diff --git a/assets/argo/argo-cd-5.46.5.tgz b/assets/argo/argo-cd-5.46.5.tgz index ee76e5814..50872f695 100644 Binary files a/assets/argo/argo-cd-5.46.5.tgz and b/assets/argo/argo-cd-5.46.5.tgz differ diff --git a/assets/argo/argo-cd-5.46.6.tgz b/assets/argo/argo-cd-5.46.6.tgz new file mode 100644 index 000000000..15dd5fa93 Binary files /dev/null and b/assets/argo/argo-cd-5.46.6.tgz differ diff --git a/assets/bitnami/airflow-15.0.6.tgz b/assets/bitnami/airflow-15.0.6.tgz new file mode 100644 index 000000000..c74376fe5 Binary files /dev/null and b/assets/bitnami/airflow-15.0.6.tgz differ diff --git a/assets/bitnami/kafka-25.1.11.tgz b/assets/bitnami/kafka-25.1.11.tgz new file mode 100644 index 000000000..86df73f6a Binary files /dev/null and b/assets/bitnami/kafka-25.1.11.tgz differ diff --git a/assets/bitnami/mysql-9.12.3.tgz b/assets/bitnami/mysql-9.12.3.tgz new file mode 100644 index 000000000..ed99ab3eb Binary files /dev/null and b/assets/bitnami/mysql-9.12.3.tgz differ diff --git a/assets/bitnami/postgresql-12.12.4.tgz b/assets/bitnami/postgresql-12.12.4.tgz new file mode 100644 index 000000000..c98e5fa7a Binary files /dev/null and b/assets/bitnami/postgresql-12.12.4.tgz differ diff --git a/assets/bitnami/wordpress-17.1.9.tgz b/assets/bitnami/wordpress-17.1.9.tgz new file mode 100644 index 000000000..55abbeed6 Binary files /dev/null and b/assets/bitnami/wordpress-17.1.9.tgz differ diff --git a/assets/dell/csi-powermax-2.8.0.tgz b/assets/dell/csi-powermax-2.8.0.tgz new file mode 100644 index 000000000..673bfbf2a Binary files /dev/null and b/assets/dell/csi-powermax-2.8.0.tgz differ diff --git a/assets/prophetstor/federatorai-5.1.4.tgz b/assets/prophetstor/federatorai-5.1.4.tgz new file mode 100644 index 000000000..ead309436 Binary files /dev/null and b/assets/prophetstor/federatorai-5.1.4.tgz differ diff --git a/assets/redpanda/redpanda-5.4.6.tgz b/assets/redpanda/redpanda-5.4.6.tgz new file mode 100644 index 000000000..c164562f5 Binary files /dev/null and b/assets/redpanda/redpanda-5.4.6.tgz differ diff --git a/assets/speedscale/speedscale-operator-1.3.34.tgz b/assets/speedscale/speedscale-operator-1.3.34.tgz new file mode 100644 index 000000000..81e0a101d Binary files /dev/null and b/assets/speedscale/speedscale-operator-1.3.34.tgz differ diff --git a/charts/argo/argo-cd/Chart.yaml b/charts/argo/argo-cd/Chart.yaml index 4d57d250a..1d80d832d 100644 --- a/charts/argo/argo-cd/Chart.yaml +++ b/charts/argo/argo-cd/Chart.yaml @@ -1,7 +1,7 @@ annotations: artifacthub.io/changes: | - kind: fixed - description: fixed issue with argocd-server servicemonitor annotation attribute being added even when no annotations where defined + description: fixed repo-server deployment not restarting when a cmp configmap is modified artifacthub.io/signKey: | fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc @@ -33,4 +33,4 @@ name: argo-cd sources: - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd - https://github.com/argoproj/argo-cd -version: 5.46.5 +version: 5.46.6 diff --git a/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml index 3080c79fd..ea54e79d3 100644 --- a/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -33,6 +33,9 @@ spec: {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} {{- end }} + {{- if .Values.configs.cmp.create }} + checksum/cmp-cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmp-cm.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.repoServer.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} diff --git a/charts/bitnami/airflow/Chart.yaml b/charts/bitnami/airflow/Chart.yaml index deac0ef55..99f6a2cfb 100644 --- a/charts/bitnami/airflow/Chart.yaml +++ b/charts/bitnami/airflow/Chart.yaml @@ -6,17 +6,17 @@ annotations: category: WorkFlow images: | - name: airflow-exporter - image: docker.io/bitnami/airflow-exporter:0.20220314.0-debian-11-r407 + image: docker.io/bitnami/airflow-exporter:0.20220314.0-debian-11-r413 - name: airflow-scheduler - image: docker.io/bitnami/airflow-scheduler:2.7.1-debian-11-r0 + image: docker.io/bitnami/airflow-scheduler:2.7.1-debian-11-r2 - name: airflow-worker - image: docker.io/bitnami/airflow-worker:2.7.1-debian-11-r0 + image: docker.io/bitnami/airflow-worker:2.7.1-debian-11-r2 - name: airflow - image: docker.io/bitnami/airflow:2.7.1-debian-11-r0 + image: docker.io/bitnami/airflow:2.7.1-debian-11-r5 - name: git - image: docker.io/bitnami/git:2.42.0-debian-11-r14 + image: docker.io/bitnami/git:2.42.0-debian-11-r20 - name: os-shell - image: docker.io/bitnami/os-shell:11-debian-11-r60 + image: docker.io/bitnami/os-shell:11-debian-11-r63 licenses: Apache-2.0 apiVersion: v2 appVersion: 2.7.1 @@ -50,4 +50,4 @@ maintainers: name: airflow sources: - https://github.com/bitnami/charts/tree/main/bitnami/airflow -version: 15.0.5 +version: 15.0.6 diff --git a/charts/bitnami/airflow/README.md b/charts/bitnami/airflow/README.md index 1469716ab..63c9edb7d 100644 --- a/charts/bitnami/airflow/README.md +++ b/charts/bitnami/airflow/README.md @@ -90,7 +90,7 @@ The command removes all the Kubernetes components associated with the chart and | `dags.existingConfigmap` | Name of an existing ConfigMap with all the DAGs files you want to load in Airflow | `""` | | `dags.image.registry` | Init container load-dags image registry | `docker.io` | | `dags.image.repository` | Init container load-dags image repository | `bitnami/os-shell` | -| `dags.image.tag` | Init container load-dags image tag (immutable tags are recommended) | `11-debian-11-r60` | +| `dags.image.tag` | Init container load-dags image tag (immutable tags are recommended) | `11-debian-11-r63` | | `dags.image.digest` | Init container load-dags image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `dags.image.pullPolicy` | Init container load-dags image pull policy | `IfNotPresent` | | `dags.image.pullSecrets` | Init container load-dags image pull secrets | `[]` | @@ -109,7 +109,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | -------------------- | | `web.image.registry` | Airflow image registry | `docker.io` | | `web.image.repository` | Airflow image repository | `bitnami/airflow` | -| `web.image.tag` | Airflow image tag (immutable tags are recommended) | `2.7.1-debian-11-r0` | +| `web.image.tag` | Airflow image tag (immutable tags are recommended) | `2.7.1-debian-11-r5` | | `web.image.digest` | Airflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `web.image.pullPolicy` | Airflow image pull policy | `IfNotPresent` | | `web.image.pullSecrets` | Airflow image pull secrets | `[]` | @@ -184,7 +184,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------------- | | `scheduler.image.registry` | Airflow Scheduler image registry | `docker.io` | | `scheduler.image.repository` | Airflow Scheduler image repository | `bitnami/airflow-scheduler` | -| `scheduler.image.tag` | Airflow Scheduler image tag (immutable tags are recommended) | `2.7.1-debian-11-r0` | +| `scheduler.image.tag` | Airflow Scheduler image tag (immutable tags are recommended) | `2.7.1-debian-11-r2` | | `scheduler.image.digest` | Airflow Schefuler image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `scheduler.image.pullPolicy` | Airflow Scheduler image pull policy | `IfNotPresent` | | `scheduler.image.pullSecrets` | Airflow Scheduler image pull secrets | `[]` | @@ -238,7 +238,7 @@ The command removes all the Kubernetes components associated with the chart and | ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------------------ | | `worker.image.registry` | Airflow Worker image registry | `docker.io` | | `worker.image.repository` | Airflow Worker image repository | `bitnami/airflow-worker` | -| `worker.image.tag` | Airflow Worker image tag (immutable tags are recommended) | `2.7.1-debian-11-r0` | +| `worker.image.tag` | Airflow Worker image tag (immutable tags are recommended) | `2.7.1-debian-11-r2` | | `worker.image.digest` | Airflow Worker image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `worker.image.pullPolicy` | Airflow Worker image pull policy | `IfNotPresent` | | `worker.image.pullSecrets` | Airflow Worker image pull secrets | `[]` | @@ -318,7 +318,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------------------ | --------------------------------------------------------------------------------------------------- | ---------------------- | | `git.image.registry` | Git image registry | `docker.io` | | `git.image.repository` | Git image repository | `bitnami/git` | -| `git.image.tag` | Git image tag (immutable tags are recommended) | `2.42.0-debian-11-r14` | +| `git.image.tag` | Git image tag (immutable tags are recommended) | `2.42.0-debian-11-r20` | | `git.image.