andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Charts CI 

```
Updated:
  haproxy/haproxy:
    - 1.39.4
  jaeger/jaeger-operator:
    - 2.54.0
  jenkins/jenkins:
    - 5.1.22
  jfrog/artifactory-ha:
    - 107.84.12
  jfrog/artifactory-jcr:
    - 107.84.12
  linkerd/linkerd-control-plane:
    - 2024.5.4
  linkerd/linkerd-crds:
    - 2024.5.4
  redpanda/redpanda:
    - 5.8.6
```
pull/1022/head
github-actions[bot] 2024-05-24 00:55:29 +00:00
parent 9a02969637
commit f594ddd8dc
83 changed files with 898 additions and 149 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/haproxy/haproxy-1.39.4.tgz Normal file
View File

Binary file not shown.

BIN
assets/jaeger/jaeger-operator-2.54.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/jenkins/jenkins-5.1.22.tgz Normal file
View File

Binary file not shown.

BIN
assets/jfrog/artifactory-ha-107.84.12.tgz Normal file
View File

Binary file not shown.

BIN
assets/jfrog/artifactory-jcr-107.84.12.tgz Normal file
View File

Binary file not shown.

BIN
assets/linkerd/linkerd-control-plane-2024.5.3.tgz
View File

Binary file not shown.

BIN
assets/linkerd/linkerd-control-plane-2024.5.4.tgz Normal file
View File

Binary file not shown.

BIN
assets/linkerd/linkerd-crds-2024.5.4.tgz Normal file
View File

Binary file not shown.

BIN
assets/redpanda/redpanda-5.8.6.tgz Normal file
View File

Binary file not shown.

4
charts/haproxy/haproxy/Chart.yaml
View File

@ -1,6 +1,6 @@
annotations:
artifacthub.io/changes: |
- Use Ingress Controller 1.11.4 version for base image
- Replace tpl with default for Ingress Controller image tag (#244)
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: HAProxy Kubernetes Ingress Controller
catalog.cattle.io/kube-version: '>=1.23.0-0'
@ -21,4 +21,4 @@ name: haproxy
sources:
- https://github.com/haproxytech/kubernetes-ingress
type: application
version: 1.39.3
version: 1.39.4

