec: Resource ID of the Event Hubs instance. The expected format is - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventHub/namespaces/{namespaceName}/eventhubs/{eventHubName} + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventHub/namespaces/{namespaceName}/eventhubs/{eventHubName} type: string pattern: ^\/subscriptions\/[a-z0-9-]+\/resourceGroups\/[\w.()-]+\/providers\/Microsoft.EventHub\/namespaces\/[A-Za-z0-9-]{6,50}\/event[Hh]ubs\/[a-zA-Z0-9][\w.-]{0,49}$ auth: @@ -4695,10 +5004,23 @@ spec: anyOf: - required: [ref] - required: [uri] + messageCountSize: + description: The number of messages to receive from the Event Hub at a time. + type: integer + format: string + messageTimeout: + description: The timeout in seconds to wait for the number of messages to be available in the Event Hub before. + type: integer + format: string adapterOverrides: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -4737,7 +5059,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -4760,6 +5082,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - eventHubID - sink @@ -4920,6 +5251,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -4958,7 +5294,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -4981,6 +5317,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - auth - sink @@ -5145,6 +5490,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -5183,7 +5533,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -5206,6 +5556,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - accountName - accountKey @@ -5516,6 +5875,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -5554,7 +5918,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -5577,6 +5941,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - queueID - sink @@ -5642,6 +6015,399 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition +metadata: + name: azureservicebussources.sources.triggermesh.io + labels: + eventing.knative.dev/source: 'true' + duck.knative.dev/source: 'true' + knative.dev/crd-install: 'true' + triggermesh.io/crd-install: 'true' + annotations: + registry.knative.dev/eventTypes: | + [ + { + "type": "com.microsoft.azure.servicebus.message", + "schema": "https://raw.githubusercontent.com/triggermesh/triggermesh/main/schemas/com.microsoft.azure.servicebus.message.json", + "description": "" + } + ] +spec: + group: sources.triggermesh.io + scope: Namespaced + names: + kind: AzureServiceBusSource + plural: azureservicebussources + categories: + - all + - knative + - eventing + - sources + versions: + - name: v1alpha1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + description: TriggerMesh event source for Azure Service Bus. + type: object + properties: + spec: + description: Desired state of the event source. + type: object + properties: + topicID: + description: |- + The resource ID the Service Bus Topic to subscribe to. + + The expected format is + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceBus/namespaces/{namespaceName}/topics/{topicName} + type: string + pattern: ^\/subscriptions\/[a-z0-9-]+\/resourceGroups\/[\w.()-]+\/providers\/Microsoft.ServiceBus\/namespaces\/[A-Za-z0-9-]{6,50}\/topics\/[A-Za-z0-9][\w.~/-]{0,258}[A-Za-z0-9]$ + queueID: + description: |- + The resource ID the Service Bus Queue to subscribe to. + + The expected format is + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceBus/namespaces/{namespaceName}/queues/{queueName} + type: string + pattern: ^\/subscriptions\/[a-z0-9-]+\/resourceGroups\/[\w.()-]+\/providers\/Microsoft.ServiceBus\/namespaces\/[A-Za-z0-9-]{6,50}\/queues\/[A-Za-z0-9][\w.~/-]{0,258}[A-Za-z0-9]$ + auth: + description: Authentication method to interact with the Azure Service Bus API. This event source only supports the Service Principal authentication. If it not present, it will try to use Azure AKS Managed Identity + type: object + properties: + servicePrincipal: + description: Credentials of an Azure Service Principal. For more information about service principals, please refer to the Azure Active Directory documentation at https://docs.microsoft.com/en-us/azure/active-directory/develop/app-objects-and-service-principals. + type: object + properties: + tenantID: + description: ID of the Azure Active Directory tenant. + type: object + properties: + value: + description: Literal value of the tenant ID. + type: string + format: guid + pattern: ^[0-9A-Fa-f]{8}(?:-[0-9A-Fa-f]{4}){3}-[0-9A-Fa-f]{12}$ + valueFromSecret: + description: A reference to a Kubernetes Secret object containing the tenant ID. + type: object + properties: + name: + type: string + key: + type: string + required: + - name + - key + oneOf: + - required: [value] + - required: [valueFromSecret] + clientID: + description: ID of the registered client/application. + type: object + properties: + value: + description: Literal value of the client ID. + type: string + format: guid + pattern: ^[0-9A-Fa-f]{8}(?:-[0-9A-Fa-f]{4}){3}-[0-9A-Fa-f]{12}$ + valueFromSecret: + description: A reference to a Kubernetes Secret object containing the client ID. + type: object + properties: + name: + type: string + key: + type: string + required: + - name + - key + oneOf: + - required: [value] + - required: [valueFromSecret] + clientSecret: + description: Secret associated with the registered client/application. + type: object + properties: + value: + description: Literal value of the client secret. + type: string + format: password + valueFromSecret: + description: A reference to a Kubernetes Secret object containing the client secret. + type: object + properties: + name: + type: string + key: + type: string + required: + - name + - key + oneOf: + - required: [value] + - required: [valueFromSecret] + required: + - tenantID + - clientID + - clientSecret + sasToken: + description: An Azure shared access signature (SAS) token. For more information about SAS tokens, please refer to the Azure Service Bus Queue documentation at https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-sas. + type: object + properties: + keyName: + description: Name of the key used by the SAS token. Mutually exclusive with 'connectionString'. + type: object + properties: + value: + description: Literal name of the key. + type: string + valueFromSecret: + description: A reference to a Kubernetes Secret object containing the key's name. + type: object + properties: + name: + type: string + key: + type: string + required: + - name + - key + oneOf: + - required: [value] + - required: [valueFromSecret] + keyValue: + description: Value of the key used by the SAS token. Mutually exclusive with 'connectionString'. + type: object + properties: + value: + description: Literal value of the key. + type: string + valueFromSecret: + description: A reference to a Kubernetes Secret object containing the key's value. + type: object + properties: + name: + type: string + key: + type: string + required: + - name + - key + oneOf: + - required: [value] + - required: [valueFromSecret] + connectionString: + description: Connection string containing both the resource URI of the Service Bus Queue, and the SAS token. Mutually exclusive with 'keyName' and 'keyValue'. + type: object + properties: + value: + description: Literal value of the connection string. + type: string + valueFromSecret: + description: A reference to a Kubernetes Secret object containing the connection string. + type: object + properties: + name: + type: string + key: + type: string + required: + - name + - key + oneOf: + - required: [value] + - required: [valueFromSecret] + oneOf: + - required: + - keyName + - keyValue + - required: + - connectionString + oneOf: + - required: [sasToken] + - required: [servicePrincipal] + webSocketsEnable: + description: Boolean to indicate to use WebSockets. + type: boolean + sink: + description: The destination of events sourced from the Azure Service Bus. + type: object + properties: + ref: + description: Reference to an addressable Kubernetes object to be used as the destination of events. + type: object + properties: + apiVersion: + type: string + kind: + type: string + namespace: + type: string + name: + type: string + required: + - apiVersion + - kind + - name + uri: + description: URI to use as the destination of events. + type: string + format: uri + anyOf: + - required: [ref] + - required: [uri] + adapterOverrides: + description: Kubernetes object parameters to apply on top of default adapter values. + type: object + properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string + labels: + description: Adapter labels. + type: object + additionalProperties: + type: string + env: + description: Adapter environment variables. + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + resources: + description: Compute Resources required by the adapter. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Limits describes the maximum amount of compute resources allowed. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + tolerations: + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: array + items: + type: object + properties: + key: + description: Taint key that the toleration applies to. + type: string + operator: + description: Key's relationship to the value. + type: string + enum: [Exists, Equal] + value: + description: Taint value the toleration matches to. + type: string + effect: + description: Taint effect to match. + type: string + enum: [NoSchedule, PreferNoSchedule, NoExecute] + tolerationSeconds: + description: Period of time a toleration of effect NoExecute tolerates the taint. + type: integer + format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true + oneOf: + - required: [topicID] + - required: [queueID] + required: + - sink + status: + description: Reported status of the event source. + type: object + properties: + subscriptionID: + description: Resource ID of the Service Bus Subscription that is currently used by the event source for consuming events from the configured Service Bus Topic. + type: string + sinkUri: + description: URI of the sink where events are currently sent to. + type: string + format: uri + ceAttributes: + type: array + items: + type: object + properties: + type: + type: string + source: + type: string + required: + - type + - source + observedGeneration: + type: integer + format: int64 + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + enum: ['True', 'False', Unknown] + severity: + type: string + enum: [Error, Warning, Info] + reason: + type: string + message: + type: string + lastTransitionTime: + type: string + format: date-time + required: + - type + - status + additionalPrinterColumns: + - name: Ready + type: string + jsonPath: .status.conditions[?(@.type=='Ready')].status + - name: Reason + type: string + jsonPath: .status.conditions[?(@.type=='Ready')].reason + - name: Sink + type: string + jsonPath: .status.sinkUri + - name: Age + type: date + jsonPath: .metadata.creationTimestamp +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition metadata: name: azureservicebustopicsources.sources.triggermesh.io labels: @@ -5808,6 +6574,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -5846,7 +6617,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -5869,6 +6640,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - topicID - sink @@ -6063,6 +6843,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -6104,7 +6889,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -6127,6 +6912,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - sink status: @@ -6313,7 +7107,7 @@ spec: - required: [valueFromSecret] gcpServiceAccount: description: GCP Service account name to impersonate Identity and Access Management (IAM) service accounts to access Google Cloud services. - pattern: ^[a-z][a-z0-9-]+@[a-z0-9-]+\.[a-z]+\.[a-z]{2,63}$ + pattern: ^[a-z0-9-]{6,30}@[a-z0-9-]{1,30}(?:\.[a-z0-9-]{1,30})?\.gserviceaccount\.com$ type: string kubernetesServiceAccount: description: The name of the Kubernetes Service account that will be created and bound to the gcpServiceAccount to act as an IAM service account. Optional, by default the Kubernetes service account name will be generated by the controller. @@ -6352,6 +7146,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -6390,7 +7189,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -6413,6 +7212,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - serviceName - methodName @@ -6596,7 +7404,7 @@ spec: - required: [valueFromSecret] gcpServiceAccount: description: GCP Service account name to impersonate Identity and Access Management (IAM) service accounts to access Google Cloud services. - pattern: ^[a-z][a-z0-9-]+@[a-z0-9-]+\.[a-z]+\.[a-z]{2,63}$ + pattern: ^[a-z0-9-]{6,30}@[a-z0-9-]{1,30}(?:\.[a-z0-9-]{1,30})?\.gserviceaccount\.com$ type: string kubernetesServiceAccount: description: The name of the Kubernetes Service account that will be created and bound to the gcpServiceAccount to act as an IAM service account. Optional, by default the Kubernetes service account name will be generated by the controller. @@ -6635,6 +7443,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -6673,7 +7486,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -6696,6 +7509,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - billingAccountId - budgetId @@ -6867,7 +7689,7 @@ spec: - required: [valueFromSecret] gcpServiceAccount: description: GCP Service account name to impersonate Identity and Access Management (IAM) service accounts to access Google Cloud services. - pattern: ^[a-z][a-z0-9-]+@[a-z0-9-]+\.[a-z]+\.[a-z]{2,63}$ + pattern: ^[a-z0-9-]{6,30}@[a-z0-9-]{1,30}(?:\.[a-z0-9-]{1,30})?\.gserviceaccount\.com$ type: string kubernetesServiceAccount: description: The name of the Kubernetes Service account that will be created and bound to the gcpServiceAccount to act as an IAM service account. Optional, by default the Kubernetes service account name will be generated by the controller. @@ -6906,6 +7728,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -6944,7 +7771,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -6967,6 +7794,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - topic - sink @@ -7147,7 +7983,7 @@ spec: - required: [valueFromSecret] gcpServiceAccount: description: GCP Service account name to impersonate Identity and Access Management (IAM) service accounts to access Google Cloud services. - pattern: ^[a-z][a-z0-9-]+@[a-z0-9-]+\.[a-z]+\.[a-z]{2,63}$ + pattern: ^[a-z0-9-]{6,30}@[a-z0-9-]{1,30}(?:\.[a-z0-9-]{1,30})?\.gserviceaccount\.com$ type: string kubernetesServiceAccount: description: The name of the Kubernetes Service account that will be created and bound to the gcpServiceAccount to act as an IAM service account. Optional, by default the Kubernetes service account name will be generated by the controller. @@ -7186,6 +8022,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -7224,7 +8065,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -7247,6 +8088,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - repository - sink @@ -7385,6 +8235,9 @@ spec: - OBJECT_METADATA_UPDATE - OBJECT_DELETE - OBJECT_ARCHIVE + objectNamePrefix: + description: If present, will only receive notifications for objects whose names that begin with this prefix. + type: string serviceAccountKey: description: Deprecated - please use spec.auth.serviceAccountKey. Service account key used to authenticate the event source and allow it to interact with Google Cloud APIs. Only the JSON format is supported. type: object @@ -7433,7 +8286,7 @@ spec: - required: [valueFromSecret] gcpServiceAccount: description: GCP Service account name to impersonate Identity and Access Management (IAM) service accounts to access Google Cloud services. - pattern: ^[a-z][a-z0-9-]+@[a-z0-9-]+\.[a-z]+\.[a-z]{2,63}$ + pattern: ^[a-z0-9-]{6,30}@[a-z0-9-]{1,30}(?:\.[a-z0-9-]{1,30})?