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `git.image.pullPolicy` | Git image pull policy | `IfNotPresent` | | `git.image.pullSecrets` | Git image pull secrets | `[]` | @@ -410,7 +410,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Whether or not to create a standalone Airflow exporter to expose Airflow metrics | `false` | | `metrics.image.registry` | Airflow exporter image registry | `docker.io` | | `metrics.image.repository` | Airflow exporter image repository | `bitnami/airflow-exporter` | -| `metrics.image.tag` | Airflow exporter image tag (immutable tags are recommended) | `0.20220314.0-debian-11-r407` | +| `metrics.image.tag` | Airflow exporter image tag (immutable tags are recommended) | `0.20220314.0-debian-11-r413` | | `metrics.image.digest` | Airflow exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Airflow exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Airflow exporter image pull secrets | `[]` | diff --git a/charts/bitnami/airflow/values.yaml b/charts/bitnami/airflow/values.yaml index 1064f883c..625d4ad5e 100644 --- a/charts/bitnami/airflow/values.yaml +++ b/charts/bitnami/airflow/values.yaml @@ -121,7 +121,7 @@ dags: image: registry: docker.io repository: bitnami/os-shell - tag: 11-debian-11-r60 + tag: 11-debian-11-r63 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -188,7 +188,7 @@ web: image: registry: docker.io repository: bitnami/airflow - tag: 2.7.1-debian-11-r0 + tag: 2.7.1-debian-11-r5 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -446,7 +446,7 @@ scheduler: image: registry: docker.io repository: bitnami/airflow-scheduler - tag: 2.7.1-debian-11-r0 + tag: 2.7.1-debian-11-r2 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -650,7 +650,7 @@ worker: image: registry: docker.io repository: bitnami/airflow-worker - tag: 2.7.1-debian-11-r0 + tag: 2.7.1-debian-11-r2 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -923,7 +923,7 @@ git: image: registry: docker.io repository: bitnami/git - tag: 2.42.0-debian-11-r14 + tag: 2.42.0-debian-11-r20 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1286,7 +1286,7 @@ metrics: image: registry: docker.io repository: bitnami/airflow-exporter - tag: 0.20220314.0-debian-11-r407 + tag: 0.20220314.0-debian-11-r413 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/bitnami/kafka/Chart.lock b/charts/bitnami/kafka/Chart.lock index 703109ab6..4c554cbaf 100644 --- a/charts/bitnami/kafka/Chart.lock +++ b/charts/bitnami/kafka/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: zookeeper repository: oci://registry-1.docker.io/bitnamicharts - version: 12.1.2 + version: 12.1.3 - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.10.0 -digest: sha256:5e278241ce8a477449715df19d6e50542ff7afb81802a2cc8b4e04b8c0b35833 -generated: "2023-09-05T14:19:33.178442157Z" + version: 2.11.1 +digest: sha256:7008d8cb5f82e0a99fbc97b8c42c87e5f7b45a90c7ff868d9ecb2778efa477ad +generated: "2023-09-18T14:18:33.491894+02:00" diff --git a/charts/bitnami/kafka/Chart.yaml b/charts/bitnami/kafka/Chart.yaml index 2c7aa0be9..86cc0fdb3 100644 --- a/charts/bitnami/kafka/Chart.yaml +++ b/charts/bitnami/kafka/Chart.yaml @@ -45,4 +45,4 @@ maintainers: name: kafka sources: - https://github.com/bitnami/charts/tree/main/bitnami/kafka -version: 25.1.10 +version: 25.1.11 diff --git a/charts/bitnami/kafka/charts/common/Chart.yaml b/charts/bitnami/kafka/charts/common/Chart.yaml index e35c2d0e7..3be88e6aa 100644 --- a/charts/bitnami/kafka/charts/common/Chart.yaml +++ b/charts/bitnami/kafka/charts/common/Chart.yaml @@ -2,7 +2,7 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 2.9.2 +appVersion: 2.11.1 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. home: https://bitnami.com @@ -20,4 +20,4 @@ name: common sources: - https://github.com/bitnami/charts type: library -version: 2.10.0 +version: 2.11.1 diff --git a/charts/bitnami/kafka/charts/common/templates/_images.tpl