2
charts/haproxy/haproxy/README.md
View File

@ -54,8 +54,6 @@ helm install haproxytech/kubernetes-ingress \
--name my-release
```
By default Helm chart will install several [custom resource definitions](https://github.com/haproxytech/helm-charts/tree/main/kubernetes-ingress/crds) in the cluster if they are missing.
### Installing with unique name
To auto-generate controller and its resources names when installing, use the following:

4
charts/haproxy/haproxy/ci/daemonset-unprivileged-values.yaml Normal file
View File

@ -0,0 +1,4 @@
controller:
kind: DaemonSet
unprivileged: true
allowPrivilegedPorts: true

3
charts/haproxy/haproxy/ci/deployment-unprivileged-values.yaml Normal file
View File

@ -0,0 +1,3 @@
controller:
unprivileged: true
allowPrivilegedPorts: true

2
charts/haproxy/haproxy/templates/NOTES.txt
View File

@ -1,6 +1,6 @@
HAProxy Kubernetes Ingress Controller has been successfully installed.
Controller image deployed is: "{{ .Values.controller.image.repository }}:{{ tpl .Values.controller.image.tag . }}".
Controller image deployed is: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag | default .Chart.AppVersion }}".
Your controller is of a "{{ .Values.controller.kind }}" kind. Your controller service is running as a "{{ .Values.controller.service.type }}" type.
{{- if .Values.rbac.create}}
RBAC authorization is enabled.

7
charts/haproxy/haproxy/templates/_helpers.tpl
View File

@ -159,4 +159,11 @@ Create a default fully qualified unique CRD job name.
{{- printf "%s-%s-%d" (include "kubernetes-ingress.fullname" .) "crdjob" .Release.Revision | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a FQDN for the proxy pods.
*/}}
{{- define "kubernetes-ingress.serviceProxyName" -}}
{{- printf "%s-%s" (include "kubernetes-ingress.fullname" . | trunc 58 | trimSuffix "-") "proxy" }}
{{- end -}}
{{/* vim: set filetype=mustache: */}}

8
charts/haproxy/haproxy/templates/clusterrole.yaml
View File

@ -140,4 +140,12 @@ rules:
- get
- list
- watch
{{- if and (eq .Values.controller.sync.mode "fetch") (eq .Values.controller.sync.fetchParams.source "proxy") }}
- apiGroups:
- "coordination.k8s.io"
resources:
- leases
verbs:
- "*"
{{- end }}
{{- end -}}

2
charts/haproxy/haproxy/templates/controller-crdjob.yaml
View File

@ -69,7 +69,7 @@ spec:
{{- end }}
containers:
- name: crd
image: "{{ .Values.controller.image.repository }}:{{ tpl .Values.controller.image.tag . }}"
image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
command:
- /haproxy-ingress-controller

7
charts/haproxy/haproxy/templates/controller-daemonset.yaml
View File

@ -85,10 +85,15 @@ spec:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
{{- if .Values.controller.allowPrivilegedPorts }}
sysctls:
- name: net.ipv4.ip_unprivileged_port_start
value: "0"
{{- end }}
{{- end }}
containers:
- name: {{ include "kubernetes-ingress.name" . }}-{{ .Values.controller.name }}
image: "{{ .Values.controller.image.repository }}:{{ tpl .Values.controller.image.tag . }}"
image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
args:
{{- if .Values.controller.defaultTLSSecret.enabled -}}

18
charts/haproxy/haproxy/templates/controller-deployment.yaml
View File

@ -85,10 +85,15 @@ spec:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
{{- if .Values.controller.allowPrivilegedPorts }}
sysctls:
- name: net.ipv4.ip_unprivileged_port_start
value: "0"
{{- end }}
{{- end }}
containers:
- name: {{ include "kubernetes-ingress.name" . }}-{{ .Values.controller.name }}
image: "{{ .Values.controller.image.repository }}:{{ tpl .Values.controller.image.tag . }}"
image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
args:
{{- if .Values.controller.defaultTLSSecret.enabled -}}
@ -120,6 +125,17 @@ spec:
{{- if .Values.controller.service.enablePorts.prometheus }}
- --prometheus
{{- end }}
{{- if eq .Values.controller.sync.mode "fetch" }}
{{- if .Values.controller.sync.fetchParams.period }}
- --proxy-k8s-fetch-period={{ .Values.controller.sync.fetchParams.period }}
{{- end }}
{{- if eq .Values.controller.sync.fetchParams.source "k8s" }}
- --k8s-api-sync-type=k8s
{{- else if eq .Values.controller.sync.fetchParams.source "proxy" }}
- --k8s-api-sync-type=proxy
- --proxy-svc-label-selector={{ .Values.controller.sync.proxyParams.proxySvcLabelSelector }}
{{- end }}
{{- end }}
{{- range .Values.controller.extraArgs }}
- {{ . }}
{{- end }}

276
charts/haproxy/haproxy/templates/controller-proxy-deployment.yaml Normal file
View File

@ -0,0 +1,276 @@
{{/*
Copyright 2024 HAProxy Technologies LLC
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and (eq .Values.controller.sync.mode "fetch") (eq .Values.controller.sync.fetchParams.source "proxy") }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "kubernetes-ingress.serviceProxyName" . }}
namespace: {{ include "kubernetes-ingress.namespace" . }}
labels:
app.kubernetes.io/name: {{ include "kubernetes-ingress.serviceProxyName" . }}
helm.sh/chart: {{ include "kubernetes-ingress.chart" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
{{- if .Values.controller.extraLabels }}
{{ toYaml .Values.controller.extraLabels | indent 4 }}
{{- end }}
spec:
{{- if and (not .Values.controller.autoscaling.enabled) (not .Values.controller.keda.enabled) }}
replicas: {{ .Values.controller.sync.proxyParams.replicaCount }}
{{- end }}
minReadySeconds: {{ .Values.controller.minReadySeconds }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "kubernetes-ingress.serviceProxyName" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- with .Values.controller.strategy }}
strategy:
{{- toYaml . | nindent 4 }}
{{- end }}
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "kubernetes-ingress.serviceProxyName" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- if .Values.controller.podLabels }}
{{ toYaml .Values.controller.podLabels | indent 8 }}
{{- end }}
{{- if .Values.controller.podAnnotations }}
annotations:
{{ toYaml .Values.controller.podAnnotations | indent 8 }}
{{- end }}
spec:
enableServiceLinks: {{ .Values.controller.enableServiceLinks }}
serviceAccountName: {{ include "kubernetes-ingress.serviceAccountName" . }}
terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }}
{{- with .Values.controller.topologySpreadConstraints }}
topologySpreadConstraints:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.controller.dnsConfig }}
dnsConfig:
{{ toYaml .Values.controller.dnsConfig | indent 8 }}
{{- end }}
dnsPolicy: {{ .Values.controller.dnsPolicy }}
{{- if .Values.controller.imageCredentials.registry }}
imagePullSecrets:
- name: {{ include "kubernetes-ingress.fullname" . }}
{{- else if .Values.controller.existingImagePullSecret }}
imagePullSecrets:
- name: {{ .Values.controller.existingImagePullSecret }}
{{- end }}
{{- if .Values.controller.priorityClassName }}
priorityClassName: {{ .Values.controller.priorityClassName }}
{{- end }}
{{- if .Values.controller.runtimeClassName }}
runtimeClassName: {{ .Values.controller.runtimeClassName }}
{{- end }}
{{- if .Values.controller.unprivileged }}
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
{{- if .Values.controller.allowPrivilegedPorts }}
sysctls:
- name: net.ipv4.ip_unprivileged_port_start
value: "0"
{{- end }}
{{- end }}
containers:
- name: {{ include "kubernetes-ingress.name" . }}-{{ .Values.controller.name }}
image: "{{ .Values.controller.image.repository }}:{{ tpl .Values.controller.image.tag . }}"
imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
args:
{{- if .Values.controller.defaultTLSSecret.enabled -}}
{{- if and .Values.controller.defaultTLSSecret.secret .Values.controller.defaultTLSSecret.secretNamespace }}
- --default-ssl-certificate={{ tpl .Values.controller.defaultTLSSecret.secretNamespace . }}/{{ .Values.controller.defaultTLSSecret.secret }}
{{- else }}
- --default-ssl-certificate={{ include "kubernetes-ingress.namespace" . }}/{{ include "kubernetes-ingress.defaultTLSSecret.fullname" . }}
{{- end }}
{{- end }}
- --configmap={{ include "kubernetes-ingress.namespace" . }}/{{ include "kubernetes-ingress.fullname" . }}
- --http-bind-port={{ .Values.controller.containerPort.http }}
- --https-bind-port={{ .Values.controller.containerPort.https }}
{{- if and (semverCompare ">=1.24.0-0" .Capabilities.KubeVersion.Version) .Values.controller.service.enablePorts.quic }}
- --quic-bind-port={{ .Values.controller.containerPort.https }}
- --quic-announce-port={{ .Values.controller.service.ports.https }}
{{- end }}
{{- if .Values.controller.ingressClass }}
- --ingress.class={{ .Values.controller.ingressClass }}
{{- end }}
{{- if and .Values.controller.kubernetesGateway.enabled .Values.controller.kubernetesGateway.gatewayControllerName }}
- --gateway-controller-name={{ .Values.controller.kubernetesGateway.gatewayControllerName }}
{{- end }}
{{- if .Values.controller.publishService.enabled }}
- --publish-service={{ include "kubernetes-ingress.publishServicePath" . }}
{{- end }}
{{- if .Values.controller.logging.level }}
- --log={{ .Values.controller.logging.level }}
{{- end }}
{{- if .Values.controller.service.enablePorts.prometheus }}
- --prometheus
{{- end }}
- --proxy-server-mode
- --k8s-api-sync-type=k8s
- --proxy-svc-label-selector={{ .Values.controller.sync.proxyParams.proxySvcLabelSelector }}
{{- if .Values.controller.sync.fetchParams.period }}
- --proxy-k8s-fetch-period={{ .Values.controller.sync.fetchParams.period }}
{{- end }}
{{- range .Values.controller.extraArgs }}
- {{ . }}
{{- end }}
{{- if .Values.controller.unprivileged }}
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
allowPrivilegeEscalation: {{ .Values.controller.allowPrivilegeEscalation }}
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
{{- if .Values.controller.enableRuntimeDefaultSeccompProfile }}
seccompProfile:
type: RuntimeDefault
{{- end }}
{{- end }}
ports:
{{- range $key, $value := .Values.controller.containerPort }}
- name: {{ $key }}
containerPort: {{ $value }}
protocol: TCP
{{- end }}
{{- if and (semverCompare ">=1.24.0-0" .Capabilities.KubeVersion.Version) .Values.controller.service.enablePorts.quic }}
- name: quic
containerPort: {{ .Values.controller.containerPort.https }}
protocol: UDP
{{- end }}
{{- range .Values.controller.service.tcpPorts }}
- name: {{ .name }}-tcp
containerPort: {{ .targetPort }}
protocol: TCP
{{- end }}
{{- with .Values.controller.livenessProbe }}
livenessProbe:
{{- toYaml . | trim | nindent 12 }}
{{- end }}
{{- with .Values.controller.readinessProbe }}
readinessProbe:
{{- toYaml . | trim | nindent 12 }}
{{- end }}
{{- with .Values.controller.startupProbe }}
startupProbe:
{{- toYaml . | trim | nindent 12 }}
{{- end }}
env:
{{- if .Values.aws.licenseConfigSecretName }}
- name: AWS_WEB_IDENTITY_REFRESH_TOKEN_FILE
value: "/var/run/secrets/product-license/license_token"
- name: AWS_ROLE_ARN
valueFrom:
secretKeyRef:
name: {{ .Values.aws.licenseConfigSecretName }}
key: iam_role
{{- end }}
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
{{- if .Values.controller.extraEnvs -}}
{{- toYaml .Values.controller.extraEnvs | nindent 10 }}
{{- end }}
resources:
{{- toYaml .Values.controller.resources | nindent 12 }}
{{- if .Values.controller.lifecycle }}
lifecycle:
{{- if eq "string" (printf "%T" .Values.controller.lifecycle) }}
{{ tpl .Values.controller.lifecycle . | indent 12 }}
{{- else }}
{{ toYaml .Values.controller.lifecycle | indent 12 }}
{{- end }}
{{- end }}
volumeMounts:
- name: tmp
mountPath: /tmp
subPath: tmp
- name: tmp
mountPath: /run
subPath: run
{{- if .Values.aws.licenseConfigSecretName }}
- name: aws-product-license
readOnly: true
mountPath: /var/run/secrets/product-license
{{- end }}
{{- if eq "string" (printf "%T" .Values.controller.extraVolumeMounts) }}