\.gserviceaccount\.com$ type: string kubernetesServiceAccount: description: The name of the Kubernetes Service account that will be created and bound to the gcpServiceAccount to act as an IAM service account. Optional, by default the Kubernetes service account name will be generated by the controller. @@ -7472,6 +8325,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -7510,7 +8368,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -7533,6 +8391,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - bucket - pubsub @@ -7727,6 +8594,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -7765,7 +8637,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -7788,6 +8660,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - eventType - method @@ -8055,6 +8936,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -8093,7 +8979,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -8116,6 +9002,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - connectionName - channelName @@ -8439,6 +9334,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -8477,7 +9377,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -8500,6 +9400,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - bootstrapServers - topic @@ -8576,6 +9485,235 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition +metadata: + name: mongodbsources.sources.triggermesh.io + labels: + eventing.knative.dev/source: 'true' + duck.knative.dev/source: 'true' + knative.dev/crd-install: 'true' + triggermesh.io/crd-install: 'true' + annotations: + registry.knative.dev/eventTypes: | + [ + { "type": "io.triggermesh.mongodb.event" } + ] +spec: + group: sources.triggermesh.io + scope: Namespaced + names: + kind: MongoDBSource + plural: mongodbsources + categories: + - all + - knative + - eventing + - sources + versions: + - name: v1alpha1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + description: TriggerMesh event source for MongoDB. + type: object + properties: + spec: + description: Desired state of the event source. + type: object + properties: + connectionString: + description: MongoDB connection string. + type: string + database: + description: MongoDB database name. + type: string + collection: + description: MongoDB collection name. + type: string + sink: + description: The destination of events sourced from Kafka Kafka. + type: object + properties: + ref: + description: Reference to an addressable Kubernetes object to be used as the destination of events. + type: object + properties: + apiVersion: + type: string + kind: + type: string + namespace: + type: string + name: + type: string + required: + - apiVersion + - kind + - name + uri: + description: URI to use as the destination of events. + type: string + format: uri + anyOf: + - required: [ref] + - required: [uri] + adapterOverrides: + description: Kubernetes object parameters to apply on top of default adapter values. + type: object + properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string + labels: + description: Adapter labels. + type: object + additionalProperties: + type: string + env: + description: Adapter environment variables. + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + resources: + description: Compute Resources required by the adapter. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Limits describes the maximum amount of compute resources allowed. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + tolerations: + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: array + items: + type: object + properties: + key: + description: Taint key that the toleration applies to. + type: string + operator: + description: Key's relationship to the value. + type: string + enum: [Exists, Equal] + value: + description: Taint value the toleration matches to. + type: string + effect: + description: Taint effect to match. + type: string + enum: [NoSchedule, PreferNoSchedule, NoExecute] + tolerationSeconds: + description: Period of time a toleration of effect NoExecute tolerates the taint. + type: integer + format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - connectionString + - database + - collection + - sink + status: + description: Reported status of the event source. + type: object + properties: + sinkUri: + description: URI of the sink where events are currently sent to. + type: string + format: uri + ceAttributes: + type: array + items: + type: object + properties: + type: + type: string + source: + type: string + required: + - type + - source + observedGeneration: + type: integer + format: int64 + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + enum: ['True', 'False', Unknown] + severity: + type: string + enum: [Error, Warning, Info] + reason: + type: string + message: + type: string + lastTransitionTime: + type: string + format: date-time + required: + - type + - status + address: + description: Public address of the HTTP/S endpoint exposing the source. + type: object + properties: + url: + type: string + additionalPrinterColumns: + - name: Ready + type: string + jsonPath: .status.conditions[?(@.type=='Ready')].status + - name: Reason + type: string + jsonPath: .status.conditions[?(@.type=='Ready')].reason + - name: URL + type: string + jsonPath: .status.address.url + - name: Sink + type: string + jsonPath: .status.sinkUri + - name: Age + type: date + jsonPath: .metadata.creationTimestamp +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition metadata: name: ocimetricssources.sources.triggermesh.io labels: @@ -8746,6 +9884,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -8784,7 +9927,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -8807,6 +9950,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - oracleApiPrivateKey - oracleApiPrivateKeyPassphrase @@ -9005,6 +10157,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -9043,7 +10200,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -9066,6 +10223,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - auth - subscription @@ -9231,6 +10397,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -9272,7 +10443,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -9295,6 +10466,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - sink status: @@ -9535,6 +10715,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -9573,7 +10758,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -9596,6 +10781,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - url - queueName @@ -9744,6 +10938,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -9785,7 +10984,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -9808,6 +11007,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - sink status: @@ -9991,6 +11199,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -10032,7 +11245,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -10055,6 +11268,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - eventType - sink @@ -10258,6 +11480,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -10296,7 +11523,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -10319,6 +11546,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - subdomain - email @@ -10492,6 +11728,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -10509,6 +11754,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -10550,7 +11800,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -10573,6 +11823,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - region - language @@ -10723,6 +11982,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -10738,6 +12006,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -10779,7 +12052,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -10802,6 +12075,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - auth @@ -10951,6 +12233,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -10969,6 +12260,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -11010,7 +12306,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -11033,6 +12329,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - auth @@ -11181,6 +12486,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -11202,6 +12516,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -11243,7 +12562,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -11266,6 +12585,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - auth @@ -11412,6 +12740,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -11430,6 +12767,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -11471,7 +12813,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -11494,6 +12836,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - auth @@ -11644,6 +12995,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -11662,6 +13022,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -11703,7 +13068,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -11726,6 +13091,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - auth @@ -11891,6 +13265,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -11909,6 +13292,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -11950,7 +13338,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -11973,6 +13361,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - auth @@ -12119,6 +13516,15 @@ spec: oneOf: - required: [value] - required: [valueFromSecret] + assumeIamRole: + description: |- + The ARN of an IAM role for cross-account or remote EKS cluster authorization. + For more information please refer to the AWS General Reference at https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html + type: string + pattern: ^arn:aws(-cn|-us-gov)?:iam::\d{12}:role\/.+$ + required: + - accessKeyID + - secretAccessKey iamRole: description: (Amazon EKS only) The ARN of an IAM role which can be impersonated to obtain AWS permissions. For more information about IAM roles for service accounts, please refer to the Amazon EKS User Guide at https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html type: string @@ -12140,6 +13546,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -12181,7 +13592,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -12204,6 +13615,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - arn - auth @@ -12471,6 +13891,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -12512,7 +13937,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -12535,6 +13960,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - eventHubID - auth @@ -12801,6 +14235,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -12842,7 +14281,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -12865,6 +14304,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - subscriptionID - resourceGroup @@ -12938,6 +14386,371 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition +metadata: + name: azureservicebustargets.targets.triggermesh.io + labels: + eventing.knative.dev/target: 'true' + duck.knative.dev/target: 'true' + knative.dev/crd-install: 'true' + triggermesh.io/crd-install: 'true' + annotations: + registry.triggermesh.io/acceptedEventTypes: | + [ + { "type": "*" } + ] + registry.knative.dev/eventTypes: | + [ + { "type": "io.triggermesh.azure.servicebus.put.response" } + ] +spec: + group: targets.triggermesh.io + scope: Namespaced + names: + kind: AzureServiceBusTarget + plural: azureservicebustargets + categories: + - all + - knative + - eventing + - targets + versions: + - name: v1alpha1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + description: TriggerMesh event target for Azure Service Bus. + type: object + properties: + spec: + description: Desired state of the event target. + type: object + properties: + topicID: + description: |- + The resource ID the Service Bus Topic to subscribe to. + + The expected format is + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceBus/namespaces/{namespaceName}/topics/{topicName} + type: string + pattern: ^\/subscriptions\/[a-z0-9-]+\/resourceGroups\/[\w.()-]+\/providers\/Microsoft.ServiceBus\/namespaces\/[A-Za-z0-9-]{6,50}\/topics\/[A-Za-z0-9][\w.~/-]{0,258}[A-Za-z0-9]$ + queueID: + description: |- + The resource ID the Service Bus Queue to subscribe to. + + The expected format is + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceBus/namespaces/{namespaceName}/queues/{queueName} + type: string + pattern: ^\/subscriptions\/[a-z0-9-]+\/resourceGroups\/[\w.()-]+\/providers\/Microsoft.ServiceBus\/namespaces\/[A-Za-z0-9-]{6,50}\/queues\/[A-Za-z0-9][\w.~/-]{0,258}[A-Za-z0-9]$ + eventOptions: + type: object + description: 'When should this target generate a response event for processing: always, on error, or never.' + properties: + payloadPolicy: + type: string + enum: [always, error, never] + discardCloudEventContext: + description: Whether to omit CloudEvent context attributes in objects created in Azure Service Bus. When this property is false (default), the entire CloudEvent payload is included. When this property is true, only the CloudEvent data is included. + type: boolean + auth: + description: Authentication method to interact with the Azure Service Bus REST API. + type: object + properties: + sasToken: + description: An Azure shared access signature (SAS) token. For more information about SAS tokens, please refer to the Azure Storage documentation at https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview. + type: object + properties: + keyName: + description: Name of the key used by the SAS token. Mutually exclusive with 'connectionString'. + type: object + properties: + value: + description: Literal name of the key. + type: string + valueFromSecret: + description: A reference to a Kubernetes Secret object containing the key's name. + type: object + properties: + name: + type: string + key: + type: string + required: + - name + - key + oneOf: + - required: [value] + - required: [valueFromSecret] + keyValue: + description: Value of the key used by the SAS token. Mutually exclusive with 'connectionString'. + type: object + properties: + value: + description: Literal value of the key. + type: string + valueFromSecret: + description: A reference to a Kubernetes Secret object containing the key's value. + type: object + properties: + name: + type: string + key: + type: string + required: + - name + - key + oneOf: + - required: [value] + - required: [valueFromSecret] + connectionString: + description: Connection string containing both the resource URI of the Service Bus instance, and the SAS token. Mutually exclusive with 'keyName' and 'keyValue'. + type: object + properties: + value: + description: Literal value of the connection string. + type: string + valueFromSecret: + description: A reference to a Kubernetes Secret object containing the connection string. + type: object + properties: + name: + type: string + key: + type: string + required: + - name + - key + oneOf: + - required: [value] + - required: [valueFromSecret] + oneOf: + - required: + - keyName + - keyValue + - required: + - connectionString + servicePrincipal: + description: Credentials of an Azure Service Principal. For more information about service principals, please refer to the Azure Active Directory documentation at https://docs.microsoft.com/en-us/azure/active-directory/develop/app-objects-and-service-principals. + type: object + properties: + tenantID: + description: ID of the Azure Active Directory tenant. + type: object + properties: + value: + description: Literal value of the tenant ID. + type: string + format: guid + pattern: ^[0-9A-Fa-f]{8}(?:-[0-9A-Fa-f]{4}){3}-[0-9A-Fa-f]{12}$ + valueFromSecret: + description: A reference to a Kubernetes Secret object containing the tenant ID. + type: object + properties: + name: + type: string + key: + type: string + required: + - name + - key + oneOf: + - required: [value] + - required: [valueFromSecret] + clientID: + description: ID of the registered client/application. + type: object + properties: + value: + description: Literal value of the client ID. + type: string + format: guid + pattern: ^[0-9A-Fa-f]{8}(?:-[0-9A-Fa-f]{4}){3}-[0-9A-Fa-f]{12}$ + valueFromSecret: + description: A reference to a Kubernetes Secret object containing the client ID. + type: object + properties: + name: + type: string + key: + type: string + required: + - name + - key + oneOf: + - required: [value] + - required: [valueFromSecret] + clientSecret: + description: Secret associated with the registered client/application. + type: object + properties: + value: + description: Literal value of the client secret. + type: string + format: password + valueFromSecret: + description: A reference to a Kubernetes Secret object containing the client secret. + type: object + properties: + name: + type: string + key: + type: string + required: + - name + - key + oneOf: + - required: [value] + - required: [valueFromSecret] + required: + - tenantID + - clientID + - clientSecret + oneOf: + - required: [sasToken] + - required: [servicePrincipal] + webSocketsEnable: + description: Boolean to indicate to use WebSockets. + type: boolean + adapterOverrides: + description: Kubernetes object parameters to apply on top of default adapter values. + type: object + properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string + labels: + description: Adapter labels. + type: object + additionalProperties: + type: string + env: + description: Adapter environment variables. + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + public: + description: Adapter visibility scope. + type: boolean + resources: + description: Compute Resources required by the adapter. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Limits describes the maximum amount of compute resources allowed. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + tolerations: + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: array + items: + type: object + properties: + key: + description: Taint key that the toleration applies to. + type: string + operator: + description: Key's relationship to the value. + type: string + enum: [Exists, Equal] + value: + description: Taint value the toleration matches to. + type: string + effect: + description: Taint effect to match. + type: string + enum: [NoSchedule, PreferNoSchedule, NoExecute] + tolerationSeconds: + description: Period of time a toleration of effect NoExecute tolerates the taint. + type: integer + format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true + oneOf: + - required: [topicID] + - required: [queueID] + required: + - auth + status: + description: Reported status of the event target. + type: object + properties: + observedGeneration: + type: integer + format: int64 + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + enum: ['True', 'False', Unknown] + severity: + type: string + enum: [Error, Warning, Info] + reason: + type: string + message: + type: string + lastTransitionTime: + type: string + format: date-time + required: + - type + - status + address: + type: object + properties: + url: + type: string + additionalPrinterColumns: + - name: URL + type: string + jsonPath: .status.address.url + - name: Ready + type: string + jsonPath: .status.conditions[?(@.type=='Ready')].status + - name: Reason + type: string + jsonPath: .status.conditions[?(@.type=='Ready')].reason + - name: Age + type: date + jsonPath: .metadata.creationTimestamp +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition metadata: name: cloudeventstargets.targets.triggermesh.io labels: @@ -13021,6 +14834,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -13062,7 +14880,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -13085,6 +14903,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - endpoint status: @@ -13210,6 +15037,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -13251,7 +15083,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -13274,6 +15106,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - apiKey status: @@ -13443,6 +15284,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -13484,7 +15330,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -13507,6 +15353,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - connection - indexName @@ -13647,6 +15502,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -13688,7 +15548,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -13711,6 +15571,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - credentialsJson - projectID @@ -13843,6 +15712,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -13881,7 +15755,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -13904,6 +15778,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - topic - credentialsJson @@ -14046,6 +15929,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -14087,7 +15975,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -14110,6 +15998,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - credentialsJson - bucketName @@ -14246,6 +16143,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -14287,7 +16189,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -14310,6 +16212,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - credentialsJson status: @@ -14449,6 +16360,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -14490,7 +16406,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -14513,6 +16429,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - id - googleServiceAccount @@ -14596,7 +16521,8 @@ metadata: { "type": "io.triggermesh.http.request", "schema": "https://raw.githubusercontent.com/triggermesh/triggermesh/main/schemas/io.triggermesh.http.request.json" - } + }, + { "type": "*" } ] registry.knative.dev/eventTypes: | [ @@ -14702,6 +16628,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -14743,7 +16674,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -14766,6 +16697,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - endpoint - method @@ -15011,6 +16951,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -15052,7 +16997,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -15075,6 +17020,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - connectionName - channelName @@ -15243,6 +17197,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -15284,7 +17243,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -15307,6 +17266,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - auth - url @@ -15589,6 +17557,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -15630,7 +17603,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -15653,6 +17626,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - bootstrapServers - topic @@ -15799,6 +17781,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -15840,7 +17827,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -15863,6 +17850,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - connection - instruments @@ -16002,6 +17998,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -16043,7 +18044,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -16066,6 +18067,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - shippingToken - logsListenerURL @@ -16226,6 +18236,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -16267,7 +18282,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -16290,6 +18305,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - connectionString - collection @@ -16439,6 +18463,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -16480,7 +18509,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -16503,6 +18532,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true oneOf: - required: [function] status: @@ -16648,6 +18686,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -16689,7 +18732,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -16712,6 +18755,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - auth status: @@ -16849,6 +18901,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -16890,7 +18947,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -16913,6 +18970,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - apiKey status: @@ -17049,6 +19115,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -17090,7 +19161,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -17113,6 +19184,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - token status: @@ -17325,6 +19405,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -17366,7 +19451,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -17389,6 +19474,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - url - queueName @@ -17516,6 +19610,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -17557,7 +19656,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -17580,6 +19679,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - endpoint - token @@ -17717,6 +19825,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -17758,7 +19871,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -17781,6 +19894,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - sid - token @@ -17923,6 +20045,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -17964,7 +20091,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -17987,6 +20114,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - subdomain - email @@ -18133,6 +20269,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -18174,7 +20315,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -18197,6 +20338,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true status: type: object properties: @@ -18342,6 +20492,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -18383,7 +20538,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -18406,6 +20561,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true status: type: object properties: @@ -18567,6 +20731,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -18608,7 +20777,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -18631,6 +20800,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true status: type: object properties: @@ -18767,6 +20945,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -18808,7 +20991,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -18831,6 +21014,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true status: description: Reported status of the transformer. type: object @@ -18984,6 +21176,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -19025,7 +21222,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -19048,6 +21245,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true required: - correlationKey - response @@ -19239,6 +21445,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -19280,7 +21491,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -19303,6 +21514,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true status: description: Reported status of Transformation. type: object @@ -19439,6 +21659,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -19480,7 +21705,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -19503,6 +21728,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true status: description: Reported status of the transformer. type: object @@ -19674,6 +21908,11 @@ spec: description: Kubernetes object parameters to apply on top of default adapter values. type: object properties: + annotations: + description: Adapter annotations. + type: object + additionalProperties: + type: string labels: description: Adapter labels. type: object @@ -19715,7 +21954,7 @@ spec: description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ type: array items: type: object @@ -19738,6 +21977,15 @@ spec: description: Period of time a toleration of effect NoExecute tolerates the taint. type: integer format: int64 + nodeSelector: + description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + additionalProperties: + type: string + affinity: + description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ + type: object + x-kubernetes-preserve-unknown-fields: true anyOf: - required: [xslt] - required: [allowPerEventXSLT] diff --git a/charts/triggermesh/triggermesh/templates/clusterroles.yaml b/charts/triggermesh/triggermesh/templates/clusterroles.yaml index 7e7500b6f..1a315ca71 100644 --- a/charts/triggermesh/triggermesh/templates/clusterroles.yaml +++ b/charts/triggermesh/triggermesh/templates/clusterroles.yaml @@ -137,6 +137,7 @@ rules: - azureiothubsources - azurequeuestoragesources - azureservicebusqueuesources + - azureservicebussources - azureservicebustopicsources - cloudeventssources - googlecloudauditlogssources @@ -147,6 +148,7 @@ rules: - httppollersources - ibmmqsources - kafkasources + - mongodbsources - ocimetricssources - salesforcesources - slacksources @@ -180,6 +182,7 @@ rules: - azureiothubsources/status - azurequeuestoragesources/status - azureservicebusqueuesources/status + - azureservicebussources/status - azureservicebustopicsources/status - cloudeventssources/status - googlecloudauditlogssources/status @@ -190,6 +193,7 @@ rules: - httppollersources/status - ibmmqsources/status - kafkasources/status + - mongodbsources/status - ocimetricssources/status - salesforcesources/status - slacksources/status @@ -212,6 +216,7 @@ rules: - awssqstargets - azureeventhubstargets - azuresentineltargets + - azureservicebustargets - cloudeventstargets - datadogtargets - elasticsearchtargets @@ -252,6 +257,7 @@ rules: - awssqstargets/status - azureeventhubstargets/status - azuresentineltargets/status + - azureservicebustargets/status - cloudeventstargets/status - datadogtargets/status - elasticsearchtargets/status @@ -353,6 +359,7 @@ rules: - azureiothubsources/finalizers - azurequeuestoragesources/finalizers - azureservicebusqueuesources/finalizers + - azureservicebussources/finalizers - azureservicebustopicsources/finalizers - cloudeventssources/finalizers - googlecloudauditlogssources/finalizers @@ -363,6 +370,7 @@ rules: - httppollersources/finalizers - ibmmqsources/finalizers - kafkasources/finalizers + - mongodbsources/finalizers - ocimetricssources/finalizers - salesforcesources/finalizers - slacksources/finalizers @@ -385,6 +393,7 @@ rules: - awssqstargets/finalizers - azureeventhubstargets/finalizers - azuresentineltargets/finalizers + - azureservicebustargets/finalizers - cloudeventstargets/finalizers - datadogtargets/finalizers - elasticsearchtargets/finalizers @@ -444,6 +453,7 @@ rules: - azureblobstoragesources - azureeventgridsources - azureservicebusqueuesources + - azureservicebussources - azureservicebustopicsources - googlecloudauditlogssources - googlecloudbillingsources @@ -774,6 +784,7 @@ rules: - azureiothubsources - azurequeuestoragesources - azureservicebusqueuesources + - azureservicebussources - azureservicebustopicsources - cloudeventssources - googlecloudauditlogssources @@ -784,6 +795,7 @@ rules: - httppollersources - ibmmqsources - kafkasources + - mongodbsources - ocimetricssources - salesforcesources - slacksources @@ -816,6 +828,7 @@ rules: - azureiothubsources/finalizers - azurequeuestoragesources/finalizers - azureservicebusqueuesources/finalizers + - azureservicebussources/finalizers - azureservicebustopicsources/finalizers - googlecloudauditlogssources/finalizers - googlecloudbillingsources/finalizers @@ -850,6 +863,7 @@ rules: - awssqstargets - azureeventhubstargets - azuresentineltargets + - azureservicebustargets - cloudeventstargets - datadogtargets - elasticsearchtargets diff --git a/charts/triggermesh/triggermesh/templates/deployment.yaml b/charts/triggermesh/triggermesh/templates/deployment.yaml index 7f0217970..038c2a860 100644 --- a/charts/triggermesh/triggermesh/templates/deployment.yaml +++ b/charts/triggermesh/triggermesh/templates/deployment.yaml @@ -95,6 +95,8 @@ spec: value: "{{ .Values.image.registry }}/ocimetricssource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}" - name: KAFKASOURCE_IMAGE value: "{{ .Values.image.registry }}/kafkasource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}" + - name: MONGODBSOURCE_IMAGE + value: "{{ .Values.image.registry }}/mongodbsource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}" - name: SALESFORCESOURCE_IMAGE value: "{{ .Values.image.registry }}/salesforcesource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}" - name: SLACKSOURCE_IMAGE @@ -128,6 +130,8 @@ spec: value: "{{ .Values.image.registry }}/azureeventhubstarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}" - name: AZURESENTINELTARGET_IMAGE value: "{{ .Values.image.registry }}/azuresentineltarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}" + - name: AZURESERVICEBUSTARGET_IMAGE + value: "{{ .Values.image.registry }}/azureservicebustarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}" - name: CLOUDEVENTSTARGET_IMAGE value: "{{ .Values.image.registry }}/cloudeventstarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}" - name: DATADOGTARGET_IMAGE diff --git a/charts/triggermesh/triggermesh/values.yaml b/charts/triggermesh/triggermesh/values.yaml index 404066032..d7b8e8c36 100644 --- a/charts/triggermesh/triggermesh/values.yaml +++ b/charts/triggermesh/triggermesh/values.yaml @@ -13,7 +13,7 @@ image: klr: image: - tag: "v1.24.2" + tag: "v1.24.3" imagePullSecrets: [] diff --git a/charts/yugabyte/yugabyte/Chart.yaml b/charts/yugabyte/yugabyte/Chart.yaml index d748642d3..08026f877 100644 --- a/charts/yugabyte/yugabyte/Chart.yaml +++ b/charts/yugabyte/yugabyte/Chart.yaml @@ -5,7 +5,7 @@ annotations: catalog.cattle.io/release-name: yugabyte charts.openshift.io/name: yugabyte apiVersion: v2 -appVersion: 2.16.4.0-b32 +appVersion: 2.18.0.0-b65 description: YugabyteDB is the high-performance distributed SQL database for building global, internet-scale apps. home: https://www.yugabyte.com @@ -19,4 +19,4 @@ maintainers: name: yugabyte sources: - https://github.com/yugabyte/yugabyte-db -version: 2.16.4 +version: 2.18.0 diff --git a/charts/yugabyte/yugabyte/app-readme.md b/charts/yugabyte/yugabyte/app-readme.md index 788912d18..d4923da07 100644 --- a/charts/yugabyte/yugabyte/app-readme.md +++ b/charts/yugabyte/yugabyte/app-readme.md @@ -1 +1 @@ -This chart bootstraps an RF3 YugabyteDB version 2.16.4.0-b32 cluster using the Helm Package Manager. +This chart bootstraps an RF3 YugabyteDB version 2.18.0.0-b65 cluster using the Helm Package Manager. diff --git a/charts/yugabyte/yugabyte/generate_kubeconfig.py b/charts/yugabyte/yugabyte/generate_kubeconfig.py index 3e2e1d5d7..f4c2d14ab 100644 --- a/charts/yugabyte/yugabyte/generate_kubeconfig.py +++ b/charts/yugabyte/yugabyte/generate_kubeconfig.py @@ -87,6 +87,27 @@ def get_secret_data(secret, namespace): return secret_data +def get_secrets_for_sa(sa_name, namespace): + """Returns a list of all service account token secrets associated + with the given sa_name in the namespace. + + """ + secrets = run_command( + [ + "get", + "secret", + "--field-selector", + "type=kubernetes.io/service-account-token", + "-o", + 'jsonpath="{.items[?