{{ tpl .Values.controller.extraVolumeMounts . | indent 12 }}
{{- else if gt (len .Values.controller.extraVolumeMounts) 0 }}
{{ toYaml .Values.controller.extraVolumeMounts | indent 12 }}
{{- end }}
{{- if .Values.controller.extraContainers }}
{{- if eq "string" (printf "%T" .Values.controller.extraContainers) }}
{{ tpl .Values.controller.extraContainers . | indent 8 }}
{{- else }}
{{ toYaml .Values.controller.extraContainers | indent 8 }}
{{- end }}
{{- end }}
volumes:
- name: tmp
{{- if semverCompare ">=1.21.0-0" .Capabilities.KubeVersion.Version }}
emptyDir:
medium: Memory
sizeLimit: 64Mi
{{- else }}
emptyDir: {}
{{- end }}
{{- if .Values.aws.licenseConfigSecretName }}
- name: aws-product-license
secret:
secretName: {{ .Values.aws.licenseConfigSecretName }}
optional: true
{{- end }}
{{- if eq "string" (printf "%T" .Values.controller.extraVolumes) }}
{{ tpl .Values.controller.extraVolumes . | indent 8 }}
{{- else if gt (len .Values.controller.extraVolumes) 0 }}
{{ toYaml .Values.controller.extraVolumes | indent 8 }}
{{- end }}
{{- with.Values.controller.initContainers }}
initContainers:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

61
charts/haproxy/haproxy/templates/controller-proxy-service.yaml Normal file
View File

@ -0,0 +1,61 @@
{{/*
Copyright 2024 HAProxy Technologies LLC
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and (eq .Values.controller.sync.mode "fetch") (eq .Values.controller.sync.fetchParams.source "proxy") }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "kubernetes-ingress.serviceProxyName" . }}
namespace: {{ include "kubernetes-ingress.namespace" . }}
labels:
app.kubernetes.io/name: {{ include "kubernetes-ingress.serviceProxyName" . }}
helm.sh/chart: {{ include "kubernetes-ingress.chart" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
{{ (split ":" .Values.controller.sync.proxyParams.proxySvcLabelSelector)._0 }}: {{ (split ":" .Values.controller.sync.proxyParams.proxySvcLabelSelector)._1 }}
{{- if .Values.controller.service.labels }}
{{ toYaml .Values.controller.service.labels | indent 4 }}
{{- end }}
annotations:
{{- range $key, $value := .Values.controller.service.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
type: ClusterIP
{{- if .Values.controller.service.healthCheckNodePort }}
healthCheckNodePort: {{ .Values.controller.service.healthCheckNodePort }}
{{- end }}
ports:
{{- if .Values.controller.service.enablePorts.http }}
- name: http
port: {{ .Values.controller.service.ports.http }}
protocol: TCP
{{- if semverCompare ">=1.20.0-0" .Capabilities.KubeVersion.Version }}
appProtocol: http
{{- end }}
targetPort: {{ .Values.controller.service.targetPorts.http }}
{{- if .Values.controller.service.nodePorts.http }}
nodePort: {{ .Values.controller.service.nodePorts.http }}
{{- end }}
{{- end }}
selector:
app.kubernetes.io/name: {{ include "kubernetes-ingress.serviceProxyName" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- if .Values.controller.service.sessionAffinity }}
sessionAffinity: {{ .Values.controller.service.sessionAffinity }}
{{- end }}
{{- end }}

23
charts/haproxy/haproxy/values.yaml
View File

@ -61,7 +61,7 @@ controller:
name: controller
image:
repository: haproxytech/kubernetes-ingress # can be changed to use CE or EE Controller images
tag: "{{ .Chart.AppVersion }}"
tag: "" # overrides the image tag whose default is the chart appVersion
pullPolicy: IfNotPresent
## Deployment or DaemonSet pod mode
@ -78,6 +78,11 @@ controller:
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
unprivileged: true
## Allow privileged port binding without root privileges
## ref: https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/
## Note: this feature enables net.ipv4.ip_unprivileged_port_start=0 sysctl when running in unprivileged mode
allowPrivilegedPorts: false
## Restricts container syscalls
## ref: https://kubernetes.io/docs/tutorials/security/seccomp/
enableRuntimeDefaultSeccompProfile: true
@ -340,6 +345,8 @@ controller:
# annotationKey: value
## Controller Logging configuration
## Careful: this block will be ignored if you use config.cr-global.
## In this case, move your logging config in entry spec.log_targets in your CR.
logging:
## Controller logging level
## This only relevant to Controller logs
@ -560,3 +567,17 @@ controller:
path: /metrics
scheme: http
interval: 30s
## Controller sync mode with Kubernetes
## Note: requires Enterprise Kubernetes Ingress Controller
## Possible values: 'default' or 'fetch'
## - 'default': the sync is done based on K8s informers (event based)
## - 'fetch': the controller pulls data periodically (from K8s or from proxy)
sync:
mode: default # can be 'default' or 'fetch'
fetchParams: # Mandatory if mode is 'fetch'
# period: 3s # optional, default is 5s
source: k8s # possible values are: 'proxy', 'k8s'
proxyParams: # Mandatory if source is 'proxy'
replicaCount: 3 # number of replicas of the proxy, mandatory if source is 'proxy'
proxySvcLabelSelector: run:haproxy-ingress-proxy # label selector of the proxy service, mandatory if source is 'proxy'

1
charts/jaeger/jaeger-operator/COMPATIBILITY.md
View File

@ -2,6 +2,7 @@ The following table shows the compatibility of `Jaeger Operator helm chart` with
| Chart version | Jaeger Operator | Kubernetes | Strimzi Operator | Cert-Manager |
|---------------------------|-----------------|-----------------|--------------------|--------------|
| 2.54.0 | v1.57.x | v1.19 to v1.29 | v0.32 | v1.6.1+ |
| 2.50.0 | v1.52.x | v1.19 to v1.28 | v0.32 | v1.6.1+ |
| 2.49.0 | v1.49.x | v1.19 to v1.28 | v0.32 | v1.6.1+ |
| 2.47.0 | v1.47.x | v1.19 to v1.26 | v0.23 | v1.6.1+ |

4
charts/jaeger/jaeger-operator/Chart.yaml
View File

@ -3,7 +3,7 @@ annotations:
catalog.cattle.io/display-name: Jaeger Operator
catalog.cattle.io/release-name: jaeger-operator
apiVersion: v1
appVersion: 1.52.0
appVersion: 1.57.0
description: jaeger-operator Helm chart for Kubernetes
home: https://www.jaegertracing.io/
icon: https://www.jaegertracing.io/img/jaeger-icon-reverse-color.svg
@ -15,4 +15,4 @@ maintainers:
name: jaeger-operator
sources:
- https://github.com/jaegertracing/jaeger-operator
version: 2.53.0
version: 2.54.0

2
charts/jaeger/jaeger-operator/README.md
View File

@ -59,7 +59,7 @@ The following table lists the configurable parameters of the jaeger-operator cha
| `serviceExtraLabels` | Additional labels to jaeger-operator service | `{}` |
| `extraLabels` | Additional labels to jaeger-operator deployment | `{}` |
| `image.repository` | Controller container image repository | `jaegertracing/jaeger-operator` |
| `image.tag` | Controller container image tag | `1.52.0` |
| `image.tag` | Controller container image tag | `1.57.0` |
| `image.pullPolicy` | Controller container image pull policy | `IfNotPresent` |
| `jaeger.create` | Jaeger instance will be created | `false` |
| `jaeger.spec` | Jaeger instance specification | `{}` |

2
charts/jaeger/jaeger-operator/values.yaml
View File

@ -4,7 +4,7 @@
image:
repository: jaegertracing/jaeger-operator
tag: 1.52.0
tag: 1.57.0
pullPolicy: IfNotPresent
imagePullSecrets: []

4
charts/jenkins/jenkins/CHANGELOG.md
View File

@ -12,6 +12,10 @@ Use the following links to reference issues, PRs, and commits prior to v2.6.0.
The changelog until v1.5.7 was auto-generated based on git commits.
Those entries include a reference to the git commit to be able to get more details.
## 5.1.22
Update `configuration-as-code` to version `1810.v9b_c30a_249a_4c`
## 5.1.21
Update `kubernetes` to version `4231.vb_a_6b_8936497d`

4
charts/jenkins/jenkins/Chart.yaml
View File

@ -1,7 +1,7 @@
annotations:
artifacthub.io/category: integration-delivery
artifacthub.io/changes: |
- Update `kubernetes` to version `4231.vb_a_6b_8936497d`
- Update `configuration-as-code` to version `1810.v9b_c30a_249a_4c`
artifacthub.io/images: |
- name: jenkins
image: docker.io/jenkins/jenkins:2.452.1-jdk17
@ -50,4 +50,4 @@ sources:
- https://github.com/maorfr/kube-tasks
- https://github.com/jenkinsci/configuration-as-code-plugin
type: application
version: 5.1.21
version: 5.1.22

2
charts/jenkins/jenkins/VALUES.md
View File

@ -155,7 +155,7 @@ The following tables list the configurable parameters of the Jenkins chart and t
| [controller.initializeOnce](./values.yaml#L414) | bool | Initialize only on first installation. Ensures plugins do not get updated inadvertently. Requires `persistence.enabled` to be set to `true` | `false` |
| [controller.installLatestPlugins](./values.yaml#L403) | bool | Download the minimum required version or latest version of all dependencies | `true` |
| [controller.installLatestSpecifiedPlugins](./values.yaml#L406) | bool | Set to true to download the latest version of any plugin that is requested to have the latest version | `false` |
| [controller.installPlugins](./values.yaml#L395) | list | List of Jenkins plugins to install. If you don't want to install plugins, set it to `false` | `["kubernetes:4231.vb_a_6b_8936497d","workflow-aggregator:596.v8c21c963d92d","git:5.2.2","configuration-as-code:1807.v0175eda_00a_20"]` |
| [controller.installPlugins](./values.yaml#L395) | list | List of Jenkins plugins to install. If you don't want to install plugins, set it to `false` | `["kubernetes:4231.vb_a_6b_8936497d","workflow-aggregator:596.v8c21c963d92d","git:5.2.2","configuration-as-code:1810.v9b_c30a_249a_4c"]` |
| [controller.javaOpts](./values.yaml#L156) | string | Append to `JAVA_OPTS` env var | `nil` |
| [controller.jenkinsAdminEmail](./values.yaml#L96) | string | Email address for the administrator of the Jenkins instance | `nil` |
| [controller.jenkinsHome](./values.yaml#L101) | string | Custom Jenkins home path | `"/var/jenkins_home"` |

2
charts/jenkins/jenkins/values.yaml
View File

@ -396,7 +396,7 @@ controller:
- kubernetes:4231.vb_a_6b_8936497d
- workflow-aggregator:596.v8c21c963d92d
- git:5.2.2
- configuration-as-code:1807.v0175eda_00a_20
- configuration-as-code:1810.v9b_c30a_249a_4c
# If set to false, Jenkins will download the minimum required version of all dependencies.
# -- Download the minimum required version or latest version of all dependencies

3
charts/jfrog/artifactory-ha/CHANGELOG.md
View File

@ -1,7 +1,7 @@
# JFrog Artifactory-ha Chart Changelog
All changes to this chart will be documented in this file
## [107.84.11] - May 16, 2024
## [107.84.12] - May 20, 2024
* Added image section for `initContainers` instead of `initContainerImage`
* Renamed `router.image.imagePullPolicy` to `router.image.pullPolicy`
* Removed loggers.image section
@ -19,6 +19,7 @@ All changes to this chart will be documented in this file
* Fixed a wrong imagePullPolicy configuration
* Fixed an issue to generate unified secret to support artifactory fullname [GH-1882](https://github.com/jfrog/charts/issues/1882)
* Fixed an issue template render on loggers [GH-1883](https://github.com/jfrog/charts/issues/1883)
* Override metadata and observability image tag with `global.verisons.artifactory` value
## [107.83.0] - Mar 12, 2024
* Added image section for `metadata` and `observability`

6
charts/jfrog/artifactory-ha/Chart.yaml
View File

@ -1,11 +1,11 @@
annotations:
artifactoryServiceVersion: 7.84.15
artifactoryServiceVersion: 7.84.16
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: JFrog Artifactory HA
catalog.cattle.io/kube-version: '>= 1.19.0-0'
catalog.cattle.io/release-name: artifactory-ha
apiVersion: v2
appVersion: 7.84.11
appVersion: 7.84.12
dependencies:
- condition: postgresql.enabled
name: postgresql
@ -27,4 +27,4 @@ name: artifactory-ha
sources:
- https://github.com/jfrog/charts
type: application
version: 107.84.11
version: 107.84.12

8
charts/jfrog/artifactory-ha/templates/_helpers.tpl
View File

@ -300,10 +300,12 @@ Return the proper artifactory chart image names
{{- $tag = $dot.Values.global.versions.router | toString -}}
{{- end -}}
{{- if and $dot.Values.global.versions.initContainers (eq $indexReference "initContainers") }}
{{- $tag = $dot.Values.global.versions.initContainers | toString -}}
{{- $tag = $dot.Values.global.versions.initContainers | toString -}}
{{- end -}}
{{- if and $dot.Values.global.versions.artifactory (or (eq $indexReference "artifactory") (eq $indexReference "nginx") ) }}
{{- $tag = $dot.Values.global.versions.artifactory | toString -}}
{{- if $dot.Values.global.versions.artifactory }}
{{- if or (eq $indexReference "artifactory") (eq $indexReference "metadata") (eq $indexReference "nginx") (eq $indexReference "observability") }}
{{- $tag = $dot.Values.global.versions.artifactory | toString -}}
{{- end -}}
{{- end -}}
{{- if $dot.Values.global.imageRegistry }}
{{- printf "%s/%s:%s" $dot.Values.global.imageRegistry $repositoryName $tag -}}

2
charts/jfrog/artifactory-ha/templates/nginx-deployment.yaml
View File

@ -155,7 +155,7 @@ spec:
{{- range .Values.nginx.loggers }}
- name: {{ . | replace "_" "-" | replace "." "-" }}
image: {{ include "artifactory-ha.getImageInfoByValue" (list $ "initContainers") }}
imagePullPolicy: {{ .Values.initContainers.image.pullPolicy }}
imagePullPolicy: {{ $.Values.initContainers.image.pullPolicy }}
command:
- tail
args:

2
charts/jfrog/artifactory-jcr/CHANGELOG.md
View File

@ -1,7 +1,7 @@
# JFrog Container Registry Chart Changelog
All changes to this chart will be documented in this file.
## [107.84.11] - Feb 20, 2024
## [107.84.12] - Feb 20, 2024
* Updated `artifactory.installerInfo` content
## [107.80.0] - Feb 1, 2024

6
charts/jfrog/artifactory-jcr/Chart.yaml
View File

@ -4,11 +4,11 @@ annotations:
catalog.cattle.io/kube-version: '>= 1.19.0-0'
catalog.cattle.io/release-name: artifactory-jcr
apiVersion: v2
appVersion: 7.84.11
appVersion: 7.84.12
dependencies:
- name: artifactory
repository: file://./charts/artifactory
version: 107.84.11
version: 107.84.12
description: JFrog Container Registry
home: https://jfrog.com/container-registry/
icon: https://raw.githubusercontent.com/jfrog/charts/ea5c3112c24a973f64f3ccd99747323db292a369/stable/artifactory-jcr/logo/jcr-logo.png
@ -27,4 +27,4 @@ name: artifactory-jcr
sources:
- https://github.com/jfrog/charts
type: application
version: 107.84.11
version: 107.84.12

2
charts/jfrog/artifactory-jcr/charts/artifactory/CHANGELOG.md
View File

@ -1,7 +1,7 @@
# JFrog Artifactory Chart Changelog
All changes to this chart will be documented in this file.
## [107.84.11] - May 16, 2024
## [107.84.12] - May 16, 2024
* Added image section for `initContainers` instead of `initContainerImage`
* Renamed `router.image.imagePullPolicy` to `router.image.pullPolicy`
* Removed image section for `loggers`

4
charts/jfrog/artifactory-jcr/charts/artifactory/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 7.84.11
appVersion: 7.84.12
dependencies:
- condition: postgresql.enabled
name: postgresql
@ -21,4 +21,4 @@ name: artifactory
sources:
- https://github.com/jfrog/charts
type: application
version: 107.84.11
version: 107.84.12

2
charts/jfrog/artifactory-jcr/charts/artifactory/templates/nginx-deployment.yaml
View File

@ -158,7 +158,7 @@ spec:
{{- range .Values.nginx.loggers }}
- name: {{ . | replace "_" "-" | replace "." "-" }}
image: {{ include "artifactory.getImageInfoByValue" (list $ "initContainers") }}
imagePullPolicy: {{ .Values.initContainers.image.pullPolicy }}
imagePullPolicy: {{ $.Values.initContainers.image.pullPolicy }}
command:
- tail
args:

4
charts/linkerd/linkerd-control-plane/Chart.yaml
View File

@ -6,7 +6,7 @@ annotations:
catalog.cattle.io/kube-version: '>=1.22.0-0'
catalog.cattle.io/release-name: linkerd-control-plane
apiVersion: v2
appVersion: edge-24.5.3
appVersion: edge-24.5.4
dependencies:
- name: partials
repository: file://./charts/partials
@ -26,4 +26,4 @@ name: linkerd-control-plane
sources:
- https://github.com/linkerd/linkerd2/
type: application
version: 2024.5.3
version: 2024.5.4

5
charts/linkerd/linkerd-control-plane/README.md
View File

@ -3,7 +3,7 @@
Linkerd gives you observability, reliability, and security
for your microservices — with no code change required.
![Version: 2024.5.3](https://img.shields.io/badge/Version-2024.5.3-informational?style=flat-square)
![Version: 2024.5.4](https://img.shields.io/badge/Version-2024.5.4-informational?style=flat-square)
![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
![AppVersion: edge-XX.X.X](https://img.shields.io/badge/AppVersion-edge--XX.X.X-informational?style=flat-square)
@ -148,6 +148,7 @@ Kubernetes: `>=1.22.0-0`
| controlPlaneTracingNamespace | string | `"linkerd-jaeger"` | namespace to send control plane traces to |
| controller.podDisruptionBudget | object | `{"maxUnavailable":1}` | sets pod disruption budget parameter for all deployments |
| controller.podDisruptionBudget.maxUnavailable | int | `1` | Maximum number of pods that can be unavailable during disruption |
| controllerGID | int | `-1` | Optional customisation of the group ID for the control plane components (the group ID will be omitted if lower than 0) |
| controllerImage | string | `"cr.l5d.io/linkerd/controller"` | Docker image for the destination and identity components |
| controllerImageVersion | string | `""` | Optionally allow a specific container image Tag (or SHA) to be specified for the controllerImage. |
| controllerLogFormat | string | `"plain"` | Log format for the control plane components |
@ -240,6 +241,7 @@ Kubernetes: `>=1.22.0-0`
| proxy.disableInboundProtocolDetectTimeout | bool | `false` | When set to true, disables the protocol detection timeout on the inbound side of the proxy by setting it to a very high value |
| proxy.disableOutboundProtocolDetectTimeout | bool | `false` | When set to true, disables the protocol detection timeout on the outbound side of the proxy by setting it to a very high value |
| proxy.enableExternalProfiles | bool | `false` | Enable service profiles for non-Kubernetes services |
| proxy.gid | int | `-1` | Optional customisation of the group id under which the proxy runs (the group ID will be omitted if lower than 0) |
| proxy.image.name | string | `"cr.l5d.io/linkerd/proxy"` | Docker image for the proxy |
| proxy.image.pullPolicy | string | imagePullPolicy | Pull policy for the proxy container image |
| proxy.image.version | string | linkerdVersion | Tag for the proxy container image |
@ -291,6 +293,7 @@ Kubernetes: `>=1.22.0-0`
| proxyInit.resources.ephemeral-storage.request | string | `""` | Amount of ephemeral storage that the proxy-init container requests |
| proxyInit.resources.memory.limit | string | `"20Mi"` | Maximum amount of memory that the proxy-init container can use |
| proxyInit.resources.memory.request | string | `"20Mi"` | Amount of memory that the proxy-init container requests |
| proxyInit.runAsGroup | int | `65534` | This value is used only if runAsRoot is false; otherwise runAsGroup will be 0 |
| proxyInit.runAsRoot | bool | `false` | Allow overriding the runAsNonRoot behaviour (<https://github.com/linkerd/linkerd2/issues/7308>) |
| proxyInit.runAsUser | int | `65534` | This value is used only if runAsRoot is false; otherwise runAsUser will be 0 |
| proxyInit.skipSubnets | string | `""` | Comma-separated list of subnets in valid CIDR format that should be skipped by the proxy |

1
charts/linkerd/linkerd-control-plane/charts/partials/templates/_network-validator.tpl
View File

@ -10,6 +10,7 @@ securityContext:
drop:
- ALL
readOnlyRootFilesystem: true
runAsGroup: 65534
runAsNonRoot: true
runAsUser: 65534
seccompProfile:

6
charts/linkerd/linkerd-control-plane/charts/partials/templates/_proxy-init.tpl
View File

@ -17,6 +17,10 @@ args:
- {{.Values.proxy.ports.outbound | quote}}
- --proxy-uid
- {{.Values.proxy.uid | quote}}
{{- if ge (int .Values.proxy.gid) 0 }}
- --proxy-gid
- {{.Values.proxy.gid | quote}}
{{- end }}
- --inbound-ports-to-ignore
- "{{.Values.proxy.ports.control}},{{.Values.proxy.ports.admin}}{{ternary (printf ",%s" (.Values.proxyInit.ignoreInboundPorts | toString)) "" (not (empty .Values.proxyInit.ignoreInboundPorts)) }}"
{{- if .Values.proxyInit.ignoreOutboundPorts }}
@ -67,11 +71,13 @@ securityContext:
privileged: false
{{- end }}
{{- if .Values.proxyInit.runAsRoot }}
runAsGroup: 0
runAsNonRoot: false
runAsUser: 0
{{- else }}
runAsNonRoot: true
runAsUser: {{ .Values.proxyInit.runAsUser | int | eq 0 | ternary 65534 .Values.proxyInit.runAsUser }}
runAsGroup: {{ .Values.proxyInit.runAsGroup | int | eq 0 | ternary 65534 .Values.proxyInit.runAsGroup }}
{{- end }}
readOnlyRootFilesystem: true
seccompProfile:

3
charts/linkerd/linkerd-control-plane/charts/partials/templates/_proxy.tpl
View File

@ -220,6 +220,9 @@ securityContext:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: {{.Values.proxy.uid}}
{{- if ge (int .Values.proxy.gid) 0 }}
runAsGroup: {{.Values.proxy.gid}}
{{- end }}
seccompProfile:
type: RuntimeDefault
terminationMessagePolicy: FallbackToLogsOnError

11
charts/linkerd/linkerd-control-plane/templates/destination.yaml
View File

@ -177,6 +177,8 @@ spec:
{{- include "linkerd.affinity" $tree | nindent 6 }}
containers:
{{- if not (empty .Values.destinationProxyResources) }}
{{- $c := dig "cores" .Values.proxy.cores .Values.destinationProxyResources }}
{{- $_ := set $tree.Values.proxy "cores" $c }}
{{- $r := merge .Values.destinationProxyResources .Values.proxy.resources }}
{{- $_ := set $tree.Values.proxy "resources" $r }}
{{- end }}
@ -254,6 +256,9 @@ spec:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: {{.Values.controllerUID}}
{{- if ge (int .Values.controllerGID) 0 }}
runAsGroup: {{.Values.controllerGID}}
{{- end }}
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
@ -299,6 +304,9 @@ spec:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: {{.Values.controllerUID}}
{{- if ge (int .Values.controllerGID) 0 }}
runAsGroup: {{.Values.controllerGID}}
{{- end }}
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
@ -359,6 +367,9 @@ spec:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: {{.Values.controllerUID}}
{{- if ge (int .Values.controllerGID) 0 }}
runAsGroup: {{.Values.controllerGID}}
{{- end }}
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault

3
charts/linkerd/linkerd-control-plane/templates/heartbeat.yaml
View File

@ -85,6 +85,9 @@ spec:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: {{.Values.controllerUID}}
{{- if ge (int .Values.controllerGID) 0 }}
runAsGroup: {{.Values.controllerGID}}
{{- end }}
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault

5
charts/linkerd/linkerd-control-plane/templates/identity.yaml
View File

@ -200,6 +200,9 @@ spec:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: {{.Values.controllerUID}}
{{- if ge (int .Values.controllerGID) 0 }}
runAsGroup: {{.Values.controllerGID}}
{{- end }}
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
@ -209,6 +212,8 @@ spec:
- mountPath: /var/run/linkerd/identity/trust-roots/
name: trust-roots
{{- if not (empty .Values.identityProxyResources) }}
{{- $c := dig "cores" .Values.proxy.cores .Values.identityProxyResources }}
{{- $_ := set $tree.Values.proxy "cores" $c }}
{{- $r := merge .Values.identityProxyResources .Values.proxy.resources }}
{{- $_ := set $tree.Values.proxy "resources" $r }}
{{- end }}

5
charts/linkerd/linkerd-control-plane/templates/proxy-injector.yaml
View File

@ -57,6 +57,8 @@ spec:
{{- include "linkerd.affinity" $tree | nindent 6 }}
containers:
{{- if not (empty .Values.proxyInjectorProxyResources) }}