(@.metadata.annotations.kubernetes\.io/service-account\.name == "' + + sa_name + + '")].metadata.name}"', + ], + as_json=False, + ) + return secrets.strip('"').split() + + parser = argparse.ArgumentParser(description="Generate KubeConfig with Token") parser.add_argument("-s", "--service_account", help="Service Account name", required=True) parser.add_argument("-n", "--namespace", help="Kubernetes namespace", default="kube-system") @@ -120,23 +141,34 @@ tmpdir = tempfile.TemporaryDirectory() # Get the token and ca.crt from service account secret. sa_secrets = list() -# Kubernetes 1.22 onwards doesn't create a token secret, so we create -# it ourselves. -if "secrets" not in service_account_info: - token_secret = create_sa_token_secret(tmpdir.name, args["service_account"], args["namespace"]) - sa_secrets.append(token_secret) -else: - # some ServiceAccounts have multiple secrets, and not all them have a - # ca.crt and a token. + +# Get secrets specified in the service account, there can be multiple +# of them, and not all are service account token secrets. +if "secrets" in service_account_info: sa_secrets = [secret["name"] for secret in service_account_info["secrets"]] +# Find the existing additional service account token secrets +sa_secrets.extend(get_secrets_for_sa(args["service_account"], args["namespace"])) + secret_data = None for secret in sa_secrets: secret_data = get_secret_data(secret, args["namespace"]) if secret_data is not None: break + +# Kubernetes 1.22+ doesn't create the service account token secret by +# default, we have to create one. if secret_data is None: - exit("No usable secret found for '{}'.".format(args["service_account"])) + print("No usable secret found for '{}', creating one.".format(args["service_account"])) + token_secret = create_sa_token_secret(tmpdir.name, args["service_account"], args["namespace"]) + secret_data = get_secret_data(token_secret, args["namespace"]) + if secret_data is None: + exit( + "Failed to generate kubeconfig: No usable credentials found for '{}'.".format( + args["service_account"] + ) + ) + context_name = "{}-{}".format(args["service_account"], cluster_name) kube_config = args["output_file"] diff --git a/charts/yugabyte/yugabyte/templates/_helpers.tpl b/charts/yugabyte/yugabyte/templates/_helpers.tpl index 1d506a432..92b5ca2c6 100644 --- a/charts/yugabyte/yugabyte/templates/_helpers.tpl +++ b/charts/yugabyte/yugabyte/templates/_helpers.tpl @@ -56,6 +56,89 @@ release: {{ .root.Release.Name | quote }} {{- end }} {{- end }} +{{/* +Create secrets in DBNamespace from other namespaces by iterating over envSecrets. +*/}} +{{- define "yugabyte.envsecrets" -}} +{{- range $v := .secretenv }} +{{- if $v.valueFrom.secretKeyRef.namespace }} +{{- $secretObj := (lookup +"v1" +"Secret" +$v.valueFrom.secretKeyRef.namespace +$v.valueFrom.secretKeyRef.name) +| default dict }} +{{- $secretData := (get $secretObj "data") | default dict }} +{{- $secretValue := (get $secretData $v.valueFrom.secretKeyRef.key) | default "" }} +{{- if (and (not $secretValue) (not $v.valueFrom.secretKeyRef.optional)) }} +{{- required (printf "Secret or key missing for %s/%s in namespace: %s" +$v.valueFrom.secretKeyRef.name +$v.valueFrom.secretKeyRef.key +$v.valueFrom.secretKeyRef.namespace) +nil }} +{{- end }} +{{- if $secretValue }} +apiVersion: v1 +kind: Secret +metadata: + {{- $secretfullname := printf "%s-%s-%s-%s" + $.root.Release.Name + $v.valueFrom.secretKeyRef.namespace + $v.valueFrom.secretKeyRef.name + $v.valueFrom.secretKeyRef.key + }} + name: {{ printf "%s-%s-%s-%s-%s-%s" + $.root.Release.Name + ($v.valueFrom.secretKeyRef.namespace | substr 0 5) + ($v.valueFrom.secretKeyRef.name | substr 0 5) + ( $v.valueFrom.secretKeyRef.key | substr 0 5) + (sha256sum $secretfullname | substr 0 4) + ($.suffix) + | lower | replace "." "" | replace "_" "" + }} + namespace: "{{ $.root.Release.Namespace }}" + labels: + {{- include "yugabyte.labels" $.root | indent 4 }} +type: Opaque # should it be an Opaque secret? +data: + {{ $v.valueFrom.secretKeyRef.key }}: {{ $secretValue | quote }} +{{- end }} +{{- end }} +--- +{{- end }} +{{- end }} + +{{/* +Add env secrets to DB statefulset. +*/}} +{{- define "yugabyte.addenvsecrets" -}} +{{- range $v := .secretenv }} +- name: {{ $v.name }} + valueFrom: + secretKeyRef: + {{- if $v.valueFrom.secretKeyRef.namespace }} + {{- $secretfullname := printf "%s-%s-%s-%s" + $.root.Release.Name + $v.valueFrom.secretKeyRef.namespace + $v.valueFrom.secretKeyRef.name + $v.valueFrom.secretKeyRef.key + }} + name: {{ printf "%s-%s-%s-%s-%s-%s" + $.root.Release.Name + ($v.valueFrom.secretKeyRef.namespace | substr 0 5) + ($v.valueFrom.secretKeyRef.name | substr 0 5) + ($v.valueFrom.secretKeyRef.key | substr 0 5) + (sha256sum $secretfullname | substr 0 4) + ($.suffix) + | lower | replace "." "" | replace "_" "" + }} + {{- else }} + name: {{ $v.valueFrom.secretKeyRef.name }} + {{- end }} + key: {{ $v.valueFrom.secretKeyRef.key }} + optional: {{ $v.valueFrom.secretKeyRef.optional | default "false" }} +{{- end }} +{{- end }} {{/* Create Volume name. */}} @@ -84,18 +167,21 @@ Generate a preflight check script invocation. */}} {{- define "yugabyte.preflight_check" -}} {{- if not .Values.preflight.skipAll -}} +{{- $port := .Preflight.Port -}} +{{- range $addr := split "," .Preflight.Addr -}} if [ -f /home/yugabyte/tools/k8s_preflight.py ]; then PYTHONUNBUFFERED="true" /home/yugabyte/tools/k8s_preflight.py \ dnscheck \ - --addr="{{ .Preflight.Addr }}" \ -{{- if not .Values.preflight.skipBind }} - --port="{{ .Preflight.Port }}" + --addr="{{ $addr }}" \ +{{- if not $.Values.preflight.skipBind }} + --port="{{ $port }}" {{- else }} --skip_bind {{- end }} fi && \ -{{- end -}} -{{- end -}} +{{ end }} +{{- end }} +{{- end }} {{/* Get YugaByte fs data directories. @@ -150,11 +236,19 @@ Generate server RPC bind address. In case of multi-cluster services (MCS), we set it to $(POD_IP) to ensure YCQL uses a resolvable address. See https://github.com/yugabyte/yugabyte-db/issues/16155 + +We use a workaround for above in case of Istio by setting it to +$(POD_IP) and localhost. Master doesn't support that combination, so +we stick to 0.0.0.0, which works for master. */}} {{- define "yugabyte.rpc_bind_address" -}} {{- $port := index .Service.ports "tcp-rpc-port" -}} {{- if .Values.istioCompatibility.enabled -}} - 0.0.0.0:{{ $port }} + {{- if (eq .Service.name "yb-masters") -}} + 0.0.0.0:{{ $port }} + {{- else -}} + $(POD_IP):{{ $port }},127.0.0.1:{{ $port }} + {{- end -}} {{- else if .Values.multicluster.createServiceExports -}} $(POD_IP):{{ $port }} {{- else -}} diff --git a/charts/yugabyte/yugabyte/templates/certificates.yaml b/charts/yugabyte/yugabyte/templates/certificates.yaml index 5c7814de4..07fc2e5f5 100644 --- a/charts/yugabyte/yugabyte/templates/certificates.yaml +++ b/charts/yugabyte/yugabyte/templates/certificates.yaml @@ -107,6 +107,7 @@ spec: {{- $node := $root.Values.oldNamingStyle | ternary $nodeOldStyle $nodeNewStyle }} - {{$node}} {{- end }} + - {{ printf "%s-%s.%s.svc.%s" (include "yugabyte.fullname" $root) $service.name $root.Release.Namespace $root.Values.domainName }} uris: [] ipAddresses: [] --- diff --git a/charts/yugabyte/yugabyte/templates/debug_config_map.yaml b/charts/yugabyte/yugabyte/templates/debug_config_map.yaml new file mode 100644 index 000000000..a15c4fc9a --- /dev/null +++ b/charts/yugabyte/yugabyte/templates/debug_config_map.yaml @@ -0,0 +1,23 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "yugabyte.fullname" . }}-master-hooks + namespace: "{{ .Release.Namespace }}" +data: +{{- range $index := until ( int ( .Values.replicas.master ) ) }} + yb-master-{{.}}-pre_debug_hook.sh: "echo 'hello-from-pre' " + yb-master-{{.}}-post_debug_hook.sh: "echo 'hello-from-post' " +{{- end }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "yugabyte.fullname" . }}-tserver-hooks + namespace: "{{ .Release.Namespace }}" +data: +{{- range $index := until ( int ( .Values.replicas.tserver) ) }} + yb-tserver-{{.}}-pre_debug_hook.sh: "echo 'hello-from-pre' " + yb-tserver-{{.}}-post_debug_hook.sh: "echo 'hello-from-post' " +{{- end }} +--- diff --git a/charts/yugabyte/yugabyte/templates/secrets.yaml b/charts/yugabyte/yugabyte/templates/secrets.yaml new file mode 100644 index 000000000..0bd903457 --- /dev/null +++ b/charts/yugabyte/yugabyte/templates/secrets.yaml @@ -0,0 +1,7 @@ +{{- $root := . -}} +--- # Create secrets from other namespaces for masters. +{{- $data := dict "secretenv" $.Values.master.secretEnv "root" . "suffix" "master"}} +{{- include "yugabyte.envsecrets" $data }} +--- # Create secrets from other namespaces for tservers. +{{- $data := dict "secretenv" $.Values.tserver.secretEnv "root" . "suffix" "tserver" }} +{{- include "yugabyte.envsecrets" $data }} \ No newline at end of file diff --git a/charts/yugabyte/yugabyte/templates/service.yaml b/charts/yugabyte/yugabyte/templates/service.yaml index 8983707f6..f70a19baf 100644 --- a/charts/yugabyte/yugabyte/templates/service.yaml +++ b/charts/yugabyte/yugabyte/templates/service.yaml @@ -24,7 +24,7 @@ data: {{- end }} --- {{- end }} - +--- {{- range .Values.Services }} {{- $service := . -}} {{- $appLabelArgs := dict "label" .label "root" $root -}} @@ -59,16 +59,16 @@ data: {{- $node := $root.Values.oldNamingStyle | ternary $nodeOldStyle $nodeNewStyle }} {{- if $root.Values.tls.rootCA.key }} -{{- $dns1 := printf "*.*.%s" $root.Release.Namespace }} +{{- $dns1 := printf "*.%s-%s.%s" (include "yugabyte.fullname" $root) $service.name $root.Release.Namespace }} {{- $dns2 := printf "%s.svc.%s" $dns1 $root.Values.domainName }} {{- if $root.Values.multicluster.createServiceExports -}} - {{- $dns1 = printf "*.*.*.%s.svc.clusterset.local" $root.Release.Namespace }} + {{- $dns1 = printf "*.%s.%s-%s.%s.svc.clusterset.local" $root.Values.multicluster.kubernetesClusterId (include "yugabyte.fullname" $root) $service.name $root.Release.Namespace }} {{- end -}} {{- if (and $root.Values.istioCompatibility.enabled $root.Values.multicluster.createServicePerPod) -}} {{- $dns1 = printf "*.%s.svc.%s" $root.Release.Namespace $root.Values.domainName }} {{- end -}} {{- $rootCA := buildCustomCert $root.Values.tls.rootCA.cert $root.Values.tls.rootCA.key -}} -{{- $server := genSignedCert $node ( default nil ) (list $dns1 $dns2 ) 3650 $rootCA }} +{{- $server := genSignedCert $node ( default nil ) (list $node $dns1 $dns2 ) 3650 $rootCA }} node.{{$node}}.crt: {{ $server.Cert | b64enc }} node.{{$node}}.key: {{ $server.Key | b64enc }} {{- else }} @@ -98,7 +98,7 @@ spec: selector: {{- include "yugabyte.appselector" ($appLabelArgs) | indent 4 }} -{{ if $root.Values.enableLoadBalancer }} +{{- if $root.Values.enableLoadBalancer }} {{- range $endpoint := $root.Values.serviceEndpoints }} {{- if eq $service.label $endpoint.app }} --- @@ -134,7 +134,7 @@ spec: {{- end }} {{- end}} {{- end}} -{{ end }} +{{- end}} --- apiVersion: apps/v1 @@ -337,18 +337,20 @@ spec: - name: YBDEVOPS_CORECOPY_DIR value: "/mnt/disk0/cores" {{- if eq .name "yb-masters" }} - {{- with $root.Values.master.extraEnv }}{{ toYaml . | nindent 8 }}{{ end }} - {{- with $root.Values.master.secretEnv }}{{ toYaml . | nindent 8 }}{{ end }} + {{- with $root.Values.master.extraEnv }}{{ toYaml . | nindent 8 }}{{- end }} + {{- $data := dict "secretenv" $root.Values.master.secretEnv "root" $root "suffix" "master"}} + {{- include "yugabyte.addenvsecrets" $data | nindent 8 }} {{- else }} - {{- with $root.Values.tserver.extraEnv }}{{ toYaml . | nindent 8 }}{{ end }} - {{- with $root.Values.tserver.secretEnv }}{{ toYaml . | nindent 8 }}{{ end }} + {{- with $root.Values.tserver.extraEnv }}{{ toYaml . | nindent 8 }}{{- end }} + {{- $data := dict "secretenv" $root.Values.tserver.secretEnv "root" $root "suffix" "tserver" }} + {{- include "yugabyte.addenvsecrets" $data | nindent 8 }} {{- end }} {{- if and $root.Values.tls.enabled $root.Values.tls.clientToServer (ne .name "yb-masters") }} - name: SSL_CERTFILE value: /root/.yugabytedb/root.crt {{- end }} resources: - {{ if eq .name "yb-masters" }} + {{- if eq .name "yb-masters" }} {{ toYaml $root.Values.resource.master | indent 10 }} {{ else }} {{ toYaml $root.Values.resource.tserver | indent 10 }} @@ -522,6 +524,12 @@ spec: name: {{ $label | quote }} {{- end}} volumeMounts: + {{- if (eq .name "yb-tservers") }} + - name: tserver-tmp + mountPath: /tmp + {{- end }} + - name: debug-hooks-volume + mountPath: /opt/debug_hooks_config {{ if not $root.Values.storage.ephemeral }} {{- range $index := until (int ($storageInfo.count)) }} - name: {{ $root.Values.oldNamingStyle | ternary (printf "datadir%d" $index) (printf "%s%d" (include "yugabyte.volume_name" $root) $index) }} @@ -571,7 +579,73 @@ spec: subPath: cores {{- end }} + {{- if and (eq .name "yb-tservers") ($root.Values.ybc.enabled) }} + - name: yb-controller + image: "{{ $root.Values.Image.repository }}:{{ $root.Values.Image.tag }}" + imagePullPolicy: {{ $root.Values.Image.pullPolicy }} + lifecycle: + postStart: + exec: + command: + - "bash" + - "-c" + - > + mkdir -p /mnt/disk0/yw-data/controller/tmp; + mkdir -p /mnt/disk0/yw-data/controller/conf; + mkdir -p /mnt/disk0/ybc-data/controller/logs; + mkdir -p /tmp/yugabyte/controller; + ln -sf /mnt/disk0/ybc-data/controller/logs /tmp/yugabyte/controller; + ln -sf /mnt/disk0/yw-data/controller/bin /tmp/yugabyte/controller; + rm -f /tmp/yugabyte/controller/yb-controller.pid; + {{- if and $root.Values.tls.enabled $root.Values.tls.certManager.enabled }} + mkdir -p /opt/certs; + ln -sf /mnt/disk0/certs /opt/certs/yugabyte; + {{- end }} + command: + - "/sbin/tini" + - "--" + args: + - "/bin/bash" + - "-c" + - > + while true; do + sleep 60; + /home/yugabyte/tools/k8s_ybc_parent.py status || /home/yugabyte/tools/k8s_ybc_parent.py start; + done + volumeMounts: + - name: tserver-tmp + mountPath: /tmp + {{- if not $root.Values.storage.ephemeral }} + {{- range $index := until (int ($storageInfo.count)) }} + - name: {{ $root.Values.oldNamingStyle | ternary (printf "datadir%d" $index) (printf "%s%d" (include "yugabyte.volume_name" $root) $index) }} + mountPath: /mnt/disk{{ $index }} + {{- end }} + {{- end }} + {{- if $root.Values.tls.enabled }} + - name: {{ $root.Values.oldNamingStyle | ternary (printf "%s-yugabyte-tls-cert" .label) (printf "%s-%s-tls-cert" (include "yugabyte.fullname" $root) .label) }} + mountPath: {{ $root.Values.tls.certManager.enabled | ternary "/home/yugabyte/cert-manager" "/opt/certs/yugabyte" }} + readOnly: true + {{- end }} + {{- if ($root.Values.tserver.extraVolumeMounts) -}} + {{- include "yugabyte.isExtraVolumesMappingExists" $root.Values.tserver -}} + {{- $root.Values.tserver.extraVolumeMounts | toYaml | nindent 10 -}} + {{- end -}} + {{- end}} + volumes: + {{- if (eq .name "yb-masters") }} + - name: debug-hooks-volume + configMap: + name: {{ include "yugabyte.fullname" $root }}-master-hooks + defaultMode: 0755 + {{- else if (eq .name "yb-tservers") }} + - name: debug-hooks-volume + configMap: + name: {{ include "yugabyte.fullname" $root }}-tserver-hooks + defaultMode: 0755 + - name: tserver-tmp + emptyDir: {} + {{- end }} {{ if not $root.Values.storage.ephemeral }} {{- range $index := until (int ($storageInfo.count)) }} - name: {{ $root.Values.oldNamingStyle | ternary (printf "datadir%d" $index) (printf "%s%d" (include "yugabyte.volume_name" $root) $index) }} diff --git a/charts/yugabyte/yugabyte/values.yaml b/charts/yugabyte/yugabyte/values.yaml index ba5d42082..fc1d5d86f 100644 --- a/charts/yugabyte/yugabyte/values.yaml +++ b/charts/yugabyte/yugabyte/values.yaml @@ -8,7 +8,7 @@ nameOverride: "" Image: repository: "yugabytedb/yugabyte" - tag: 2.16.4.0-b32 + tag: 2.18.0.0-b65 pullPolicy: IfNotPresent pullSecretName: "" @@ -82,10 +82,10 @@ tls: # It is necessary to provide some external means of restarting the pods. duration: 2160h # 90d renewBefore: 360h # 15d - algorithm: ECDSA # ECDSA or RSA - # Can be 2046, 4096 or 8192 for RSA + algorithm: RSA # ECDSA or RSA + # Can be 2048, 4096 or 8192 for RSA # Or 256, 384 or 521 for ECDSA - keySize: 521 + keySize: 2048 ## When certManager.enabled=false, rootCA.cert and rootCA.key are used to generate TLS certs. ## When certManager.enabled=true and boostrapSelfsigned=true, rootCA is ignored. @@ -116,6 +116,9 @@ PodManagementPolicy: Parallel enableLoadBalancer: true +ybc: + enabled: false + domainName: "cluster.local" serviceEndpoints: @@ -375,13 +378,16 @@ tserver: # fieldPath: status.hostIP extraEnv: [] - # secretEnv variables are used to expose secrets data as env variables in the tserver pods. - # TODO Add namespace also to support copying secrets from other namespace. + ## secretEnv variables are used to expose secrets data as env variables in the tserver pods. + ## If namespace field is not specified we assume that user already + ## created the secret in the same namespace as DB pods. + ## Example # secretEnv: # - name: MYSQL_LDAP_PASSWORD # valueFrom: # secretKeyRef: # name: secretName + # namespace: my-other-namespace-with-ldap-secret # key: password secretEnv: [] diff --git a/charts/yugabyte/yugaware/Chart.yaml b/charts/yugabyte/yugaware/Chart.yaml index 365c97eca..0e406a616 100644 --- a/charts/yugabyte/yugaware/Chart.yaml +++ b/charts/yugabyte/yugaware/Chart.yaml @@ -5,7 +5,7 @@ annotations: catalog.cattle.io/release-name: yugaware charts.openshift.io/name: yugaware apiVersion: v2 -appVersion: 2.16.4.0-b32 +appVersion: 2.18.0.0-b65 description: YugabyteDB Anywhere provides deployment, orchestration, and monitoring for managing YugabyteDB clusters. YugabyteDB Anywhere can create a YugabyteDB cluster with multiple pods provided by Kubernetes or OpenShift and logically grouped together @@ -19,4 +19,4 @@ maintainers: - email: gjalla@yugabyte.com name: Govardhan Reddy Jalla name: yugaware -version: 2.16.4 +version: 2.18.0 diff --git a/charts/yugabyte/yugaware/openshift.values.yaml b/charts/yugabyte/yugaware/openshift.values.yaml index 22ae952b0..f156a5535 100644 --- a/charts/yugabyte/yugaware/openshift.values.yaml +++ b/charts/yugabyte/yugaware/openshift.values.yaml @@ -23,4 +23,7 @@ rbac: create: false ocpCompatibility: - enabled: true \ No newline at end of file + enabled: true + +securityContext: + enabled: false diff --git a/charts/yugabyte/yugaware/templates/_default_values.tpl b/charts/yugabyte/yugaware/templates/_default_values.tpl new file mode 100644 index 000000000..95ccbdb47 --- /dev/null +++ b/charts/yugabyte/yugaware/templates/_default_values.tpl @@ -0,0 +1,18 @@ +{{/* + The usage of helm upgrade [RELEASE] [CHART] --reuse-values --set [variable]:[value] throws an + error in the event that new entries are inserted to the values chart. + + This is because reuse-values flag uses the values from the last release. If --set (/--set-file/ + --set-string/--values/-f) is applied with the reuse-values flag, the values from the last + release are overridden for those variables alone, and newer changes to the chart are + unacknowledged. + + https://medium.com/@kcatstack/understand-helm-upgrade-flags-reset-values-reuse-values-6e58ac8f127e + + To prevent errors while applying upgrade with --reuse-values and --set flags after introducing + new variables, default values can be specified in this file. +*/}} + +{{- define "get_nginx_proxyReadTimeoutSec" -}} + {{ .Values.nginx.proxyReadTimeoutSec | default 600 }} +{{- end -}} diff --git a/charts/yugabyte/yugaware/templates/_helpers.tpl b/charts/yugabyte/yugaware/templates/_helpers.tpl index ffe8e65cf..f0025a2b7 100644 --- a/charts/yugabyte/yugaware/templates/_helpers.tpl +++ b/charts/yugabyte/yugaware/templates/_helpers.tpl @@ -134,3 +134,62 @@ Make list of allowed CORS origins {{- end -}} ] {{- end -}} + +{{/* +Get or generate server cert and key +*/}} +{{- define "getOrCreateServerCert" -}} +{{- $root := .Root -}} +{{- if and $root.Values.tls.certificate $root.Values.tls.key -}} +server.key: {{ $root.Values.tls.key }} +server.crt: {{ $root.Values.tls.certificate }} +{{- else -}} + {{- $result := (lookup "v1" "Secret" .Namespace .Name).data -}} + {{- if $result -}} +server.key: {{ index $result "server.key" }} +server.crt: {{ index $result "server.crt" }} + {{- else -}} + {{- $cert := genSelfSignedCert $root.Values.tls.hostname nil nil 3560 -}} +server.key: {{ $cert.Key | b64enc }} +server.crt: {{ $cert.Cert | b64enc }} + {{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Get or generate server key cert in pem format +*/}} +{{- define "getOrCreateServerPem" -}} +{{- $root := .Root -}} +{{- if and $root.Values.tls.certificate $root.Values.tls.key -}} +{{- $decodedKey := $root.Values.tls.key | b64dec -}} +{{- $decodedCert := $root.Values.tls.certificate | b64dec -}} +{{- $serverPemContentTemp := ( printf "%s\n%s" $decodedKey $decodedCert ) -}} +{{- $serverPemContent := $serverPemContentTemp | b64enc -}} +server.pem: {{ $serverPemContent }} +{{- else -}} + {{- $result := (lookup "v1" "Secret" .Namespace .Name).data -}} + {{- if $result -}} +{{- $serverPemContent := ( index $result "server.pem" ) -}} +server.pem: {{ $serverPemContent }} + {{- else -}} + {{- $cert := genSelfSignedCert $root.Values.tls.hostname nil nil 3560 -}} +{{- $serverPemContentTemp := ( printf "%s\n%s" $cert.Key $cert.Cert ) -}} +{{- $serverPemContent := $serverPemContentTemp | b64enc -}} +server.pem: {{ $serverPemContent }} + {{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Check export of nss_wrapper environment variables required +*/}} +{{- define "checkNssWrapperExportRequired" -}} + {{- if .Values.securityContext.enabled -}} + {{- if and (ne (int .Values.securityContext.runAsUser) 0) (ne (int .Values.securityContext.runAsUser) 10001) -}} + {{- printf "true" -}} + {{- end -}} + {{- else -}} + {{- printf "false" -}} + {{- end -}} +{{- end -}} diff --git a/charts/yugabyte/yugaware/templates/certificates.yaml b/charts/yugabyte/yugaware/templates/certificates.yaml new file mode 100644 index 000000000..ff4b7021a --- /dev/null +++ b/charts/yugabyte/yugaware/templates/certificates.yaml @@ -0,0 +1,99 @@ +# Copyright (c) YugaByte, Inc. + +{{- $root := . }} +{{- $tls := $root.Values.tls }} +{{- if and $tls.enabled $tls.certManager.enabled }} +{{- if $tls.certManager.genSelfsigned }} +{{- if $tls.certManager.useClusterIssuer }} +--- +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: {{ $root.Release.Name }}-yugaware-cluster-issuer +spec: + selfSigned: {} +{{- else }} # useClusterIssuer=false +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: {{ $root.Release.Name }}-yugaware-issuer + namespace: {{ $root.Release.Namespace }} +spec: + selfSigned: {} +--- +{{- end }} # useClusterIssuer +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ $root.Release.Name }}-yugaware-ui-root-ca + namespace: {{ $root.Release.Namespace }} +spec: + isCA: true + commonName: Yugaware self signed CA + secretName: {{ .Release.Name }}-yugaware-root-ca + secretTemplate: + labels: + app: "{{ template "yugaware.name" . }}" + chart: "{{ template "yugaware.chart" . }}" + release: {{ .Release.Name | quote }} + heritage: {{ .Release.Service | quote }} + duration: {{ $tls.certManager.configuration.duration | quote }} + renewBefore: {{ $tls.certManager.configuration.renewBefore | quote }} + privateKey: + algorithm: {{ $tls.certManager.configuration.algorithm | quote }} + encoding: PKCS8 + size: {{ $tls.certManager.configuration.keySize }} + rotationPolicy: Always + issuerRef: + {{- if $tls.certManager.useClusterIssuer }} + name: {{ $root.Release.Name }}-yugaware-cluster-issuer + kind: ClusterIssuer + {{- else }} + name: {{ $root.Release.Name }}-yugaware-issuer + kind: Issuer + {{- end }} +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: {{ $root.Release.Name }}-yugaware-ca-issuer + namespace: {{ $root.Release.Namespace }} +spec: + ca: + secretName: {{ .Release.Name }}-yugaware-root-ca +--- +{{- end }} # genSelfsigned +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ $root.Release.Name }}-yugaware-ui-tls + namespace: {{ $root.Release.Namespace }} +spec: + isCA: false + commonName: {{ $tls.hostname }} + secretName: {{ .Release.Name }}-yugaware-tls-cert + secretTemplate: + labels: + app: "{{ template "yugaware.name" . }}" + chart: "{{ template "yugaware.chart" . }}" + release: {{ .Release.Name | quote }} + heritage: {{ .Release.Service | quote }} + duration: {{ $tls.certManager.configuration.duration | quote }} + renewBefore: {{ $tls.certManager.configuration.renewBefore | quote }} + privateKey: + algorithm: {{ $tls.certManager.configuration.algorithm | quote }} + encoding: PKCS8 + size: {{ $tls.certManager.configuration.keySize }} + rotationPolicy: Always + issuerRef: + name: {{ $tls.certManager.genSelfsigned | ternary (printf "%s%s" $root.Release.Name "-yugaware-ca-issuer") ($tls.certManager.useClusterIssuer | ternary $tls.certManager.clusterIssuer $tls.certManager.issuer) }} + {{- if $tls.certManager.useClusterIssuer }} + kind: ClusterIssuer + {{- else }} + kind: Issuer + {{- end }} +--- +{{- end }} diff --git a/charts/yugabyte/yugaware/templates/configs.yaml b/charts/yugabyte/yugaware/templates/configs.yaml index f66e8d5d3..05229f569 100644 --- a/charts/yugabyte/yugaware/templates/configs.yaml +++ b/charts/yugabyte/yugaware/templates/configs.yaml @@ -31,28 +31,40 @@ data: log.override.path = "/opt/yugabyte/yugaware/data/logs" db { + default.dbname=${POSTGRES_DB} {{ if .Values.postgres.external.host }} default.host="{{ .Values.postgres.external.host }}" default.port={{ .Values.postgres.external.port }} - default.url="jdbc:postgresql://"${db.default.host}":"${db.default.port}"/"${POSTGRES_DB}${db.default.params} {{ else if eq .Values.ip_version_support "v6_only" }} - default.host="::1" - default.url="jdbc:postgresql://[::1]:"${db.default.port}"/"${POSTGRES_DB}${db.default.params} + default.host="[::1]" {{ else }} default.host="127.0.0.1" - default.url="jdbc:postgresql://127.0.0.1:"${db.default.port}"/"${POSTGRES_DB}${db.default.params} {{ end }} + default.url="jdbc:postgresql://"${db.default.host}":"${db.default.port}"/"${db.default.dbname}${db.default.params} default.params="{{ .Values.jdbcParams }}" - default.driver=org.postgresql.Driver default.username=${POSTGRES_USER} default.password=${POSTGRES_PASSWORD} - default.logStatements=true - default.migration.initOnMigrate=true - default.migration.auto=true + {{ if .Values.yugaware.cloud.enabled }} + perf_advisor.driver="org.hsqldb.jdbc.JDBCDriver" + perf_advisor.url="jdbc:hsqldb:mem:perf-advisor" + perf_advisor.createDatabaseIfMissing=false + perf_advisor.username="sa" + perf_advisor.password="sa" + perf_advisor.migration.auto=false + perf_advisor.migration.disabled=true + {{ else }} + perf_advisor.url="jdbc:postgresql://"${db.default.host}":"${db.default.port}"/"${db.perf_advisor.dbname}${db.default.params} + perf_advisor.createDatabaseUrl="jdbc:postgresql://"${db.default.host}":"${db.default.port}"/"${db.default.dbname}${db.default.params} + {{ end }} } - ebean { - default = ["com.yugabyte.yw.models.*"] + + {{- if and (not .Values.useNginxProxy) (.Values.tls.enabled) }} + https.port = 9443 + play.server.https.keyStore { + path = /opt/certs/server.pem + type = PEM } + {{- end }} yb { {{- if .Values.yugaware.universe_boot_script }} @@ -128,7 +140,8 @@ data: {{- range $key, $value := .Values.additionalAppConf.nonStringConf }} {{ $key }} = {{ $value }} {{- end }} -{{- if .Values.tls.enabled }} +{{- if and .Values.tls.enabled (not .Values.tls.certManager.enabled) }} +{{- if .Values.useNginxProxy }} --- apiVersion: v1 kind: Secret @@ -141,10 +154,27 @@ metadata: heritage: {{ .Release.Service | quote }} type: Opaque data: - server.crt: {{ .Values.tls.certificate }} - server.key: {{ .Values.tls.key }} +{{- include "getOrCreateServerCert" (dict "Namespace" .Release.Namespace "Root" . "Name" (printf "%s%s" .Release.Name "-yugaware-tls-cert")) | nindent 2 }} {{- end }} +{{ if not .Values.useNginxProxy }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name }}-yugaware-tls-pem + labels: + app: "{{ template "yugaware.name" . }}" + chart: "{{ template "yugaware.chart" . }}" + release: {{ .Release.Name | quote }} + heritage: {{ .Release.Service | quote }} +type: Opaque +data: +{{- include "getOrCreateServerPem" (dict "Namespace" .Release.Namespace "Root" . "Name" (printf "%s%s" .Release.Name "-yugaware-tls-pem")) | nindent 2 }} +{{ end }} +{{- end }} + +{{- if .Values.useNginxProxy }} --- apiVersion: v1 kind: ConfigMap @@ -163,7 +193,7 @@ data: listen {{ eq .Values.ip_version_support "v6_only" | ternary "[::]:8080" "8080" }}; server_name {{ .Values.tls.hostname }}; return 301 https://$host$request_uri; - } + } {{- end }} server { @@ -200,6 +230,7 @@ data: client_max_body_size {{ .Values.nginx.upload_size }}; } } +{{ end }} --- apiVersion: v1 kind: ConfigMap @@ -226,6 +257,25 @@ data: docker-upgrade pg_upgrade | tee -a /pg_upgrade_logs/pg_upgrade_11_to_14.log; echo "host all all all scram-sha-256" >> "${PGDATANEW}/pg_hba.conf"; fi +{{- if .Values.securityContext.enabled }} +--- +apiVersion: "v1" +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-yugaware-pg-prerun + labels: + app: {{ template "yugaware.name" . }} + chart: {{ template "yugaware.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Values.helm2Legacy | ternary "Tiller" (.Release.Service | quote) }} +data: + pg-prerun.sh: | + #!/bin/bash + set -x -o errexit + + mkdir -p $PGDATA && chown -R $PG_UID:$PG_GID $PGDATA; +{{- end }} +{{- if .Values.useNginxProxy }} --- apiVersion: v1 kind: ConfigMap @@ -254,7 +304,7 @@ data: uwsgi_temp_path /tmp/uwsgi_temp; scgi_temp_path /tmp/scgi_temp; - proxy_read_timeout {{ .Values.nginx.proxyReadTimeoutSec }}; + proxy_read_timeout {{ template "get_nginx_proxyReadTimeoutSec" . }}; include /etc/nginx/mime.types; default_type application/octet-stream; @@ -274,6 +324,7 @@ data: include /etc/nginx/conf.d/*.conf; } +{{- end }} {{- if .Values.prometheus.remoteWrite.tls.enabled }} --- apiVersion: v1 @@ -343,7 +394,11 @@ data: - 'container_cpu_usage_seconds_total{pod=~"(.*)yb-(.*)"}' - 'container_memory_working_set_bytes{pod=~"(.*)yb-(.*)"}' # kube-state-metrics - - 'kube_pod_container_resource_requests_cpu_cores{pod=~"(.*)yb-(.*)"}' + # Supports >= OCP v4.4 + # OCP v4.4 has upgraded the KSM from 1.8.0 to 1.9.5. + # https://docs.openshift.com/container-platform/4.4/release_notes/ocp-4-4-release-notes.html#ocp-4-4-cluster-monitoring-version-updates + # - 'kube_pod_container_resource_requests_cpu_cores{pod=~"(.*)yb-(.*)"}' + - 'kube_pod_container_resource_requests{pod=~"(.*)yb-(.*)", unit="core"}' static_configs: - targets: @@ -363,6 +418,12 @@ data: regex: "(.*)" target_label: "container_name" replacement: "$1" + # rename new name of the CPU metric to the old name and label + # ref: https://github.com/kubernetes/kube-state-metrics/blob/master/CHANGELOG.md#v200-alpha--2020-09-16 + - source_labels: ["__name__", "unit"] + regex: "kube_pod_container_resource_requests;core" + target_label: "__name__" + replacement: "kube_pod_container_resource_requests_cpu_cores" {{- else }} @@ -413,8 +474,8 @@ data: - targets: ['kube-state-metrics.kube-system.svc.{{.Values.domainName}}:8080'] metric_relabel_configs: # Only keep the metrics which we care about - - source_labels: ["__name__"] - regex: "kube_pod_container_resource_requests_cpu_cores" + - source_labels: ["__name__", "unit"] + regex: "kube_pod_container_resource_requests;core" action: keep # Save the name of the metric so we can group_by since we cannot by __name__ directly... - source_labels: ["__name__"] @@ -433,6 +494,16 @@ data: - source_labels: ["pod_name"] regex: "(.*)yb-(.*)" action: keep + # rename new name of the CPU metric to the old name and label + # ref: https://github.com/kubernetes/kube-state-metrics/blob/master/CHANGELOG.md#v200-alpha--2020-09-16 + - source_labels: ["__name__", "unit"] + regex: "kube_pod_container_resource_requests;core" + target_label: "__name__" + replacement: "kube_pod_container_resource_requests_cpu_cores" + # Keep metrics for CPU, discard duplicate metrics + - source_labels: ["__name__"] + regex: "kube_pod_container_resource_requests_cpu_cores" + action: keep - job_name: 'kubernetes-cadvisor' @@ -571,6 +642,8 @@ data: replacement: "$1" - job_name: "yugabyte" + tls_config: + insecure_skip_verify: true metrics_path: "/prometheus-metrics" file_sd_configs: - files: diff --git a/charts/yugabyte/yugaware/templates/rbac.yaml b/charts/yugabyte/yugaware/templates/rbac.yaml index a445885f5..d05dfaeec 100644 --- a/charts/yugabyte/yugaware/templates/rbac.yaml +++ b/charts/yugabyte/yugaware/templates/rbac.yaml @@ -31,15 +31,31 @@ roleRef: apiGroup: rbac.authorization.k8s.io {{- else }} --- -kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole metadata: name: {{ .Release.Name }} - labels: - k8s-app: yugaware - kubernetes.io/cluster-service: "true" - addonmanager.kubernetes.io/mode: Reconcile rules: +- apiGroups: ["policy"] + resources: + - poddisruptionbudgets + verbs: ["get", "create", "delete", "patch"] +- apiGroups: [""] + resources: + - services + verbs: ["get", "delete", "create", "patch", "list", "watch"] +- apiGroups: ["apps"] + resources: + - statefulsets + verbs: ["get", "delete", "create", "patch", "scale"] +- apiGroups: [""] + resources: + - secrets + verbs: ["create", "list", "get", "delete", "update", "patch"] +- apiGroups: ["cert-manager.io"] + resources: + - certificates + verbs: ["create", "delete", "get", "patch"] - apiGroups: [""] resources: - nodes @@ -48,7 +64,8 @@ rules: - endpoints - pods - pods/exec - verbs: ["get", "list", "watch", "create"] + - configmaps # added configmaps resource + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] # added all verbs for configmaps - apiGroups: - extensions resources: @@ -61,13 +78,13 @@ rules: - namespaces - secrets - pods/portforward - verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - events # added events resource + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] # added all verbs for events - apiGroups: ["", "extensions"] resources: - deployments - services verbs: ["create", "get", "list", "watch", "update", "delete"] - --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/charts/yugabyte/yugaware/templates/service.yaml b/charts/yugabyte/yugaware/templates/service.yaml index fa25427d9..8620cee08 100644 --- a/charts/yugabyte/yugaware/templates/service.yaml +++ b/charts/yugabyte/yugaware/templates/service.yaml @@ -24,14 +24,24 @@ spec: {{- end }} {{- end }} ports: -{{- if .Values.tls.enabled }} +{{- if and (.Values.tls.enabled) (.Values.useNginxProxy) }} - name: ui-tls port: 443 targetPort: 8443 +{{- else if .Values.tls.enabled }} + - name: ui-tls + port: 443 + targetPort: 9443 {{- end }} +{{- if .Values.useNginxProxy }} - name: ui port: 80 targetPort: 8080 +{{- else }} + - name: ui + port: 80 + targetPort: 9000 +{{- end }} - name: metrics port: 9090 selector: diff --git a/charts/yugabyte/yugaware/templates/statefulset.yaml b/charts/yugabyte/yugaware/templates/statefulset.yaml index 9d3cd1512..72ef89763 100644 --- a/charts/yugabyte/yugaware/templates/statefulset.yaml +++ b/charts/yugabyte/yugaware/templates/statefulset.yaml @@ -84,6 +84,7 @@ spec: - key: universe_boot_script path: universe-boot-script.sh {{- end }} + {{- if .Values.useNginxProxy }} - name: nginx-config configMap: name: {{ .Release.Name }}-yugaware-nginx-config @@ -96,6 +97,7 @@ spec: items: - key: nginx.conf path: nginx.conf + {{- end }} - name: prometheus-config configMap: name: {{ .Release.Name }}-yugaware-prometheus-config @@ -110,10 +112,25 @@ spec: - key: init-permissions.sh path: init-permissions.sh {{- end }} - {{- if .Values.tls.enabled }} + {{- if and (.Values.tls.enabled) (.Values.useNginxProxy) }} - name: {{ .Release.Name }}-yugaware-tls-cert secret: secretName: {{ .Release.Name }}-yugaware-tls-cert + {{- if .Values.tls.certManager.enabled }} + items: + - key: tls.crt + path: server.crt + - key: tls.key + path: server.key + {{- end }} + {{- end }} + {{- if and (not .Values.useNginxProxy) (.Values.tls.enabled) }} + - name: {{ .Release.Name }}-yugaware-tls-pem + secret: + secretName: {{ .Release.Name }}-yugaware-tls-pem + items: + - key: server.pem + path: server.pem {{- end }} {{- if .Values.prometheus.remoteWrite.tls.enabled }} - name: {{ .Release.Name }}-yugaware-prometheus-remote-write-tls @@ -126,6 +143,12 @@ spec: items: - key: pg-upgrade-11-to-14.sh path: pg-upgrade-11-to-14.sh + - name: pg-init + configMap: + name: {{ .Release.Name }}-yugaware-pg-prerun + items: + - key: pg-prerun.sh + path: pg-prerun.sh initContainers: - image: {{ include "full_yugaware_image" . }} imagePullPolicy: {{ .Values.image.pullPolicy }} @@ -188,6 +211,25 @@ spec: - name: yugaware-storage mountPath: /pg_upgrade_logs subPath: postgres_data_14 + {{- if .Values.securityContext.enabled }} + - image: {{ include "full_image" (dict "containerName" "postgres" "root" .) }} + name: postgres-init + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: ["/bin/bash", "/pg_prerun/pg-prerun.sh"] + env: + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + - name: PG_UID + value: {{ .Values.securityContext.runAsUser | quote }} + - name: PG_GID + value: {{ .Values.securityContext.runAsGroup | quote }} + volumeMounts: + - name: yugaware-storage + mountPath: /var/lib/postgresql/data + subPath: postgres_data_14 + - name: pg-init + mountPath: /pg_prerun + {{- end }} containers: {{ if not .Values.postgres.external.host }} - name: postgres @@ -199,6 +241,12 @@ spec: {{- end }} - "-c" - "huge_pages=off" + {{- if .Values.securityContext.enabled }} + securityContext: + runAsUser: {{ required "runAsUser cannot be empty" .Values.securityContext.runAsUser }} + runAsGroup: {{ .Values.securityContext.runAsGroup | default 0 }} + runAsNonRoot: {{ .Values.securityContext.runAsNonRoot }} + {{- end }} env: - name: POSTGRES_USER valueFrom: @@ -322,12 +370,18 @@ spec: resources: {{ toYaml .Values.yugaware.resources | indent 12 }} {{- end }} - - command: [ "/sbin/tini", "--"] - args: - - "bin/yugaware" - - "-Dconfig.file=/data/application.docker.conf" + args: ["bin/yugaware","-Dconfig.file=/data/application.docker.conf"] env: + # Conditionally set these env variables, if runAsUser is not 0(root) + # or 10001(yugabyte). + {{- if eq (include "checkNssWrapperExportRequired" .) "true" }} + - name: NSS_WRAPPER_GROUP + value: "/tmp/group.template" + - name: NSS_WRAPPER_PASSWD + value: "/tmp/passwd.template" + - name: LD_PRELOAD + value: "/usr/lib64/libnss_wrapper.so" + {{- end }} - name: POSTGRES_USER valueFrom: secretKeyRef: @@ -348,6 +402,7 @@ spec: secretKeyRef: name: {{ .Release.Name }}-yugaware-global-config key: app_secret + {{- with .Values.yugaware.extraEnv }}{{ toYaml . | nindent 12 }}{{ end }} ports: - containerPort: 9000 name: yugaware @@ -380,6 +435,12 @@ spec: - name: yugaware-storage mountPath: /prometheus_configs subPath: prometheus.yml + {{- if and (not .Values.useNginxProxy) (.Values.tls.enabled) }} + - name: {{ .Release.Name }}-yugaware-tls-pem + mountPath: /opt/certs/ + readOnly: true + {{- end }} + {{- if .Values.useNginxProxy }} - name: nginx image: {{ include "full_image" (dict "containerName" "nginx" "root" .) }} imagePullPolicy: {{ .Values.image.pullPolicy }} @@ -403,6 +464,7 @@ spec: mountPath: /opt/certs/ readOnly: true {{- end }} + {{- end }} {{ if .Values.sidecars }} {{ toYaml .Values.sidecars | indent 8 }} {{ end }} diff --git a/charts/yugabyte/yugaware/values.yaml b/charts/yugabyte/yugaware/values.yaml index 53ba546b0..9453e69c8 100644 --- a/charts/yugabyte/yugaware/values.yaml +++ b/charts/yugabyte/yugaware/values.yaml @@ -5,13 +5,17 @@ fullnameOverride: "" nameOverride: "" +# Cloud team will retain nginx for sometime +# until they start creating a separate pool +useNginxProxy: false + image: commonRegistry: "" # Setting commonRegistry to say, quay.io overrides the registry settings for all images # including the yugaware image repository: quay.io/yugabyte/yugaware - tag: 2.16.4.0-b32 + tag: 2.18.0.0-b65 pullPolicy: IfNotPresent pullSecret: yugabyte-k8s-pull-secret ## Docker config JSON File name @@ -50,8 +54,8 @@ yugaware: storageAnnotations: {} multiTenant: false ## Name of existing ServiceAccount. When provided, the chart won't create a ServiceAccount. - ## It will attach the required RBAC roles to it. - ## Helpful in Yugabyte Platform GKE App. + ## It will attach the required RBAC roles to it. + ## Helpful in Yugabyte Platform GKE App. serviceAccount: '' serviceMonitor: enabled: false @@ -94,6 +98,8 @@ yugaware: universe_boot_script: "" + extraEnv: [] + ## Configure PostgreSQL part of the application postgres: # DO NOT CHANGE if using OCP Certified helm chart @@ -129,19 +135,43 @@ postgres: tls: enabled: false hostname: "localhost" - certificate: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZDVENDQXZHZ0F3SUJBZ0lVTlhvN2N6T2dyUWQrU09wOWdNdE00b1Vva3hFd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0ZERVNNQkFHQTFVRUF3d0piRzlqWVd4b2IzTjBNQjRYRFRJeE1EUXdOakExTXpnMU4xb1hEVE14TURRdwpOREExTXpnMU4xb3dGREVTTUJBR0ExVUVBd3dKYkc5allXeG9iM04wTUlJQ0lqQU5CZ2txaGtpRzl3MEJBUUVGCkFBT0NBZzhBTUlJQ0NnS0NBZ0VBMUxsSTFBLzRPOVIzSkNlN1N2MUxYVXhDSmxoTWpIWUoxV1FNVmcvai82RHkKazRTTmY0MkFLQjI0dFJFK2lEWTBNaTJrRWhJcVZ4TFdPN0hkWHVSN0tYNGxSZWFVVkRFTUtYUWNQUC9QWDZkbwpwZVZTUFpSVjVHNHNxTElXUFFkTVdIam9IQWx1aml5dGJsSVJUUWdLU3QrMmpuREFDN0dxRURMREdhNXRUWEM2CktRWkNtOERlaklOUTMzaGU2TDN0Q2hBRnhJM1pwY21sR0twbzdKVXJSUG14Mk9zTHFRcTB5dEVVK0lGZGppWHEKaHJLeFR0NUhHM3M3ZUNWaTRXdlZPelVGUitJbWRlQzBRZTBXeG5iZlZUMnJkVitQL1FaVXhWSEVtWnBPc0k2LwpmczhlK1dsMlduWXY1TTg5MWkxZER3Zi9lMDdiN20xQVRKdDRtTGRldzBtd1V4UGFGT2pDMDh6cU94NmF0cGhLClU1eHNWQmhGNVhyME9DeTQyMzN0MU5URXdWUEFDOFcwQmhHdldTRXBQTXNTKzM1b2lueEFrcFQzL01ibFpjNisKcXhSYUh6MHJhSksvVGIzelVKVWxWZFkxbGl5MVYyVjNxWEU2NWlsOUFHZ2pIaHhBNFBwSktCbzZ0WVRUT3pnTworL25mc0toMk95aE8zUWxBZ0JFUHlYUm5wL0xGSTVuQ2gzdjNiOXlabFNrSk05NkVoWEJ1bHhWUWN3L2p3N2NxCkRLSlBEeHFUQy9rWUs1V0FVZGhkWG1KQkRNMFBLcngzUGVOYjRsYnQzSTFIZW1QRDBoZktiWFd6alhiVTJQdWQKdjZmT0dXTDRLSFpaem9KZ1ljMFovRXRUMEpCR09GM09mMW42N2c5dDRlUnAzbEVSL09NM0FPY1dRbWFvOHlVQwpBd0VBQWFOVE1GRXdIUVlEVlIwT0JCWUVGTU00SjA4WG8wUGY1cTlOSWZiMGYyRzZqc1FoTUI4R0ExVWRJd1FZCk1CYUFGTU00SjA4WG8wUGY1cTlOSWZiMGYyRzZqc1FoTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWkkKaHZjTkFRRUxCUUFEZ2dJQkFBRmxrWVJkdzA0Zm9vT29BelUyaU5ORGV1aiszemhIeFQ5eU9iSkdwREZIRitoZQpuY1ZRWGZpMitHNjBWY0xuZERsWFhmbDZLOSs4ME55aEg4QjR1UEJNTWhoWG01MjJmYnJac1dFcnR3WE1rM2prClZ5UVA3MGk2NHE1ZGVrZzhoYzI0SXhFUlVsam9XM2lDTTdrb0VxaG15VkpGeDNxMVdobFEwdzNkWVpMQVNRclYKU0RpL2JGWjlqOXVtWVdoc0Y4QjFPSThPVjNlL0YyakU1UCtoTlJJazAzbW9zWE1Rdy9iZ3ZzV0hvSkZ5blB4UApHNGUzUjBob2NnbzI0Q2xOQ21YMWFBUms5c1pyN2h0NlVsM1F1d0dMdzZkK2I5emxrUW56TzFXQzc5ekVNU1R0ClRRRzFNT2ZlL2dTVkR3dThTSnpBOHV1Z0pYTktWWkxCZlpaNW41Tk9sOHdpOVVLa1BVUW4wOHo3VWNYVDR5ZnQKZHdrbnZnWDRvMFloUnNQNHpPWDF6eWxObzhqRDhRNlV1SkdQSksrN1JnUm8zVERPV3k4MEZpUzBxRmxrSFdMKwptT0pUWGxzaEpwdHE5b1c1eGx6N1lxTnFwZFVnRmNyTjJLQWNmaGVlNnV3SUFnOFJteTQvRlhRZjhKdXluSG5oClFhVlFnTEpEeHByZTZVNk5EdWg1Y1VsMUZTcWNCUGFPY0x0Q0ViVWg5ckQxajBIdkRnTUUvTTU2TGp1UGdGZlEKMS9xeXlDUkFjc2NCSnVMYjRxcXRUb25tZVZ3T1BBbzBsNXBjcC9JcjRTcTdwM0NML0kwT0o1SEhjcmY3d3JWSgpQVWgzdU1LbWVHVDRyeDdrWlQzQzBXenhUU0loc0lZOU12MVRtelF4MEprQm93c2NYaUYrcXkvUkl5UVgKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=" - key: "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRd0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1Mwd2dna3BBZ0VBQW9JQ0FRRFV1VWpVRC9nNzFIY2sKSjd0Sy9VdGRURUltV0V5TWRnblZaQXhXRCtQL29QS1RoSTEvallBb0hiaTFFVDZJTmpReUxhUVNFaXBYRXRZNwpzZDFlNUhzcGZpVkY1cFJVTVF3cGRCdzgvODlmcDJpbDVWSTlsRlhrYml5b3NoWTlCMHhZZU9nY0NXNk9MSzF1ClVoRk5DQXBLMzdhT2NNQUxzYW9RTXNNWnJtMU5jTG9wQmtLYndONk1nMURmZUY3b3ZlMEtFQVhFamRtbHlhVVkKcW1qc2xTdEUrYkhZNnd1cENyVEswUlQ0Z1YyT0plcUdzckZPM2tjYmV6dDRKV0xoYTlVN05RVkg0aVoxNExSQgo3UmJHZHQ5VlBhdDFYNC85QmxURlVjU1ptazZ3anI5K3p4NzVhWFphZGkva3p6M1dMVjBQQi85N1R0dnViVUJNCm0zaVl0MTdEU2JCVEU5b1U2TUxUek9vN0hwcTJtRXBUbkd4VUdFWGxldlE0TExqYmZlM1UxTVRCVThBTHhiUUcKRWE5WklTazh5eEw3Zm1pS2ZFQ1NsUGY4eHVWbHpyNnJGRm9mUFN0b2tyOU52Zk5RbFNWVjFqV1dMTFZYWlhlcApjVHJtS1gwQWFDTWVIRURnK2trb0dqcTFoTk03T0E3NytkK3dxSFk3S0U3ZENVQ0FFUS9KZEdlbjhzVWptY0tICmUvZHYzSm1WS1FrejNvU0ZjRzZYRlZCekQrUER0eW9Nb2s4UEdwTUwrUmdybFlCUjJGMWVZa0VNelE4cXZIYzkKNDF2aVZ1M2NqVWQ2WThQU0Y4cHRkYk9OZHRUWSs1Mi9wODRaWXZnb2Rsbk9nbUJoelJuOFMxUFFrRVk0WGM1LwpXZnJ1RDIzaDVHbmVVUkg4NHpjQTV4WkNacWp6SlFJREFRQUJBb0lDQUFmY2lScDlOSmxSY3MyOVFpaTFUN0cwCi9jVFpBb3MyV1lxdlZkMWdYUGEzaGY5NXFKa01LNjVQMnVHbUwzOXRNV1NoVnl6cnl2REkyMjM5VnNjSS9wdzcKOHppd0dzODV1TTlYWVN2SDhHd0NqZFdEc2hSZ2hRUWFKa0JkeElDZzRtdHFuSGxjeDk4dE80T1dPTmwxOEp0dgp4UmxpaFZacFRIV295cGtLWHpPN2RNWExXMjdTSStkaGV2Mm5QeXF1eWpIVEFjT1AwbmxVQ0d2dThFMjkvWWxoCkNQZVJTQzhKSEVGYWxNSFNWaGpJd2ZBVWJvVVJwZU1ZSE15RjVTK2JncGZiajhSbVVUR09DbHRkWGJnYjhJai8KN0hROEFlQkIrYVFKTDVEVnFRN1JWN1ppQlMwR2ZyODlHdXdEMUs4em9mcktPdURkdXpjR2hwZk9MeGpGdmhTOApSQ2Y1Z3BFMzg0aWlHc2tWZC9mZDJLK3NhSmk0L09HbHo0aHhhc1hDcTN1TXB5OTZPNFRrMXZzM3BXdWZNVmJXCnR2d1Mrcjhvbk9uOXZqa3lqOU11eUpId1BpSlNGMUt0ZzhPUU5WMlVST0xXcHlYMWk4Z2xoMXdSelRTQ2diQnMKZ3ZxWkFvaU1pWFh3SlVXN3Zpb0RLZjI0TnZvcjViaVNzeUh0MHVKUVZJaW1iK1prTFJwTWdwRlkyTlcrTnd6LwoxOW9DS2ZUVVpWNkJia09IK0NoOUowLy9hTTRGNnUvMTI4V0UxalJQU05mdWQ0b0dpdGVPNXRsRDNWSXRsb1hlCjNyWVMrcTNuYXU1RStWc2FRZGFVNzhrSnpXYmUrWURmQ1JwWGd6TkloSkMyQ1k5d0RSK3hIaVFwbzdLSHV6dngKUkpuRjhIcGwzdWhIdWxEam44dEpBb0lCQVFEeGxhVVIwN1l6TGF2OVZtamZCenpZMjcwOU9tWnhpa3NtRnlhWApKTkJMQVB3SGdXOEVCUHdKOEprSDhXR1NTekp1OXZGd1JDVEVqZ1J5dWUvS05DWnNmUWF2UDg3dzhablJHaEhjCklHUUV1MFN3bmJzZXFJK1VWa0M5amZjaFE4dlowM0dQTGZ6bWpsSW9PNkNLTVM3TlV2Ynk5MksvOHRVVWRtWWgKMmJJa2N4V0J1RDJoenh3K1ZId3ArWktMQ0FPZi9sOG8vQ20xQ1dZSFNGdVYzTkl3T016Z2FKaExJODJNR08zQwpuODZTMXcweGc2MHB5dUV6L0hXZS9JMFZkRGNsWlgyNC9jalVBb01kQlkvSGY4Tkh2ZUNhZExQeXI3eGpRY2NLClAzN0RhdFRyK2RTZ2RoVkxzUDRRRzVVZEZxNUlMSHoxTXBkb2xXZ2pDSlZqcTZMekFvSUJBUURoYXNYdVRzMDIKNEkvYkRlSGRZSmw2Q1NzVUh2NmJXL3dpYlRhd2dpbDh5RUNWS2x6eFY4eENwWnoxWVhRQlY1YnVvQlArbjZCWApnVHgzTTJHc2R5UU1xdGRCWG9qdGp1czB6ekFNQVQzOWNmdWlHMGR0YXF3eWJMVlEwYThDZnFmMDVyUmZ0ekVmCmtTUDk2d01kVUEyTGdCbnU4akwzOU41UkxtK2RpZUdxeDAwYmJTa3l5UE9HNHIvcDl6KzN6TmVmeUhmbm94bTkKUnQza1RpeGhVNkd4UGhOSnZpWEUrWUpwT0dKVXMvK2dUWWpjUE1zRW9ONHIyR215cUs3S21NZExFa3Y1SHliWgprbmNsV2FMVFlhNEpjMjJUaWZJd01NTWMwaCtBMkJVckdjZFZ6MTA0UXluUFZQZDdXcEszenhqcjRPUHh1YnQ2CjZvTWk2REdRSVNlSEFvSUJBUURTK1YyVHFQRDMxczNaU3VvQXc2Qld2ZWVRbmZ5eThSUFpxdVFQb0oycXNxeG0KblpsbXlEZVhNcDloK1dHOVVhQTBtY0dWeWx6VnJqU2lRRkR4cEFOZVFQMWlkSFh6b3ZveVN2TUg2dDJONkVELwpnRy9XUVZ4S0xkMFI3UFhCL2lQN0VaV2RkWXJqaWF5ajZCYTJPR2RuOWlrbFcvZklLM2Y4QzczN2w5TGoxQUVYCkxOL2QvREh0R1BqcDYwTVgyYUxZeVZzdlBxL3BvdENRVVpkeDA4dFhRM05nRXRmVTN1cDFpNXV2bU1IZEtLTWoKOTV0MDRQRTA1aWVOOVgzOEcyYkJhTldYaFVJcUxCdDJiOUgxWmxVU3hQWnR6TGNObkgwSHJYejJMU2MxMzRrYwpueXdhQ2FWbFdhYzJSL0E3Mi8vTmxkUjJpWDBDWDEvM0lGcmVGUmtUQW9JQkFBbGt0S2pRbWRhZWx3QU8zUW1uCm05MnRBaUdOaFJpZVJheDlscGpXWTdveWNoYUZOR2hPTzFIUHF2SEN4TjNGYzZHd0JBVkpTNW81NVhZbUt2elAKM2kyMDlORmhpaDAwSm5NRjZ6K2swWnQ5STNwRzNyd2RoTjE1RURrMDg3RUw3QjNWZTFDOXhvdEZOaFcvdEZxRgpXbnNrdEcvem9kSVpYeVpNNUJQUmloamV3MFRRVUxZd0Q0M2daeFR0MjdiaUQxNDJNV0R5dUFEZU1pTHdhd01IClJDYXBxbzRaSVdQSzdmZEtoVFo0WmIrZFc0V3A5dC9UZ0U2ZGJ4SWwyMXJQOFFZYzFoT2tpNjduWHBXczNZOG4KYytRcTdqY0d1WlB1aEVMd01xWGcyMGozZ3duOVlTb1dDbWo4Wm0rNmY0Q3ZYWjkrdUtEN0YyZncyOVFaanU4dApvb01DZ2dFQkFPbVVHZ1VoT0tUVys1eEpkZlFKRUVXUncyVFF6Z2l6dSt3aVkzaDYrYXNTejRNY0srVGx6bWxVCmFHT013dFhTUzc0RXIxVmlCVXMrZnJKekFPR21IV0ExZWdtaGVlY1BvaE9ybTh5WkVueVJOSkRhWC9UUXBSUnEKaVdoWENBbjJTWFQxcFlsYVBzMjdkbXpFWnQ3UlVUSkJZZ1hHZXQ4dXFjUXZaVDJZK3N6cHFNV3UzaEpWdmIxdgpZNGRJWE12RG1aV1BPVjFwbHJEaTVoc214VW05TDVtWk1IblllNzFOYkhsaEIxK0VUNXZmWFZjOERzU1RRZWRRCitDRHJKNGQ0em85dFNCa2pwYTM5M2RDRjhCSURESUQyWkVJNCtBVW52NWhTNm82NitOLzBONlp3cXkwc2pKY0cKQ21LeS9tNUpqVzFJWDMxSmZ1UU5Ldm9YNkRFN0Zkaz0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=" + ## Expects