{{- $c := dig "cores" .Values.proxy.cores .Values.proxyInjectorProxyResources }}
{{- $_ := set $tree.Values.proxy "cores" $c }}
{{- $r := merge .Values.proxyInjectorProxyResources .Values.proxy.resources }}
{{- $_ := set $tree.Values.proxy "resources" $r }}
{{- end }}
@ -117,6 +119,9 @@ spec:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: {{.Values.controllerUID}}
{{- if ge (int .Values.controllerGID) 0 }}
runAsGroup: {{.Values.controllerGID}}
{{- end }}
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault

9
charts/linkerd/linkerd-control-plane/templates/psp.yaml
View File

@ -37,6 +37,15 @@ spec:
{{- else }}
rule: RunAsAny
{{- end }}
runAsGroup:
{{- if .Values.cniEnabled }}
rule: MustRunAs
ranges:
- min: 1000
max: 999999
{{- else }}
rule: RunAsAny
{{- end }}
supplementalGroups:
rule: MustRunAs
ranges:

9
charts/linkerd/linkerd-control-plane/values.yaml
View File

@ -24,7 +24,7 @@ controlPlaneTracing: false
# -- namespace to send control plane traces to
controlPlaneTracingNamespace: linkerd-jaeger
# -- control plane version. See Proxy section for proxy version
linkerdVersion: edge-24.5.3
linkerdVersion: edge-24.5.4
# -- default kubernetes deployment strategy
deploymentStrategy:
rollingUpdate:
@ -184,6 +184,9 @@ proxy:
request: ""
# -- User id under which the proxy runs
uid: 2102
# -- (int) Optional customisation of the group id under which the proxy runs (the group ID will be omitted if lower than 0)
gid: -1
# -- If set the injected proxy sidecars in the data plane will stay alive for
# at least the given period before receiving the SIGTERM signal from
# Kubernetes but no longer than the pod's `terminationGracePeriodSeconds`.
@ -313,6 +316,8 @@ proxyInit:
runAsRoot: false
# -- This value is used only if runAsRoot is false; otherwise runAsUser will be 0
runAsUser: 65534
# -- This value is used only if runAsRoot is false; otherwise runAsGroup will be 0
runAsGroup: 65534
xtMountPath:
mountPath: /run
name: linkerd-proxy-init-xtables-lock
@ -360,6 +365,8 @@ controllerImageVersion: ""
controllerReplicas: 1
# -- User ID for the control plane components
controllerUID: 2103
# -- (int) Optional customisation of the group ID for the control plane components (the group ID will be omitted if lower than 0)
controllerGID: -1
# destination configuration
# set resources for the sp-validator and its linkerd proxy respectively

2
charts/linkerd/linkerd-crds/Chart.yaml
View File

@ -23,4 +23,4 @@ name: linkerd-crds
sources:
- https://github.com/linkerd/linkerd2/
type: application
version: 2024.5.3
version: 2024.5.4

2
charts/linkerd/linkerd-crds/README.md
View File

@ -3,7 +3,7 @@
Linkerd gives you observability, reliability, and security
for your microservices — with no code change required.
![Version: 2024.5.3](https://img.shields.io/badge/Version-2024.5.3-informational?style=flat-square)
![Version: 2024.5.4](https://img.shields.io/badge/Version-2024.5.4-informational?style=flat-square)
![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
**Homepage:** <https://linkerd.io>

1
charts/linkerd/linkerd-crds/charts/partials/templates/_network-validator.tpl
View File

@ -10,6 +10,7 @@ securityContext:
drop:
- ALL
readOnlyRootFilesystem: true
runAsGroup: 65534
runAsNonRoot: true
runAsUser: 65534
seccompProfile:

6
charts/linkerd/linkerd-crds/charts/partials/templates/_proxy-init.tpl
View File

@ -17,6 +17,10 @@ args:
- {{.Values.proxy.ports.outbound | quote}}
- --proxy-uid
- {{.Values.proxy.uid | quote}}
{{- if ge (int .Values.proxy.gid) 0 }}
- --proxy-gid
- {{.Values.proxy.gid | quote}}
{{- end }}
- --inbound-ports-to-ignore
- "{{.Values.proxy.ports.control}},{{.Values.proxy.ports.admin}}{{ternary (printf ",%s" (.Values.proxyInit.ignoreInboundPorts | toString)) "" (not (empty .Values.proxyInit.ignoreInboundPorts)) }}"
{{- if .Values.proxyInit.ignoreOutboundPorts }}
@ -67,11 +71,13 @@ securityContext:
privileged: false
{{- end }}
{{- if .Values.proxyInit.runAsRoot }}
runAsGroup: 0
runAsNonRoot: false
runAsUser: 0
{{- else }}
runAsNonRoot: true
runAsUser: {{ .Values.proxyInit.runAsUser | int | eq 0 | ternary 65534 .Values.proxyInit.runAsUser }}
runAsGroup: {{ .Values.proxyInit.runAsGroup | int | eq 0 | ternary 65534 .Values.proxyInit.runAsGroup }}
{{- end }}
readOnlyRootFilesystem: true
seccompProfile:

3
charts/linkerd/linkerd-crds/charts/partials/templates/_proxy.tpl
View File

@ -220,6 +220,9 @@ securityContext:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: {{.Values.proxy.uid}}
{{- if ge (int .Values.proxy.gid) 0 }}
runAsGroup: {{.Values.proxy.gid}}
{{- end }}
seccompProfile:
type: RuntimeDefault
terminationMessagePolicy: FallbackToLogsOnError

2
charts/redpanda/redpanda/Chart.yaml
View File

@ -37,4 +37,4 @@ name: redpanda
sources:
- https://github.com/redpanda-data/helm-charts
type: application
version: 5.8.5
version: 5.8.6

4
charts/redpanda/redpanda/README.md
View File

@ -3,14 +3,14 @@
description: Find the default values and descriptions of settings in the Redpanda Helm chart.
---
![Version: 5.8.5](https://img.shields.io/badge/Version-5.8.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v24.1.1](https://img.shields.io/badge/AppVersion-v24.1.1-informational?style=flat-square)
![Version: 5.8.6](https://img.shields.io/badge/Version-5.8.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v24.1.1](https://img.shields.io/badge/AppVersion-v24.1.1-informational?style=flat-square)
This page describes the official Redpanda Helm Chart. In particular, this page describes the contents of the charts [`values.yaml` file](https://github.com/redpanda-data/helm-charts/blob/main/charts/redpanda/values.yaml). Each of the settings is listed and described on this page, along with any default values.
For instructions on how to install and use the chart, including how to override and customize the charts values, refer to the [deployment documentation](https://docs.redpanda.com/docs/deploy/deployment-option/self-hosted/kubernetes/kubernetes-deploy/).
----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.11.2](https://github.com/norwoodj/helm-docs/releases/v1.11.2)
Autogenerated from chart metadata using [helm-docs v1.13.1](https://github.com/norwoodj/helm-docs/releases/v1.13.1)
## Source Code

15
charts/redpanda/redpanda/templates/NOTES.txt
View File

@ -35,9 +35,6 @@ Any rpk command that's given to the user in in this file must be defined in _exa
-}}
{{- $anySASL := (include "sasl-enabled" . | fromJson).bool }}
{{- $rpk := deepCopy . }}
{{- $_ := set $rpk "rpk" "rpk" }}
Congratulations on installing {{ .Chart.Name }}!
@ -82,26 +79,26 @@ Try some sample commands:
{{- if and $anySASL }}
Create a user:
{{ include "rpk-acl-user-create" $rpk }}
{{ include "rpk-acl-user-create" . }}
Give the user permissions:
{{ include "rpk-acl-create" $rpk }}
{{ include "rpk-acl-create" . }}
{{- end }}
Get the api status:
{{ include "rpk-cluster-info" $rpk }}
{{ include "rpk-cluster-info" . }}
Create a topic
{{ include "rpk-topic-create" $rpk }}
{{ include "rpk-topic-create" . }}
Describe the topic:
{{ include "rpk-topic-describe" $rpk }}
{{ include "rpk-topic-describe" . }}
Delete the topic:
{{ include "rpk-topic-delete" $rpk }}
{{ include "rpk-topic-delete" . }}

12
charts/redpanda/redpanda/templates/_example-commands.tpl
View File

@ -23,30 +23,30 @@ and tested in a test.
{{/* tested in tests/test-kafka-sasl-status.yaml */}}
{{- define "rpk-acl-user-create" -}}
{{ .rpk }} acl user create myuser --new-password changeme --mechanism {{ include "sasl-mechanism" . }}
rpk acl user create myuser --new-password changeme --mechanism {{ include "sasl-mechanism" . }}
{{- end -}}
{{/* tested in tests/test-kafka-sasl-status.yaml */}}
{{- define "rpk-acl-create" -}}
{{ .rpk }} acl create --allow-principal 'myuser' --allow-host '*' --operation all --topic 'test-topic'
rpk acl create --allow-principal 'myuser' --allow-host '*' --operation all --topic 'test-topic'
{{- end -}}
{{/* tested in tests/test-kafka-sasl-status.yaml */}}
{{- define "rpk-cluster-info" -}}
{{ .rpk }} cluster info
rpk cluster info
{{- end -}}
{{/* tested in tests/test-kafka-sasl-status.yaml */}}
{{- define "rpk-topic-create" -}}
{{ .rpk }} topic create test-topic -p 3 -r {{ min (int64 .Values.statefulset.replicas) 3 }}
rpk topic create test-topic -p 3 -r {{ min (int64 .Values.statefulset.replicas) 3 }}
{{- end -}}
{{/* tested in tests/test-kafka-sasl-status.yaml */}}
{{- define "rpk-topic-describe" -}}
{{ .rpk }} topic describe test-topic
rpk topic describe test-topic
{{- end -}}
{{/* tested in tests/test-kafka-sasl-status.yaml */}}
{{- define "rpk-topic-delete" -}}
{{ .rpk }} topic delete test-topic
rpk topic delete test-topic
{{- end -}}

16
charts/redpanda/redpanda/templates/_shims.tpl
View File

@ -101,3 +101,19 @@
{{- end -}}
{{- end -}}
{{- define "_shims.lookup" -}}
{{- $apiVersion := (index .a 0) -}}
{{- $kind := (index .a 1) -}}
{{- $namespace := (index .a 2) -}}
{{- $name := (index .a 3) -}}
{{- range $_ := (list 1) -}}
{{- $result := (lookup $apiVersion $kind $namespace $name) -}}
{{- if (empty $result) -}}
{{- (dict "r" (list (coalesce nil) false)) | toJson -}}
{{- break -}}
{{- end -}}
{{- (dict "r" (list $result true)) | toJson -}}
{{- break -}}
{{- end -}}
{{- end -}}

22
charts/redpanda/redpanda/templates/_statefulset.go.tpl
View File

@ -17,11 +17,13 @@
{{- define "redpanda.StatefulSetPodLabelsSelector" -}}
{{- $dot := (index .a 0) -}}
{{- $existing := (index .a 1) -}}
{{- range $_ := (list 1) -}}
{{- if (and $dot.Release.IsUpgrade (ne $existing (coalesce nil))) -}}
{{- if (gt (int (get (fromJson (include "_shims.len" (dict "a" (list $existing.spec.selector.matchLabels) ))) "r")) 0) -}}
{{- (dict "r" $existing.spec.selector.matchLabels) | toJson -}}
{{- if $dot.Release.IsUpgrade -}}
{{- $tmp_tuple_1 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.lookup" (dict "a" (list "apps/v1" "StatefulSet" $dot.Release.Namespace (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) ))) "r")) ))) "r") -}}
{{- $ok_2 := $tmp_tuple_1.T2 -}}
{{- $existing_1 := $tmp_tuple_1.T1 -}}
{{- if (and $ok_2 (gt (int (get (fromJson (include "_shims.len" (dict "a" (list $existing_1.spec.selector.matchLabels) ))) "r")) 0)) -}}
{{- (dict "r" $existing_1.spec.selector.matchLabels) | toJson -}}
{{- break -}}
{{- end -}}
{{- end -}}
@ -39,11 +41,13 @@
{{- define "redpanda.StatefulSetPodLabels" -}}
{{- $dot := (index .a 0) -}}
{{- $existing := (index .a 1) -}}
{{- range $_ := (list 1) -}}
{{- if (and $dot.Release.IsUpgrade (ne $existing (coalesce nil))) -}}
{{- if (gt (int (get (fromJson (include "_shims.len" (dict "a" (list $existing.spec.template.metadata.labels) ))) "r")) 0) -}}
{{- (dict "r" $existing.spec.template.metadata.labels) | toJson -}}
{{- if $dot.Release.IsUpgrade -}}
{{- $tmp_tuple_2 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.lookup" (dict "a" (list "apps/v1" "StatefulSet" $dot.Release.Namespace (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) ))) "r")) ))) "r") -}}
{{- $ok_4 := $tmp_tuple_2.T2 -}}
{{- $existing_3 := $tmp_tuple_2.T1 -}}
{{- if (and $ok_4 (gt (int (get (fromJson (include "_shims.len" (dict "a" (list $existing_3.spec.template.metadata.labels) ))) "r")) 0)) -}}
{{- (dict "r" $existing_3.spec.template.metadata.labels) | toJson -}}
{{- break -}}
{{- end -}}
{{- end -}}
@ -53,7 +57,7 @@
{{- $statefulSetLabels = $values.statefulset.podTemplate.labels -}}
{{- end -}}
{{- $defaults := (dict "redpanda.com/poddisruptionbudget" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") ) -}}
{{- (dict "r" (merge (dict ) $statefulSetLabels (get (fromJson (include "redpanda.StatefulSetPodLabelsSelector" (dict "a" (list $dot $existing) ))) "r") $defaults (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r"))) | toJson -}}
{{- (dict "r" (merge (dict ) $statefulSetLabels (get (fromJson (include "redpanda.StatefulSetPodLabelsSelector" (dict "a" (list $dot) ))) "r") $defaults (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r"))) | toJson -}}
{{- break -}}
{{- end -}}
{{- end -}}

6
charts/redpanda/redpanda/templates/_statefulset.tpl
View File

@ -20,8 +20,7 @@ limitations under the License.
StatefulSets cannot change their selector. Use the existing one even if it's broken.
New installs will get better selectors.
*/ -}}
{{- $sts := lookup "apps/v1" "StatefulSet" .Release.Namespace (include "redpanda.fullname" .) -}}
{{- get ((include "redpanda.StatefulSetPodLabelsSelector" (dict "a" (list . $sts))) | fromJson) "r" | toYaml }}
{{- get (include "redpanda.StatefulSetPodLabelsSelector" (dict "a" (list .)) | fromJson) "r" | toYaml }}
{{- end -}}
{{- define "statefulset-pod-labels" -}}
@ -29,8 +28,7 @@ limitations under the License.
StatefulSets cannot change their selector. Use the existing one even if it's broken.
New installs will get better selectors.
*/ -}}
{{- $sts := lookup "apps/v1" "StatefulSet" .Release.Namespace (include "redpanda.fullname" .) -}}
{{- get ((include "redpanda.StatefulSetPodLabels" (dict "a" (list . $sts))) | fromJson) "r" | toYaml }}
{{- get (include "redpanda.StatefulSetPodLabels" (dict "a" (list .)) | fromJson) "r" | toYaml }}
{{- end -}}
{{/*

7
charts/redpanda/redpanda/templates/cert-issuers.yaml
View File

@ -15,7 +15,6 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if (include "tls-enabled" . | fromJson).bool }}
{{- $root := deepCopy . }}
{{- $release := .Release }}
{{- $values := .Values }}
{{- range $name, $data := $values.tls.certs }}
@ -34,7 +33,7 @@ metadata:
name: {{ template "redpanda.fullname" $ }}-{{ $name }}-selfsigned-issuer
namespace: {{ $release.Namespace | quote }}
labels:
{{- with include "full.labels" $root }}
{{- with include "full.labels" $ }}
{{- . | nindent 4 }}
{{- end }}
spec:
@ -48,7 +47,7 @@ metadata:
name: {{ template "redpanda.fullname" $ }}-{{ $name }}-root-issuer
namespace: {{ $release.Namespace | quote }}
labels:
{{- with include "full.labels" $root }}
{{- with include "full.labels" $ }}
{{- . | nindent 4 }}
{{- end }}
spec:
@ -62,7 +61,7 @@ metadata:
name: {{ template "redpanda.fullname" $ }}-{{ $name }}-root-certificate
namespace: {{ $release.Namespace | quote }}
labels:
{{- with include "full.labels" $root }}
{{- with include "full.labels" $ }}
{{- . | nindent 4 }}
{{- end }}
spec:

3
charts/redpanda/redpanda/templates/connectors/connectors.yaml
View File

@ -101,8 +101,7 @@ limitations under the License.
{{ $connectorsValues := merge $connectorsValues (dict "Values" (dict "deployment" (dict "create" (not .Values.connectors.deployment.create)))) }}
{{ $connectorsValues := merge $connectorsValues (dict "Values" (dict "test" (dict "create" (not .Values.connectors.test.create)))) }}
{{ $helmVars := deepCopy .Subcharts.connectors }}
{{ $helmVars := merge $connectorsValues $helmVars }}
{{ $helmVars := merge $connectorsValues .Subcharts.connectors }}
{{ include (print .Subcharts.connectors.Template.BasePath "/deployment.yaml") $helmVars }}
---
{{ include (print .Subcharts.connectors.Template.BasePath "/tests/01-mm2-values.yaml") $helmVars }}

25
charts/redpanda/redpanda/templates/console/configmap-and-deployment.yaml
View File

@ -14,7 +14,6 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{ $values := .Values }}
{{/* Secret */}}
{{ $secretConfig := dict ( dict
@ -39,8 +38,7 @@ limitations under the License.
"secret" $secretConfig
)}}
{{ $console := deepCopy .Subcharts.console }}
{{ $console = merge $config $console }}
{{ $console := merge $config .Subcharts.console }}
---
{{ include (print .Subcharts.console.Template.BasePath "/secret.yaml") $console }}
{{ end }}
@ -56,7 +54,7 @@ limitations under the License.
{{/* brokers */}}
{{ $kafkaBrokers := list }}
{{ range (include "seed-server-list" . | mustFromJson) }}
{{ $kafkaBrokers = append $kafkaBrokers (printf "%s:%d" . (int $values.listeners.kafka.port)) }}
{{ $kafkaBrokers = append $kafkaBrokers (printf "%s:%d" . (int $.Values.listeners.kafka.port)) }}
{{ end }}
{{/* sasl */}}
@ -73,7 +71,7 @@ limitations under the License.
{{ if (include "schemaRegistry-internal-tls-enabled" . | fromJson).bool }}
{{ $proto = "https" }}
{{ end }}
{{ $port := int $values.listeners.schemaRegistry.port }}
{{ $port := int $.Values.listeners.schemaRegistry.port }}
{{ range (include "seed-server-list" . | mustFromJson) }}
{{ $urls = append $urls (printf "%s://%s:%d" $proto . $port) }}
{{ end }}
@ -83,16 +81,15 @@ limitations under the License.
{{ $connectConfig := dict }}
{{ if .Values.connectors.enabled }}
{{ $connectorsValues := deepCopy .Subcharts.connectors }}
{{ $connectorsValues = merge $connectorsValues .Values.connectors }}
{{ $connectorsValues = merge (dict) $.Subcharts.connector .Values.connectors }}
{{/* Connector */}}
{{/* Currently Kafka connect helm chart does not support TLS configuraiton. That's why tls enabled is set explicitly to false*/}}
{{/* Currently Kafka connect helm chart does not support basic auth. That's why username and password is set explicitly to empty string*/}}
{{ $connectConfig = dict
"enabled" $values.connectors.enabled
"enabled" $.Values.connectors.enabled
"clusters" (list
(dict
"url" (printf "http://%s.%s.svc.%s:%s" (include "connectors.serviceName" $connectorsValues) .Release.Namespace ($values.clusterDomain | trimSuffix ".") ($values.connectors.connectors.restPort | toString ))
"url" (printf "http://%s.%s.svc.%s:%s" (include "connectors.serviceName" $connectorsValues) .Release.Namespace ($.Values.clusterDomain | trimSuffix ".") ($.Values.connectors.connectors.restPort | toString ))
"name" "connectors"
"tls" (dict
"enabled" "false"
@ -125,7 +122,7 @@ limitations under the License.
"connect" $connectConfig
}}
{{ $consoleConfig := deepCopy .Values.console.config | merge $consoleConfig }}
{{ $consoleConfig := merge $consoleConfig .Values.console.config }}
{{ $config := dict
"Values" (dict
@ -135,8 +132,7 @@ limitations under the License.
)
}}
{{ $console := deepCopy .Subcharts.console }}
{{ $console = merge $config $console }}
{{ $console := merge $config .Subcharts.console }}
---
{{ include (print .Subcharts.console.Template.BasePath "/configmap.yaml") $console }}
{{ $configmap = include (print .Subcharts.console.Template.BasePath "/configmap.yaml") $console }}
@ -285,7 +281,7 @@ limitations under the License.
"extraEnv" $extraEnv
"secret" $secretConfig
"enterprise" $enterprise
"image" $values.console.image
"image" $.Values.console.image
"autoscaling" .Values.console.autoscaling
"replicaCount" .Values.console.replicaCount
"strategy" .Values.console.strategy
@ -317,8 +313,7 @@ limitations under the License.
{{ $consoleValues := merge $consoleValues (dict "Values" (dict "podAnnotations" (dict "checksum-redpanda-chart/config" ( $configmap | toYaml | sha256sum )))) }}
{{ end }}
{{ $helmVars := deepCopy .Subcharts.console }}
{{ $helmVars := merge $consoleValues $helmVars }}
{{ $helmVars := merge $consoleValues .Subcharts.console }}
---
{{ include (print .Subcharts.console.Template.BasePath "/deployment.yaml") $helmVars }}

1
charts/redpanda/redpanda/templates/post-install-upgrade-job.yaml
View File

@ -16,7 +16,6 @@ limitations under the License.
*/}}
{{- if .Values.post_install_job.enabled }}
{{- $values := .Values }}
{{- $root := deepCopy . }}
---
apiVersion: batch/v1
kind: Job

1
charts/redpanda/redpanda/templates/post-upgrade.yaml
View File

@ -17,7 +17,6 @@ limitations under the License.
{{- if .Values.post_upgrade_job.enabled }}
{{- $service := .Values.listeners.admin -}}
{{- $cert := get .Values.tls.certs $service.tls.cert -}}
{{- $root := deepCopy . }}
apiVersion: batch/v1
kind: Job
metadata:

26
charts/redpanda/redpanda/templates/service.nodeport.go.tpl
View File

@ -17,31 +17,47 @@
{{- if (and (ne $listener.enabled (coalesce nil)) (eq $listener.enabled false)) -}}
{{- continue -}}
{{- end -}}
{{- $ports = (mustAppend $ports (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "admin-%s" $name) "protocol" "TCP" "port" $listener.port "nodePort" (index $listener.advertisedPorts 0) ))) -}}
{{- $nodePort := $listener.port -}}
{{- if (gt (int (get (fromJson (include "_shims.len" (dict "a" (list $listener.advertisedPorts) ))) "r")) 0) -}}
{{- $nodePort = (index $listener.advertisedPorts 0) -}}
{{- end -}}
{{- $ports = (mustAppend $ports (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "admin-%s" $name) "protocol" "TCP" "port" $listener.port "nodePort" $nodePort ))) -}}
{{- end -}}
{{- range $name, $listener := $values.listeners.kafka.external -}}
{{- if (and (ne $listener.enabled (coalesce nil)) (eq $listener.enabled false)) -}}
{{- continue -}}
{{- end -}}
{{- $ports = (mustAppend $ports (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "kafka-%s" $name) "protocol" "TCP" "port" $listener.port "nodePort" (index $listener.advertisedPorts 0) ))) -}}
{{- $nodePort := $listener.port -}}
{{- if (gt (int (get (fromJson (include "_shims.len" (dict "a" (list $listener.advertisedPorts) ))) "r")) 0) -}}
{{- $nodePort = (index $listener.advertisedPorts 0) -}}
{{- end -}}
{{- $ports = (mustAppend $ports (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "kafka-%s" $name) "protocol" "TCP" "port" $listener.port "nodePort" $nodePort ))) -}}
{{- end -}}
{{- range $name, $listener := $values.listeners.http.external -}}
{{- if (and (ne $listener.enabled (coalesce nil)) (eq $listener.enabled false)) -}}
{{- continue -}}
{{- end -}}
{{- $ports = (mustAppend $ports (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "http-%s" $name) "protocol" "TCP" "port" $listener.port "nodePort" (index $listener.advertisedPorts 0) ))) -}}
{{- $nodePort := $listener.port -}}
{{- if (gt (int (get (fromJson (include "_shims.len" (dict "a" (list $listener.advertisedPorts) ))) "r")) 0) -}}
{{- $nodePort = (index $listener.advertisedPorts 0) -}}
{{- end -}}
{{- $ports = (mustAppend $ports (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "http-%s" $name) "protocol" "TCP" "port" $listener.port "nodePort" $nodePort ))) -}}
{{- end -}}
{{- range $name, $listener := $values.listeners.schemaRegistry.external -}}
{{- if (and (ne $listener.enabled (coalesce nil)) (eq $listener.enabled false)) -}}
{{- continue -}}
{{- end -}}
{{- $ports = (mustAppend $ports (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "schema-%s" $name) "protocol" "TCP" "port" $listener.port "nodePort" (index $listener.advertisedPorts 0) ))) -}}
{{- $nodePort := $listener.port -}}
{{- if (gt (int (get (fromJson (include "_shims.len" (dict "a" (list $listener.advertisedPorts) ))) "r")) 0) -}}
{{- $nodePort = (index $listener.advertisedPorts 0) -}}
{{- end -}}
{{- $ports = (mustAppend $ports (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "schema-%s" $name) "protocol" "TCP" "port" $listener.port "nodePort" $nodePort ))) -}}
{{- end -}}
{{- $annotations := $values.external.annotations -}}
{{- if (eq $annotations (coalesce nil)) -}}
{{- $annotations = (dict ) -}}
{{- end -}}
{{- (dict "r" (mustMergeOverwrite (mustMergeOverwrite (dict ) (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict ) "status" (dict "loadBalancer" (dict ) ) )) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "Service" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf "%s-external" (get (fromJson (include "redpanda.ServiceName" (dict "a" (list $dot) ))) "r")) "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") "annotations" $annotations )) "spec" (mustMergeOverwrite (dict ) (dict "externalTrafficPolicy" "Local" "ports" $ports "publishNotReadyAddresses" true "selector" (get (fromJson (include "redpanda.StatefulSetPodLabelsSelector" (dict "a" (list $dot (coalesce nil)) ))) "r") "sessionAffinity" "None" "type" "NodePort" )) ))) | toJson -}}