base 64 encoded values for certificate and key. + certificate: "" + key: "" sslProtocols: "" # if set, override default Nginx SSL protocols setting + ## cert-manager values + ## If cert-manager is enabled: + ## If genSelfsigned: true: + ## Create a self-signed issuer/clusterIssuer + ## Generate a rootCA using the above issuer. + ## Generate a tls certificate with secret name as: {{ .Release.Name }}-yugaware-tls-cert + ## Else if genSelfsigned: false: + ## Expect a clusterIssuer/issuer to be provided by user + ## Generate a tls cert based on above issuer with secret name as: {{ .Release.Name }}-yugaware-tls-cert + certManager: + enabled: false + genSelfsigned: true + useClusterIssuer: false + clusterIssuer: cluster-ca + issuer: yugaware-ca + ## Configuration for the TLS certificate requested from Issuer/ClusterIssuer + configuration: + duration: 8760h # 90d + renewBefore: 240h # 15d + algorithm: RSA # ECDSA or RSA + # Can be 2048, 4096 or 8192 for RSA + # Or 256, 384 or 521 for ECDSA + keySize: 2048 ## yugaware pod Security Context ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ securityContext: - enabled: false + enabled: true ## fsGroup related values are set at the pod level. fsGroup: 10001 fsGroupChangePolicy: "OnRootMismatch" - ## The following values are set for yugaware and prometheus containers. - ## Setting runAsUser other than 10001 will fail the VM universe deployment flow. + ## Expected to have runAsUser values != 0 when + ## runAsNonRoot is set to true, otherwise container creation fails. runAsUser: 10001 runAsGroup: 10001 runAsNonRoot: true diff --git a/index.yaml b/index.yaml index 438032563..0582013a5 100644 --- a/index.yaml +++ b/index.yaml @@ -80,6 +80,50 @@ entries: - assets/datawiza/access-broker-0.1.1.tgz version: 0.1.1 airflow: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Apache Airflow + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: airflow + category: WorkFlow + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 2.6.0 + created: "2023-05-18T13:48:08.310990181Z" + dependencies: + - condition: redis.enabled + name: redis + repository: file://./charts/redis + version: 17.x.x + - condition: postgresql.enabled + name: postgresql + repository: file://./charts/postgresql + version: 12.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Apache Airflow is a tool to express and execute workflows as directed + acyclic graphs (DAGs). It includes utilities to schedule tasks, monitor task + progress and handle task dependencies. + digest: 6467888f0fca780bdd590a0a7b4e31c82bfce01d1b0303837c9a6bccdaffaf04 + home: https://bitnami.com + icon: https://svn.apache.org/repos/asf/comdev/project-logos/originals/airflow-1.svg + keywords: + - apache + - airflow + - workflow + - dag + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: airflow + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/airflow + urls: + - assets/bitnami/airflow-14.2.2.tgz + version: 14.2.2 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Apache Airflow @@ -1050,6 +1094,45 @@ entries: - assets/ambassador/ambassador-6.7.1100.tgz version: 6.7.1100 argo-cd: + - annotations: + artifacthub.io/changes: | + - kind: added + description: Add new bitbucket cloud SSH key to configs.ssh.knownHosts + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Argo CD + catalog.cattle.io/kube-version: '>=1.22.0-0' + catalog.cattle.io/release-name: argo-cd + apiVersion: v2 + appVersion: v2.7.2 + created: "2023-05-18T13:48:07.431243913Z" + dependencies: + - condition: redis-ha.enabled + name: redis-ha + repository: file://./charts/redis-ha + version: 4.23.0 + description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery + tool for Kubernetes. + digest: ce18fe946a092b2585e40a38c47cbd630a34a2c0f15238a2a24a8a2a630d288e + home: https://github.com/argoproj/argo-helm + icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png + keywords: + - argoproj + - argocd + - gitops + kubeVersion: '>=1.22.0-0' + maintainers: + - name: argoproj + url: https://argoproj.github.io/ + name: argo-cd + sources: + - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd + - https://github.com/argoproj/argo-cd + urls: + - assets/argo/argo-cd-5.34.1.tgz + version: 5.34.1 - annotations: artifacthub.io/changes: | - kind: changed @@ -5984,6 +6067,41 @@ entries: - assets/aws-event-sources/aws-event-sources-0.1.901.tgz version: 0.1.901 cassandra: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Apache Cassandra + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: cassandra + category: Database + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 4.1.1 + created: "2023-05-18T13:48:08.347356657Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Apache Cassandra is an open source distributed database management + system designed to handle large amounts of data across many servers, providing + high availability with no single point of failure. + digest: d69646905f41f778cdd88125c666583e8a4cefbf3d4167485729ff77587c82c1 + home: https://bitnami.com + icon: https://svn.apache.org/repos/asf/comdev/project-logos/originals/cassandra-4.svg + keywords: + - cassandra + - database + - nosql + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: cassandra + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/cassandra + urls: + - assets/bitnami/cassandra-10.3.1.tgz + version: 10.3.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Apache Cassandra @@ -6818,6 +6936,28 @@ entries: urls: - assets/codefresh/cf-runtime-1.7.8.tgz version: 1.7.8 + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Codefresh + catalog.cattle.io/kube-version: '>=1.18-0' + catalog.cattle.io/release-name: cf-runtime + apiVersion: v2 + created: "2023-05-18T13:48:09.9228736Z" + description: A Helm chart for Codefresh Runner + digest: 79fb9819032ee3d314c3d860fb8accb872cc492c86f75afffd8fed3de56772a6 + home: https://github.com/codefresh-io/venona + icon: https://partner-charts.rancher.io/assets/logos/codefresh.jpg + keywords: + - codefresh + - runner + kubeVersion: '>=1.18-0' + maintainers: + - name: codefresh + url: https://codefresh-io.github.io/ + name: cf-runtime + urls: + - assets/codefresh/cf-runtime-1.0.6.tgz + version: 1.0.6 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Codefresh @@ -6879,6 +7019,35 @@ entries: - assets/codefresh/cf-runtime-0.1.401.tgz version: 0.1.401 chronicle: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Chronicle + catalog.cattle.io/release-name: chronicle + apiVersion: v2 + appVersion: 0.6.2 + created: "2023-05-18T13:48:09.796720488Z" + dependencies: + - name: standard-defs + repository: https://btp-charts-stable.s3.amazonaws.com/charts/ + version: ~0.1.0 + - name: sawtooth + repository: https://btp-charts-stable.s3.amazonaws.com/charts/ + version: ~0.2.0 + description: 'Chronicle is an open-source, blockchain-backed, domain-agnostic + provenance product. Chronicle makes it easy for users to record and query immutable + provenance information on a distributed ledger - about any asset, in any domain, + and across multiple parties. ' + digest: 6b63d985b2088a255a60bee3ffe66090357ec9fd3b39e2e7bc96b600d7a85c92 + home: https://docs.btp.works/chronicle + icon: https://chronicle-resources.s3.amazonaws.com/icons/chronicle-transparent-bg-dark.png + keywords: + - provenance + - blockchain + name: chronicle + type: application + urls: + - assets/btp/chronicle-0.1.14.tgz + version: 0.1.14 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Chronicle @@ -7145,6 +7314,31 @@ entries: - assets/citrix/citrix-cpx-istio-sidecar-injector-1.11.0.tgz version: 1.11.0 citrix-cpx-with-ingress-controller: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Citrix Cpx with Ingress Controller + catalog.cattle.io/kube-version: '>=v1.16.0-0' + catalog.cattle.io/release-name: citrix-cpx-with-ingress-controller + apiVersion: v2 + appVersion: 1.32.7 + created: "2023-05-18T13:48:09.852506659Z" + description: A Helm chart for Citrix ADC CPX with Citrix ingress Controller running + as sidecar. + digest: 8cfcd0ce55c67c7e2ae9de9a5f56db9d71444f2426bde068851774c4d5a0ef5d + home: https://www.cloud.com + icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png + kubeVersion: '>=v1.16.0-0' + maintainers: + - email: priyanka.sharma@cloud.com + name: priyankash-citrix + - email: subash.dangol@cloud.com + name: subashd + name: citrix-cpx-with-ingress-controller + sources: + - https://github.com/citrix/citrix-k8s-ingress-controller + urls: + - assets/citrix/citrix-cpx-with-ingress-controller-1.32.7.tgz + version: 1.32.7 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Citrix Cpx with Ingress Controller @@ -7268,6 +7462,30 @@ entries: - assets/citrix/citrix-cpx-with-ingress-controller-1.8.2800.tgz version: 1.8.2800 citrix-ingress-controller: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Citrix Ingress Controller + catalog.cattle.io/kube-version: '>=v1.16.0-0' + catalog.cattle.io/release-name: citrix-ingress-controller + apiVersion: v2 + appVersion: 1.32.7 + created: "2023-05-18T13:48:09.864000415Z" + description: A Helm chart for Citrix Ingress Controller configuring MPX/VPX. + digest: 384c5aa00cfcbab4f1acd31a2f3a2f26feb6c87517e8542aaec94bc0520f6451 + home: https://www.cloud.com + icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png + kubeVersion: '>=v1.16.0-0' + maintainers: + - email: priyanka.sharma@cloud.com + name: priyankash-citrix + - email: subash.dangol@cloud.com + name: subashd + name: citrix-ingress-controller + sources: + - https://github.com/citrix/citrix-k8s-ingress-controller + urls: + - assets/citrix/citrix-ingress-controller-1.32.7.tgz + version: 1.32.7 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Citrix Ingress Controller @@ -9760,6 +9978,43 @@ entries: - assets/weka/csi-wekafsplugin-0.6.400.tgz version: 0.6.400 datadog: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Datadog + catalog.cattle.io/kube-version: '>=1.10-0' + catalog.cattle.io/release-name: datadog + apiVersion: v1 + appVersion: "7" + created: "2023-05-18T13:48:10.235630018Z" + dependencies: + - condition: clusterAgent.metricsProvider.useDatadogMetrics + name: datadog-crds + repository: https://helm.datadoghq.com + tags: + - install-crds + version: 0.4.7 + - condition: datadog.kubeStateMetricsEnabled + name: kube-state-metrics + repository: https://prometheus-community.github.io/helm-charts + version: 2.13.2 + description: Datadog Agent + digest: 67c0dc509f7bafe22ef00d355262f4984e5a4998793bf7d712d0628703d4bf8d + home: https://www.datadoghq.com + icon: https://datadog-live.imgix.net/img/dd_logo_70x75.png + keywords: + - monitoring + - alerting + - metric + maintainers: + - email: support@datadoghq.com + name: Datadog + name: datadog + sources: + - https://app.datadoghq.com/account/settings#agent/kubernetes + - https://github.com/DataDog/datadog-agent + urls: + - assets/datadog/datadog-3.29.2.tgz + version: 3.29.2 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Datadog @@ -12984,6 +13239,74 @@ entries: - assets/inaccel/fpga-operator-2.5.201.tgz version: 2.5.201 gitlab: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: GitLab + catalog.cattle.io/release-name: gitlab + apiVersion: v1 + appVersion: v15.11.4 + created: "2023-05-18T13:48:10.935769348Z" + dependencies: + - name: gitlab + repository: "" + version: '*.*.*' + - name: certmanager-issuer + repository: "" + version: '*.*.*' + - name: minio + repository: "" + version: '*.*.*' + - name: registry + repository: "" + version: '*.*.*' + - alias: certmanager + condition: certmanager.install + name: cert-manager + repository: https://charts.jetstack.io/ + version: 1.5.4 + - condition: prometheus.install + name: prometheus + repository: https://prometheus-community.github.io/helm-charts + version: 15.18.0 + - condition: postgresql.install + name: postgresql + repository: https://raw.githubusercontent.com/bitnami/charts/eb5f9a9513d987b519f0ecd732e7031241c50328/bitnami + version: 8.9.4 + - condition: gitlab-runner.install + name: gitlab-runner + repository: https://charts.gitlab.io/ + version: 0.51.1 + - condition: global.grafana.enabled + name: grafana + repository: https://grafana.github.io/helm-charts + version: 6.11.0 + - condition: redis.install + name: redis + repository: https://raw.githubusercontent.com/bitnami/charts/eb5f9a9513d987b519f0ecd732e7031241c50328/bitnami + version: 11.3.4 + - condition: nginx-ingress.enabled + name: nginx-ingress + repository: "" + version: '*.*.*' + - condition: gitlab-zoekt.install + name: gitlab-zoekt + repository: https://charts.gitlab.io/ + version: 0.3.0 + description: The One DevOps Platform + digest: 56e3ce0693532b6d5c3bc7355778dfbb58ca9e51cc8c64cbc05f8eefa32dbcf8 + home: https://about.gitlab.com/ + icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png + keywords: + - gitlab + maintainers: + - email: support@gitlab.com + name: GitLab Inc. + name: gitlab + sources: + - https://gitlab.com/gitlab-org/charts/gitlab + urls: + - assets/gitlab/gitlab-6.11.4.tgz + version: 6.11.4 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: GitLab @@ -15972,6 +16295,37 @@ entries: - assets/haproxy/haproxy-1.4.300.tgz version: 1.4.300 harbor: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Harbor + catalog.cattle.io/kube-version: '>=1.20-0' + catalog.cattle.io/release-name: harbor + apiVersion: v1 + appVersion: 2.8.1 + created: "2023-05-18T13:48:11.891726332Z" + description: An open source trusted cloud native registry that stores, signs, + and scans content + digest: 7770b3a4e2a5d69f0b37e59dff12f9a6cac85a529fe6aa06bd280e5a2689b61f + home: https://goharbor.io + icon: https://raw.githubusercontent.com/goharbor/website/master/static/img/logos/harbor-icon-color.png + keywords: + - docker + - registry + - harbor + maintainers: + - email: yinw@vmware.com + name: Wenkai Yin + - email: hweiwei@vmware.com + name: Weiwei He + - email: yshengwen@vmware.com + name: Shengwen Yu + name: harbor + sources: + - https://github.com/goharbor/harbor + - https://github.com/goharbor/harbor-helm + urls: + - assets/harbor/harbor-1.12.1.tgz + version: 1.12.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Harbor @@ -19662,6 +20016,47 @@ entries: - assets/kasten/k10-4.5.900.tgz version: 4.5.900 kafka: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Apache Kafka + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: kafka + category: Infrastructure + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 3.4.0 + created: "2023-05-18T13:48:08.621246986Z" + dependencies: + - condition: zookeeper.enabled + name: zookeeper + repository: file://./charts/zookeeper + version: 11.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Apache Kafka is a distributed streaming platform designed to build + real-time pipelines and can be used as a message broker or as a replacement + for a log aggregation solution for big data applications. + digest: 0df5506370276ffe6de6946e2e9063fb3383cb65a5ca621baca010bb2a7036ac + home: https://bitnami.com + icon: https://svn.apache.org/repos/asf/comdev/project-logos/originals/kafka.svg + keywords: + - kafka + - zookeeper + - streaming + - producer + - consumer + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: kafka + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/kafka + urls: + - assets/bitnami/kafka-22.1.2.tgz + version: 22.1.2 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Apache Kafka @@ -21041,6 +21436,33 @@ entries: - assets/elastic/kibana-7.17.3.tgz version: 7.17.3 kong: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Kong Gateway + catalog.cattle.io/release-name: kong + apiVersion: v2 + appVersion: "3.2" + created: "2023-05-18T13:48:13.221576247Z" + dependencies: + - condition: postgresql.enabled + name: postgresql + repository: file://./charts/postgresql + version: 11.9.13 + description: The Cloud-Native Ingress and API-management + digest: 93ed72520803576866dd1a39a81c461ab158cd2e723bad019b752ceaf9c86be8 + home: https://konghq.com/ + icon: https://s3.amazonaws.com/downloads.kong/universe/assets/icon-kong-inc-large.png + maintainers: + - email: harry@konghq.com + name: hbagdi + - email: traines@konghq.com + name: rainest + name: kong + sources: + - https://github.com/Kong/charts/tree/main/charts/kong + urls: + - assets/kong/kong-2.21.0.tgz + version: 2.21.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Kong Gateway @@ -25329,6 +25751,102 @@ entries: - assets/f5/nginx-service-mesh-0.2.100.tgz version: 0.2.100 nri-bundle: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: New Relic + catalog.cattle.io/release-name: nri-bundle + apiVersion: v2 + created: "2023-05-18T13:48:13.680439495Z" + dependencies: + - condition: infrastructure.enabled,newrelic-infrastructure.enabled + name: newrelic-infrastructure + repository: file://./charts/newrelic-infrastructure + version: 3.17.0 + - condition: prometheus.enabled,nri-prometheus.enabled + name: nri-prometheus + repository: file://./charts/nri-prometheus + version: 2.1.16 + - condition: newrelic-prometheus-agent.enabled + name: newrelic-prometheus-agent + repository: file://./charts/newrelic-prometheus-agent + version: 1.2.0 + - condition: webhook.enabled,nri-metadata-injection.enabled + name: nri-metadata-injection + repository: file://./charts/nri-metadata-injection + version: 4.3.0 + - condition: metrics-adapter.enabled,newrelic-k8s-metrics-adapter.enabled + name: newrelic-k8s-metrics-adapter + repository: file://./charts/newrelic-k8s-metrics-adapter + version: 1.2.0 + - condition: ksm.enabled,kube-state-metrics.enabled + name: kube-state-metrics + repository: file://./charts/kube-state-metrics + version: 4.23.0 + - condition: kubeEvents.enabled,nri-kube-events.enabled + name: nri-kube-events + repository: file://./charts/nri-kube-events + version: 3.0.0 + - condition: logging.enabled,newrelic-logging.enabled + name: newrelic-logging + repository: file://./charts/newrelic-logging + version: 1.14.1 + - condition: newrelic-pixie.enabled + name: newrelic-pixie + repository: file://./charts/newrelic-pixie + version: 2.1.0 + - alias: pixie-chart + condition: pixie-chart.enabled + name: pixie-operator-chart + repository: file://./charts/pixie-operator-chart + version: 0.1.0 + - condition: newrelic-infra-operator.enabled + name: newrelic-infra-operator + repository: file://./charts/newrelic-infra-operator + version: 2.2.0 + description: Groups together the individual charts for the New Relic Kubernetes + solution for a more comfortable deployment. + digest: e240c1b0ce5f478b239b674a61acf5452bee35e071c624c36b1808394b2c9bd6 + home: https://github.com/newrelic/helm-charts + icon: https://newrelic.com/themes/custom/erno/assets/mediakit/new_relic_logo_vertical.svg + keywords: + - infrastructure + - newrelic + - monitoring + maintainers: + - name: nserrino + url: https://github.com/nserrino + - name: philkuz + url: https://github.com/philkuz + - name: htroisi + url: https://github.com/htroisi + - name: juanjjaramillo + url: https://github.com/juanjjaramillo + - name: svetlanabrennan + url: https://github.com/svetlanabrennan + - name: nrepai + url: https://github.com/nrepai + - name: csongnr + url: https://github.com/csongnr + - name: vuqtran88 + url: https://github.com/vuqtran88 + - name: xqi-nr + url: https://github.com/xqi-nr + name: nri-bundle + sources: + - https://github.com/newrelic/nri-bundle/ + - https://github.com/newrelic/nri-bundle/tree/master/charts/nri-bundle + - https://github.com/newrelic/nri-kubernetes/tree/master/charts/newrelic-infrastructure + - https://github.com/newrelic/nri-prometheus/tree/master/charts/nri-prometheus + - https://github.com/newrelic/newrelic-prometheus-configurator/tree/master/charts/newrelic-prometheus-agent + - https://github.com/newrelic/k8s-metadata-injection/tree/master/charts/nri-metadata-injection + - https://github.com/newrelic/newrelic-k8s-metrics-adapter/tree/master/charts/newrelic-k8s-metrics-adapter + - https://github.com/newrelic/nri-kube-events/tree/master/charts/nri-kube-events + - https://github.com/newrelic/helm-charts/tree/master/charts/newrelic-logging + - https://github.com/newrelic/helm-charts/tree/master/charts/newrelic-pixie + - https://github.com/newrelic/newrelic-infra-operator/tree/master/charts/newrelic-infra-operator + urls: + - assets/new-relic/nri-bundle-5.0.15.tgz + version: 5.0.15 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: New Relic @@ -29521,6 +30039,41 @@ entries: - assets/quobyte/quobyte-cluster-0.1.5.tgz version: 0.1.5 redis: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redis + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: redis + category: Database + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 7.0.11 + created: "2023-05-18T13:48:08.934549906Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Redis(R) is an open source, advanced key-value store. It is often + referred to as a data structure server since keys can contain strings, hashes, + lists, sets and sorted sets. + digest: 685e5e6fc0762da9bf650423eb2c253083d4a1e89984af58efb0eee794859e82 + home: https://bitnami.com + icon: https://redis.com/wp-content/uploads/2021/08/redis-logo.png + keywords: + - redis + - keyvalue + - database + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: redis + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/redis + urls: + - assets/bitnami/redis-17.11.2.tgz + version: 17.11.2 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Redis @@ -30559,6 +31112,44 @@ entries: - assets/bitnami/redis-17.3.7.tgz version: 17.3.7 redpanda: + - annotations: + artifacthub.io/images: | + - name: redpanda + image: vectorized/redpanda:v23.1.8 + - name: busybox + image: busybox:latest + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://docs.redpanda.com + - name: "Helm (>= 3.6.0)" + url: https://helm.sh/docs/intro/install/ + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redpanda + catalog.cattle.io/kube-version: '>=1.21-0' + catalog.cattle.io/release-name: redpanda + apiVersion: v2 + appVersion: v23.1.8 + created: "2023-05-18T13:48:14.283050847Z" + dependencies: + - condition: console.enabled + name: console + repository: file://./charts/console + version: '>=0.5 <1.0' + description: Redpanda is the real-time engine for modern apps. + digest: 1384de4d17a9cb2d7e4d2252f6158cb6e20268926e55de099603966d45d23ae3 + icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg + kubeVersion: '>=1.21-0' + maintainers: + - name: redpanda-data + url: https://github.com/orgs/redpanda-data/people + name: redpanda + sources: + - https://github.com/redpanda-data/helm-charts + type: application + urls: + - assets/redpanda/redpanda-4.0.17.tgz + version: 4.0.17 - annotations: artifacthub.io/images: | - name: redpanda @@ -32890,6 +33481,40 @@ entries: - assets/shipa/shipa-1.4.0.tgz version: 1.4.0 spark: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Apache Spark + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: spark + category: Infrastructure + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 3.3.2 + created: "2023-05-18T13:48:09.171853957Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Apache Spark is a high-performance engine for large-scale computing + tasks, such as data processing, machine learning and real-time data streaming. + It includes APIs for Java, Python, Scala and R. + digest: 820d812e94f064d72bbe1e8b585fda0421b67820125d3fe7a2bce7627f7a9cc5 + home: https://bitnami.com + icon: https://www.apache.org/logos/res/spark/default.png + keywords: + - apache + - spark + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: spark + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/spark + urls: + - assets/bitnami/spark-6.6.2.tgz + version: 6.6.2 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Apache Spark @@ -33550,6 +34175,37 @@ entries: - assets/bitnami/spark-6.3.8.tgz version: 6.3.8 speedscale-operator: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Speedscale Operator + catalog.cattle.io/kube-version: '>= 1.17.0-0' + catalog.cattle.io/release-name: speedscale-operator + apiVersion: v1 + appVersion: 1.3.33 + created: "2023-05-18T13:48:14.376952307Z" + description: Stress test your APIs with real world scenarios. Collect and replay + traffic without scripting. + digest: f52a892b2c2fd1a4d6713b4b75c41d94f7afdcc958aed2b74a7674ea7638554e + home: https://speedscale.com + icon: https://raw.githubusercontent.com/speedscale/assets/main/logo/gold_logo_only.png + keywords: + - speedscale + - test + - testing + - regression + - reliability + - load + - replay + - network + - traffic + kubeVersion: '>= 1.17.0-0' + maintainers: + - email: support@speedscale.com + name: Speedscale Support + name: speedscale-operator + urls: + - assets/speedscale/speedscale-operator-1.3.3.tgz + version: 1.3.3 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Speedscale Operator @@ -34718,6 +35374,42 @@ entries: - assets/sumologic/sumologic-2.17.0.tgz version: 2.17.0 sysdig: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Sysdig + catalog.cattle.io/release-name: sysdig + apiVersion: v1 + appVersion: 12.14.1 + created: "2023-05-18T13:48:14.647292332Z" + description: Sysdig Monitor and Secure agent + digest: 570fcfb852de83c2fcbcfa947fb3dc047cc655844b4b3443b67a598bf7cb0919 + home: https://www.sysdig.com/ + icon: https://avatars.githubusercontent.com/u/5068817?s=200&v=4 + keywords: + - monitoring + - security + - alerting + - metric + - troubleshooting + - run-time + maintainers: + - email: lachlan@deis.com + name: lachie83 + - email: jorge.salamero@sysdig.com + name: bencer + - email: nestor.salceda@sysdig.com + name: nestorsalceda + - email: alvaro.iradier@sysdig.com + name: airadier + - email: carlos.arilla@sysdig.com + name: carillan81 + name: sysdig + sources: + - https://app.sysdigcloud.com/#/settings/user + - https://github.com/draios/sysdig + urls: + - assets/sysdig/sysdig-1.15.88.tgz + version: 1.15.88 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Sysdig @@ -37110,6 +37802,31 @@ entries: - assets/traefik/traefik-10.6.0.tgz version: 10.6.0 triggermesh: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: TriggerMesh + catalog.cattle.io/kube-version: '>=1.20-0' + catalog.cattle.io/release-name: triggermesh + apiVersion: v2 + appVersion: v1.25.0 + created: "2023-05-18T13:48:14.745259512Z" + dependencies: + - condition: triggermesh-core.enabled + name: triggermesh-core + repository: file://./charts/triggermesh-core + tags: + - triggermesh + - triggermesh-core + - brokers + version: 1.2.x + description: A Helm chart deploying TriggerMesh Open Source Components + digest: c575740cd5123acd147e97d53b917428d18ac7a119fc9b6d61d97774fa5a64b9 + icon: https://partner-charts.rancher.io/assets/logos/triggermesh.svg + name: triggermesh + type: application + urls: + - assets/triggermesh/triggermesh-0.8.1.tgz + version: 0.8.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: TriggerMesh @@ -38098,6 +38815,53 @@ entries: - assets/hashicorp/vault-0.22.0.tgz version: 0.22.0 wordpress: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: WordPress + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: wordpress + category: CMS + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 6.2.1 + created: "2023-05-18T13:48:09.732240275Z" + dependencies: + - condition: memcached.enabled + name: memcached + repository: file://./charts/memcached + version: 6.x.x + - condition: mariadb.enabled + name: mariadb + repository: file://./charts/mariadb + version: 12.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: WordPress is the world's most popular blogging and content management + platform. Powerful yet simple, everyone from students to global corporations + use it to build beautiful, functional websites. + digest: 81534ed6c7a73765c1e2b0ef470292e65caf19ecd40c4f035b37dd11e46101e8 + home: https://bitnami.com + icon: https://s.w.org/style/images/about/WordPress-logotype-simplified.png + keywords: + - application + - blog + - cms + - http + - php + - web + - wordpress + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: wordpress + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/wordpress + urls: + - assets/bitnami/wordpress-16.1.5.tgz + version: 16.1.5 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: WordPress @@ -40150,6 +40914,32 @@ entries: - assets/bitnami/wordpress-15.2.6.tgz version: 15.2.6 yugabyte: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: YugabyteDB + catalog.cattle.io/kube-version: '>=1.18-0' + catalog.cattle.io/release-name: yugabyte + charts.openshift.io/name: yugabyte + apiVersion: v2 + appVersion: 2.18.0.0-b65 + created: "2023-05-18T13:48:15.03880485Z" + description: YugabyteDB is the high-performance distributed SQL database for building + global, internet-scale apps. + digest: b1d076457aa61301074db1e73a24fc02a4d46e5d1847b588fd603d3eaf74d667 + home: https://www.yugabyte.com + icon: https://avatars0.githubusercontent.com/u/17074854?s=200&v=4 + kubeVersion: '>=1.18-0' + maintainers: + - email: sanketh@yugabyte.com + name: Sanketh Indarapu + - email: gjalla@yugabyte.com + name: Govardhan Reddy Jalla + name: yugabyte + sources: + - https://github.com/yugabyte/yugabyte-db + urls: + - assets/yugabyte/yugabyte-2.18.0.tgz + version: 2.18.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: YugabyteDB @@ -40443,6 +41233,32 @@ entries: - assets/yugabyte/yugabyte-2.14.3.tgz version: 2.14.3 yugaware: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: YugabyteDB Anywhere + catalog.cattle.io/kube-version: '>=1.18-0' + catalog.cattle.io/release-name: yugaware + charts.openshift.io/name: yugaware + apiVersion: v2 + appVersion: 2.18.0.0-b65 + created: "2023-05-18T13:48:15.058480946Z" + description: YugabyteDB Anywhere provides deployment, orchestration, and monitoring + for managing YugabyteDB clusters. YugabyteDB Anywhere can create a YugabyteDB + cluster with multiple pods provided by Kubernetes or OpenShift and logically + grouped together to form one logical distributed database. + digest: 404345e84d516574299b88a5f8e24a00b30abbe7e81a700fb7c2c01258969b52 + home: https://www.yugabyte.com + icon: https://avatars0.githubusercontent.com/u/17074854?s=200&v=4 + kubeVersion: '>=1.18-0' + maintainers: + - email: sanketh@yugabyte.com + name: Sanketh Indarapu + - email: gjalla@yugabyte.com + name: Govardhan Reddy Jalla + name: yugaware + urls: + - assets/yugabyte/yugaware-2.18.0.tgz + version: 2.18.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: YugabyteDB Anywhere