{{- (dict "r" (mustMergeOverwrite (mustMergeOverwrite (dict ) (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict ) "status" (dict "loadBalancer" (dict ) ) )) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "Service" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf "%s-external" (get (fromJson (include "redpanda.ServiceName" (dict "a" (list $dot) ))) "r")) "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") "annotations" $annotations )) "spec" (mustMergeOverwrite (dict ) (dict "externalTrafficPolicy" "Local" "ports" $ports "publishNotReadyAddresses" true "selector" (get (fromJson (include "redpanda.StatefulSetPodLabelsSelector" (dict "a" (list $dot) ))) "r") "sessionAffinity" "None" "type" "NodePort" )) ))) | toJson -}}
{{- break -}}
{{- end -}}
{{- end -}}

1
charts/redpanda/redpanda/templates/statefulset.yaml
View File

@ -22,7 +22,6 @@ limitations under the License.
{{- $internalAdvertiseAddress := printf "%s.%s" "$(SERVICE_NAME)" (include "redpanda.internal.domain" .) -}}
{{- $uid := dig "podSecurityContext" "runAsUser" .Values.statefulset.securityContext.runAsUser .Values.statefulset -}}
{{- $gid := dig "podSecurityContext" "fsGroup" .Values.statefulset.securityContext.fsGroup .Values.statefulset -}}
{{- $root := deepCopy . }}
{{- if not (include "redpanda-atleast-22-2-0" . | fromJson).bool -}}
{{- if eq (get .Values "force" | default false) false -}}

5
charts/redpanda/redpanda/templates/tests/test-auditLogging.yaml
View File

@ -19,10 +19,7 @@
as part of setting auditLogging being enabled.
*/}}
{{- if and .Values.tests.enabled .Values.auditLogging.enabled (include "redpanda-atleast-23-3-0" . | fromJson).bool }}
{{- $rpk := deepCopy . }}
{{- $sasl := .Values.auth.sasl }}
{{- $_ := set $rpk "rpk" "rpk" }}
{{- $_ := set $rpk "dummySasl" false }}
apiVersion: v1
kind: Pod
metadata:
@ -91,4 +88,4 @@ spec:
{{- toYaml .Values.statefulset.resources | nindent 12 }}
securityContext: {{ include "container-security-context" . | nindent 8 }}
volumes: {{ include "default-volumes" . | nindent 4 }}
{{- end }}
{{- end }}

13
charts/redpanda/redpanda/templates/tests/test-connector-via-console.yaml
View File

@ -16,10 +16,9 @@ limitations under the License.
*/}}
{{- if and .Values.tests.enabled .Values.connectors.enabled .Values.console.enabled }}
{{- $sasl := .Values.auth.sasl }}
{{- $root := deepCopy . }}
{{- $values := .Values }}
{{ $consoleValues := dict "Values" (deepCopy .Values.console) "Release" .Release "Chart" .Subcharts.console.Chart }}
{{ $connectorsVars := dict "Values" (deepCopy .Values.connectors) "Release" .Release "Chart" .Subcharts.connectors.Chart }}
{{ $consoleValues := dict "Values" .Values.console "Release" .Release "Chart" .Subcharts.console.Chart }}
{{ $connectorsVars := dict "Values" .Values.connectors "Release" .Release "Chart" .Subcharts.connectors.Chart }}
{{/* brokers */}}
{{- $kafkaBrokers := list }}
{{- range (include "seed-server-list" . | mustFromJson) }}
@ -62,13 +61,13 @@ spec:
connectorsState () {
echo check connectors expand status
curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ (deepCopy .Values.connectors).connectors.restPort }}/connectors?expand=status
curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ .Values.connectors.connectors.restPort }}/connectors?expand=status
echo check connectors expand info
curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ (deepCopy .Values.connectors).connectors.restPort }}/connectors?expand=info
curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ .Values.connectors.connectors.restPort }}/connectors?expand=info
echo check connector configuration
curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ (deepCopy .Values.connectors).connectors.restPort }}/connectors/$CONNECTOR_NAME
curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ .Values.connectors.connectors.restPort }}/connectors/$CONNECTOR_NAME
echo check connector topics
curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ (deepCopy .Values.connectors).connectors.restPort }}/connectors/$CONNECTOR_NAME/topics
curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ .Values.connectors.connectors.restPort }}/connectors/$CONNECTOR_NAME/topics
}
{{- if .Values.auth.sasl.enabled }}

7
charts/redpanda/redpanda/templates/tests/test-internal-external-tls-secrets.yaml
View File

@ -16,7 +16,6 @@ limitations under the License.
*/}}
{{- if and .Values.tests.enabled (include "tls-enabled" . | fromJson).bool ( eq .Values.external.type "NodePort" ) }}
{{- $values := .Values }}
{{- $root := deepCopy . }}
apiVersion: v1
kind: Pod
metadata:
@ -73,7 +72,7 @@ spec:
-CAfile {{ printf "/etc/tls/certs/%s" $name }}/ca.crt
{{- end }}
-key {{ printf "/etc/tls/certs/%s" $name }}/tls.key
-connect {{ include "admin-api-urls" $root }}'
-connect {{ include "admin-api-urls" $ }}'
{{- end }}
{{- if eq $cert.secretRef.name "external-tls-secret" }}
@ -90,7 +89,7 @@ spec:
-connect {{ $values.external.domain }}:{{ $port }}'
{{- end }}
{{- if and (eq $values.listeners.schemaRegistry.external.default.tls.cert $name) (include "redpanda-22-2-x-without-sasl" $root | fromJson).bool }}
{{- if and (eq $values.listeners.schemaRegistry.external.default.tls.cert $name) (include "redpanda-22-2-x-without-sasl" $ | fromJson).bool }}
echo "-----> testing external tls: schema registry"
{{- $port := ( first $values.listeners.schemaRegistry.external.default.advertisedPorts ) }}
retry 5 'openssl s_client -verify_return_error -prexit
@ -101,7 +100,7 @@ spec:
-connect {{ $values.external.domain }}:{{ $port }}'
{{- end }}
{{- if and (eq $values.listeners.http.external.default.tls.cert $name) (include "redpanda-22-2-x-without-sasl" $root | fromJson).bool }}
{{- if and (eq $values.listeners.http.external.default.tls.cert $name) (include "redpanda-22-2-x-without-sasl" $ | fromJson).bool }}
echo "-----> testing external tls: http api"
{{- $port := ( first $values.listeners.http.external.default.advertisedPorts ) }}
retry 5 'openssl s_client -verify_return_error -prexit

1
charts/redpanda/redpanda/templates/tests/test-kafka-internal-tls-status.yaml
View File

@ -17,7 +17,6 @@ limitations under the License.
{{- if and .Values.tests.enabled (include "kafka-internal-tls-enabled" . | fromJson).bool (not (include "sasl-enabled" . | fromJson).bool) -}}
{{- $service := .Values.listeners.kafka -}}
{{- $cert := get .Values.tls.certs $service.tls.cert -}}
{{- $root := deepCopy . }}
apiVersion: v1
kind: Pod
metadata:

4
charts/redpanda/redpanda/templates/tests/test-kafka-nodelete.yaml
View File

@ -17,8 +17,6 @@ limitations under the License.
{{- if and .Values.tests.enabled (dig "kafka_nodelete_topics" "[]" $.Values.config.cluster) }}
{{- $noDeleteTopics := .Values.config.cluster.kafka_nodelete_topics }}
{{- $sasl := .Values.auth.sasl }}
{{- $root := deepCopy . }}
{{- $rpk := deepCopy . }}
apiVersion: v1
kind: Pod
metadata:
@ -103,4 +101,4 @@ spec:
resources: {{ toYaml .Values.statefulset.resources | nindent 12 }}
securityContext: {{ include "container-security-context" . | nindent 8 }}
volumes: {{ include "default-volumes" . | nindent 4 }}
{{- end }}
{{- end }}

4
charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml
View File

@ -16,8 +16,6 @@ limitations under the License.
*/}}
{{- if .Values.tests.enabled }}
{{- $sasl := .Values.auth.sasl }}
{{- $root := deepCopy . }}
{{- $rpk := deepCopy . }}
apiVersion: v1
kind: Pod
metadata:
@ -86,4 +84,4 @@ spec:
resources: {{ toYaml .Values.statefulset.resources | nindent 12 }}
securityContext: {{ include "container-security-context" . | nindent 8 }}
volumes: {{ include "default-volumes" . | nindent 4 }}
{{- end }}
{{- end }}

15
charts/redpanda/redpanda/templates/tests/test-kafka-sasl-status.yaml
View File

@ -15,10 +15,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.tests.enabled (include "sasl-enabled" . | fromJson).bool }}
{{- $rpk := deepCopy . }}
{{- $sasl := .Values.auth.sasl }}
{{- $_ := set $rpk "rpk" "rpk" }}
{{- $_ := set $rpk "dummySasl" false }}
apiVersion: v1
kind: Pod
metadata:
@ -66,13 +63,13 @@ spec:
done
sleep 3
{{ include "rpk-cluster-info" $rpk }}
{{ include "rpk-acl-user-create" $rpk }}
{{ include "rpk-acl-create" $rpk }}
{{ include "rpk-cluster-info" $ }}
{{ include "rpk-acl-user-create" $ }}
{{ include "rpk-acl-create" $ }}
sleep 3
{{ include "rpk-topic-create" $rpk }}
{{ include "rpk-topic-describe" $rpk }}
{{ include "rpk-topic-delete" $rpk }}
{{ include "rpk-topic-create" $ }}
{{ include "rpk-topic-describe" $ }}
{{ include "rpk-topic-delete" $ }}
rpk acl user delete myuser
volumeMounts: {{ include "default-mounts" . | nindent 8 }}
resources:

5
charts/redpanda/redpanda/templates/tests/test-loadbalancer-tls.yaml
View File

@ -16,7 +16,6 @@
*/}}
{{- if and .Values.tests.enabled .Values.tls.enabled ( eq .Values.external.type "LoadBalancer" ) -}}
{{- $values := .Values }}
{{- $root := deepCopy . }}
apiVersion: v1
kind: Pod
metadata:
@ -93,7 +92,7 @@ spec:
done
{{- end }}
{{- if (include "redpanda-22-2-x-without-sasl" $root | fromJson).bool }}
{{- if (include "redpanda-22-2-x-without-sasl" $ | fromJson).bool }}
{{- if eq $values.listeners.schemaRegistry.external.default.tls.cert $name }}
echo "-----> testing external tls: schema registry"
{{- $port := ( first $values.listeners.schemaRegistry.external.default.advertisedPorts ) }}
@ -171,4 +170,4 @@ rules:
verbs:
- get
{{- end -}}
{{- end -}}

5
charts/redpanda/redpanda/templates/tests/test-nodeport-tls.yaml
View File

@ -16,7 +16,6 @@
*/}}
{{- if and .Values.tests.enabled .Values.tls.enabled ( eq .Values.external.type "NodePort" ) -}}
{{- $values := .Values }}
{{- $root := deepCopy . }}
apiVersion: v1
kind: Pod
metadata:
@ -92,7 +91,7 @@ spec:
done
{{- end }}
{{- if (include "redpanda-22-2-x-without-sasl" $root | fromJson).bool }}
{{- if (include "redpanda-22-2-x-without-sasl" $ | fromJson).bool }}
{{- if eq $values.listeners.schemaRegistry.external.default.tls.cert $name }}
echo "-----> testing external tls: schema registry"
{{- $port := ( first $values.listeners.schemaRegistry.external.default.advertisedPorts ) }}
@ -171,4 +170,4 @@ rules:
- services
verbs:
- get
{{- end -}}
{{- end -}}

1
charts/redpanda/redpanda/templates/tests/test-pandaproxy-internal-tls-status.yaml
View File

@ -17,7 +17,6 @@ limitations under the License.
{{- if and .Values.tests.enabled (include "http-internal-tls-enabled" . | fromJson).bool .Values.listeners.http.enabled (include "redpanda-22-2-x-without-sasl" . | fromJson).bool -}}
{{- $service := .Values.listeners.http -}}
{{- $cert := get .Values.tls.certs $service.tls.cert -}}
{{- $root := deepCopy . }}
{{- $sasl := .Values.auth.sasl }}
apiVersion: v1
kind: Pod

6
charts/redpanda/redpanda/templates/tests/test-sasl-updated.yaml
View File

@ -16,10 +16,6 @@ limitations under the License.
*/}}
{{- if and .Values.tests.enabled (include "sasl-enabled" . | fromJson).bool (eq .Values.auth.sasl.secretRef "some-users") -}}
{{- $rpk := deepCopy . }}
{{- $sasl := .Values.auth.sasl }}
{{- $_ := set $rpk "rpk" "rpk" }}
{{- $_ := set $rpk "dummySasl" false }}
apiVersion: v1
kind: Pod
metadata:
@ -66,7 +62,7 @@ spec:
done
# check that sasl is not broken
{{ include "rpk-cluster-info" $rpk }}
{{ include "rpk-cluster-info" $ }}
volumeMounts: {{ include "default-mounts" . | nindent 8 }}
resources:
{{- toYaml .Values.statefulset.resources | nindent 12 }}

1
charts/redpanda/redpanda/templates/tests/test-schemaregistry-internal-tls-status.yaml
View File

@ -17,7 +17,6 @@ limitations under the License.
{{- if and .Values.tests.enabled (include "schemaRegistry-internal-tls-enabled" . | fromJson).bool .Values.listeners.schemaRegistry.enabled (include "redpanda-22-2-x-without-sasl" . | fromJson).bool -}}
{{- $service := .Values.listeners.schemaRegistry -}}
{{- $cert := get .Values.tls.certs $service.tls.cert -}}
{{- $root := deepCopy . }}
{{- $sasl := .Values.auth.sasl }}
{{- $randNumber := randNumeric 3 }}
apiVersion: v1

2
charts/redpanda/redpanda/values.schema.json
View File

@ -333,7 +333,6 @@
"repository": {
"default": "docker.redpanda.com/redpandadata/redpanda",
"description": "container image repository",
"pattern": "^[a-z0-9-_/.]+$",
"type": "string"
},
"tag": {
@ -1590,7 +1589,6 @@
"properties": {
"repository": {
"default": "docker.redpanda.com/redpandadata/redpanda-operator",
"pattern": "^[a-z0-9-_/.]+$",
"type": "string"
},
"tag": {

289
index.yaml
View File

@ -241,6 +241,40 @@ entries:
- assets/amd/amd-gpu-0.9.0.tgz
version: 0.9.0
artifactory-ha:
- annotations:
artifactoryServiceVersion: 7.84.16
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: JFrog Artifactory HA
catalog.cattle.io/kube-version: '>= 1.19.0-0'
catalog.cattle.io/release-name: artifactory-ha
apiVersion: v2
appVersion: 7.84.12
created: "2024-05-24T00:54:34.860536533Z"
dependencies:
- condition: postgresql.enabled
name: postgresql
repository: file://./charts/postgresql
version: 10.3.18
description: Universal Repository Manager supporting all major packaging formats,
build tools and CI servers.
digest: dcc8683449e95b9ea97494048cd4ab5cf9c4bb6574c150e7f811f35fcf1bab6e
home: https://www.jfrog.com/artifactory/
icon: https://raw.githubusercontent.com/jfrog/charts/ea5c3112c24a973f64f3ccd99747323db292a369/stable/artifactory-ha/logo/artifactory-logo.png
keywords:
- artifactory
- jfrog
- devops
kubeVersion: '>= 1.19.0-0'
maintainers:
- email: installers@jfrog.com
name: Chart Maintainers at JFrog
name: artifactory-ha
sources:
- https://github.com/jfrog/charts
type: application
urls:
- assets/jfrog/artifactory-ha-107.84.12.tgz
version: 107.84.12
- annotations:
artifactoryServiceVersion: 7.84.15
catalog.cattle.io/certified: partner
@ -2019,6 +2053,40 @@ entries:
- assets/jfrog/artifactory-ha-3.0.1400.tgz
version: 3.0.1400
artifactory-jcr:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: JFrog Container Registry
catalog.cattle.io/kube-version: '>= 1.19.0-0'
catalog.cattle.io/release-name: artifactory-jcr
apiVersion: v2
appVersion: 7.84.12
created: "2024-05-24T00:54:35.272512235Z"
dependencies:
- name: artifactory
repository: file://./charts/artifactory
version: 107.84.12
description: JFrog Container Registry
digest: ca5fd1ea3e44855fbaf92cd7dbcdfb1a2cec756d45f8561d49c3686a97e4f882
home: https://jfrog.com/container-registry/
icon: https://raw.githubusercontent.com/jfrog/charts/ea5c3112c24a973f64f3ccd99747323db292a369/stable/artifactory-jcr/logo/jcr-logo.png
keywords:
- artifactory
- jfrog
- container
- registry
- devops
- jfrog-container-registry
kubeVersion: '>= 1.19.0-0'
maintainers:
- email: helm@jfrog.com
name: Chart Maintainers at JFrog
name: artifactory-jcr
sources:
- https://github.com/jfrog/charts
type: application
urls:
- assets/jfrog/artifactory-jcr-107.84.12.tgz
version: 107.84.12
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: JFrog Container Registry
@ -18342,6 +18410,34 @@ entries:
- assets/gopaddle/gopaddle-4.2.5.tgz
version: 4.2.5
haproxy:
- annotations:
artifacthub.io/changes: |
- Replace tpl with default for Ingress Controller image tag (#244)
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: HAProxy Kubernetes Ingress Controller
catalog.cattle.io/kube-version: '>=1.23.0-0'
catalog.cattle.io/release-name: haproxy
apiVersion: v2
appVersion: 1.11.4
created: "2024-05-24T00:54:33.968274515Z"
description: A Helm chart for HAProxy Kubernetes Ingress Controller
digest: 2c792a2908fe1430dee7f15ca1bb8d03b37c73a035a3a7c3dc925bb57cce5dae
home: https://github.com/haproxytech/helm-charts/tree/main/kubernetes-ingress
icon: https://raw.githubusercontent.com/haproxytech/helm-charts/main/kubernetes-ingress/chart-icon.png
keywords:
- ingress
- haproxy
kubeVersion: '>=1.23.0-0'
maintainers:
- email: dkorunic@haproxy.com
name: Dinko Korunic
name: haproxy
sources:
- https://github.com/haproxytech/kubernetes-ingress
type: application
urls:
- assets/haproxy/haproxy-1.39.4.tgz
version: 1.39.4
- annotations:
artifacthub.io/changes: |
- Use Ingress Controller 1.11.4 version for base image
@ -21591,6 +21687,28 @@ entries:
- assets/intel/intel-device-plugins-sgx-0.26.0.tgz
version: 0.26.0
jaeger-operator:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Jaeger Operator
catalog.cattle.io/release-name: jaeger-operator
apiVersion: v1
appVersion: 1.57.0
created: "2024-05-24T00:54:34.294891628Z"
description: jaeger-operator Helm chart for Kubernetes
digest: 439f1fc6c61ff01dea997a3c413022ccd9b22575ca81dc816155eb36a57c96ad
home: https://www.jaegertracing.io/
icon: https://www.jaegertracing.io/img/jaeger-icon-reverse-color.svg
maintainers:
- email: ctadeu@gmail.com
name: cpanato
- email: batazor111@gmail.com
name: batazor
name: jaeger-operator
sources:
- https://github.com/jaegertracing/jaeger-operator
urls:
- assets/jaeger/jaeger-operator-2.54.0.tgz
version: 2.54.0
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Jaeger Operator
@ -21944,6 +22062,63 @@ entries:
- assets/jaeger/jaeger-operator-2.36.0.tgz
version: 2.36.0
jenkins:
- annotations:
artifacthub.io/category: integration-delivery
artifacthub.io/changes: |
- Update `configuration-as-code` to version `1810.v9b_c30a_249a_4c`
artifacthub.io/images: |
- name: jenkins
image: docker.io/jenkins/jenkins:2.452.1-jdk17
- name: k8s-sidecar
image: docker.io/kiwigrid/k8s-sidecar:1.27.2
- name: inbound-agent
image: jenkins/inbound-agent:3248.v65ecb_254c298-1
artifacthub.io/license: Apache-2.0
artifacthub.io/links: |
- name: Chart Source
url: https://github.com/jenkinsci/helm-charts/tree/main/charts/jenkins
- name: Jenkins
url: https://www.jenkins.io/
- name: support
url: https://github.com/jenkinsci/helm-charts/issues
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Jenkins
catalog.cattle.io/kube-version: '>=1.14-0'
catalog.cattle.io/release-name: jenkins
apiVersion: v2
appVersion: 2.452.1
created: "2024-05-24T00:54:34.465496244Z"
description: 'Jenkins - Build great things at any scale! As the leading open source
automation server, Jenkins provides over 1800 plugins to support building, deploying
and automating any project. '
digest: c9589b71fa63712a0c9b035afa699e1a6403980a0fd231fe71899426020fb1fe
home: https://www.jenkins.io/
icon: https://get.jenkins.io/art/jenkins-logo/logo.svg
keywords:
- jenkins
- ci
- devops
maintainers:
- email: maor.friedman@redhat.com
name: maorfr
- email: mail@torstenwalter.de
name: torstenwalter
- email: garridomota@gmail.com
name: mogaal
- email: wmcdona89@gmail.com
name: wmcdona89
- email: timjacomb1@gmail.com
name: timja
name: jenkins
sources:
- https://github.com/jenkinsci/jenkins
- https://github.com/jenkinsci/docker-inbound-agent
- https://github.com/maorfr/kube-tasks
- https://github.com/jenkinsci/configuration-as-code-plugin
type: application
urls:
- assets/jenkins/jenkins-5.1.22.tgz
version: 5.1.22
- annotations:
artifacthub.io/category: integration-delivery
artifacthub.io/changes: |
@ -30857,17 +31032,49 @@ entries:
catalog.cattle.io/kube-version: '>=1.22.0-0'
catalog.cattle.io/release-name: linkerd-control-plane
apiVersion: v2
appVersion: edge-24.5.3
created: "2024-05-16T00:54:22.479407941Z"
appVersion: edge-24.5.4
created: "2024-05-24T00:54:44.438401576Z"
dependencies:
- name: partials
repository: file://./charts/partials
version: 0.1.0
description: 'Linkerd gives you observability, reliability, and security for your
microservices — with no code change required. '
digest: 07af77938b66f5632db066149ab9daf0d9d077004520bb432dd8528461a2733d
digest: e1a189d3d116d340861cc32c37d694a5c9eadafd2cd541e2cc0b400cea05638e
home: https://linkerd.io
icon: file://assets/icons/linkerd-control-plane.png
icon: https://linkerd.io/images/logo-only-200h.png
keywords:
- service-mesh
kubeVersion: '>=1.22.0-0'
maintainers:
- email: cncf-linkerd-dev@lists.cncf.io
name: Linkerd authors
url: https://linkerd.io/
name: linkerd-control-plane
sources:
- https://github.com/linkerd/linkerd2/
type: application
urls:
- assets/linkerd/linkerd-control-plane-2024.5.4.tgz
version: 2024.5.4
- annotations:
catalog.cattle.io/auto-install: linkerd-crds
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Linkerd Control Plane
catalog.cattle.io/kube-version: '>=1.22.0-0'
catalog.cattle.io/release-name: linkerd-control-plane
apiVersion: v2
appVersion: edge-24.5.3
created: "2024-05-24T00:54:36.640677172Z"
dependencies:
- name: partials
repository: file://./charts/partials
version: 0.1.0
description: 'Linkerd gives you observability, reliability, and security for your
microservices — with no code change required. '
digest: 30469d965cd0f731611e11670fd92c6a2924e6b9a346c8f3aa77f50ddba6a0c3
home: https://linkerd.io
icon: https://linkerd.io/images/logo-only-200h.png
keywords:
- service-mesh
kubeVersion: '>=1.22.0-0'
@ -31544,6 +31751,36 @@ entries:
- assets/linkerd/linkerd-control-plane-1.12.5.tgz
version: 1.12.5
linkerd-crds:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Linkerd CRDs
catalog.cattle.io/kube-version: '>=1.22.0-0'
catalog.cattle.io/release-name: linkerd-crds
apiVersion: v2
created: "2024-05-24T00:54:44.480174664Z"
dependencies:
- name: partials
repository: file://./charts/partials
version: 0.1.0
description: 'Linkerd gives you observability, reliability, and security for your
microservices — with no code change required. '
digest: a620fe03f82a5072c1d91defafc7593aa0ac3274cbbd67086ac82ae3dbd0dd39
home: https://linkerd.io
icon: https://linkerd.io/images/logo-only-200h.png
keywords:
- service-mesh
kubeVersion: '>=1.22.0-0'
maintainers:
- email: cncf-linkerd-dev@lists.cncf.io
name: Linkerd authors
url: https://linkerd.io/
name: linkerd-crds
sources:
- https://github.com/linkerd/linkerd2/
type: application
urls:
- assets/linkerd/linkerd-crds-2024.5.4.tgz
version: 2024.5.4
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Linkerd CRDs
@ -41442,6 +41679,50 @@ entries:
- assets/quobyte/quobyte-cluster-0.1.5.tgz
version: 0.1.5
redpanda:
- annotations:
artifacthub.io/images: |
- name: redpanda
image: docker.redpanda.com/redpandadata/redpanda:v24.1.1
- name: busybox
image: busybox:latest
- name: mintel/docker-alpine-bash-curl-jq
image: mintel/docker-alpine-bash-curl-jq:latest
artifacthub.io/license: Apache-2.0
artifacthub.io/links: |
- name: Documentation
url: https://docs.redpanda.com
- name: "Helm (>= 3.10.0)"
url: https://helm.sh/docs/intro/install/
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Redpanda
catalog.cattle.io/kube-version: '>=1.21-0'
catalog.cattle.io/release-name: redpanda
apiVersion: v2
appVersion: v24.1.1
created: "2024-05-24T00:54:46.125384575Z"
dependencies:
- condition: console.enabled
name: console
repository: file://./charts/console
version: '>=0.5 <1.0'
- condition: connectors.enabled
name: connectors
repository: file://./charts/connectors
version: '>=0.1.2 <1.0'
description: Redpanda is the real-time engine for modern apps.
digest: 5fdcb8c4ba83472166a60ae73ce1f3335632a126601cc1ec26d1397687fb4a45
icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg
kubeVersion: '>=1.21-0'
maintainers:
- name: redpanda-data
url: https://github.com/orgs/redpanda-data/people
name: redpanda
sources:
- https://github.com/redpanda-data/helm-charts
type: application
urls:
- assets/redpanda/redpanda-5.8.6.tgz
version: 5.8.6
- annotations:
artifacthub.io/images: |
- name: redpanda