b/charts/bitnami/kafka/charts/common/templates/_images.tpl index 2181f3224..e248d6d08 100644 --- a/charts/bitnami/kafka/charts/common/templates/_images.tpl +++ b/charts/bitnami/kafka/charts/common/templates/_images.tpl @@ -83,3 +83,19 @@ imagePullSecrets: {{- end }} {{- end }} {{- end -}} + +{{/* +Return the proper image version (ingores image revision/prerelease info & fallbacks to chart appVersion) +{{ include "common.images.version" ( dict "imageRoot" .Values.path.to.the.image "chart" .Chart ) }} +*/}} +{{- define "common.images.version" -}} +{{- $imageTag := .imageRoot.tag | toString -}} +{{/* regexp from https://github.com/Masterminds/semver/blob/23f51de38a0866c5ef0bfc42b3f735c73107b700/version.go#L41-L44 */}} +{{- if regexMatch `^([0-9]+)(\.[0-9]+)?(\.[0-9]+)?(-([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?(\+([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?$` $imageTag -}} + {{- $version := semver $imageTag -}} + {{- printf "%d.%d.%d" $version.Major $version.Minor $version.Patch -}} +{{- else -}} + {{- print .chart.AppVersion -}} +{{- end -}} +{{- end -}} + diff --git a/charts/bitnami/kafka/charts/common/templates/_labels.tpl b/charts/bitnami/kafka/charts/common/templates/_labels.tpl index fac46076a..a3cdc2bfd 100644 --- a/charts/bitnami/kafka/charts/common/templates/_labels.tpl +++ b/charts/bitnami/kafka/charts/common/templates/_labels.tpl @@ -11,21 +11,13 @@ Kubernetes standard labels */}} {{- define "common.labels.standard" -}} {{- if and (hasKey . "customLabels") (hasKey . "context") -}} -{{ merge - (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) - (dict - "app.kubernetes.io/name" (include "common.names.name" .context) - "helm.sh/chart" (include "common.names.chart" .context) - "app.kubernetes.io/instance" .context.Release.Name - "app.kubernetes.io/managed-by" .context.Release.Service - ) - | toYaml -}} +{{ merge (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) (dict "app.kubernetes.io/name" (include "common.names.name" .context) "helm.sh/chart" (include "common.names.chart" .context) "app.kubernetes.io/instance" .context.Release.Name "app.kubernetes.io/managed-by" .context.Release.Service "app.kubernetes.io/version" .context.Chart.AppVersion) | toYaml }} {{- else -}} app.kubernetes.io/name: {{ include "common.names.name" . }} helm.sh/chart: {{ include "common.names.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end -}} {{- end -}} @@ -40,14 +32,7 @@ overwrote them on metadata.labels fields. */}} {{- define "common.labels.matchLabels" -}} {{- if and (hasKey . "customLabels") (hasKey . "context") -}} -{{ merge - (pick (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) "app.kubernetes.io/name" "app.kubernetes.io/instance") - (dict - "app.kubernetes.io/name" (include "common.names.name" .context) - "app.kubernetes.io/instance" .context.Release.Name - ) - | toYaml -}} +{{ merge (pick (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) "app.kubernetes.io/name" "app.kubernetes.io/instance") (dict "app.kubernetes.io/name" (include "common.names.name" .context) "app.kubernetes.io/instance" .context.Release.Name ) | toYaml }} {{- else -}} app.kubernetes.io/name: {{ include "common.names.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/charts/bitnami/kafka/charts/common/values.schema.json b/charts/bitnami/kafka/charts/common/values.schema.json new file mode 100644 index 000000000..2124b3e4a --- /dev/null +++ b/charts/bitnami/kafka/charts/common/values.schema.json @@ -0,0 +1,11 @@ +{ + "title": "Chart Values", + "type": "object", + "properties": { + "exampleValue": { + "type": "string", + "description": "", + "default": "common-chart" + } + } +} \ No newline at end of file diff --git a/charts/bitnami/kafka/charts/zookeeper/Chart.lock b/charts/bitnami/kafka/charts/zookeeper/Chart.lock index 9c54bcfb7..f54586cc7 100644 --- a/charts/bitnami/kafka/charts/zookeeper/Chart.lock +++ b/charts/bitnami/kafka/charts/zookeeper/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.9.2 -digest: sha256:0d1ed3ab5c6a7e3ab3bfaea47851d574aae674797326572c51719718026e1f63 -generated: "2023-08-31T16:47:39.182152921Z" + version: 2.10.0 +digest: sha256:023ded170632d04528f30332370f34fc8fb96efb2886a01d934cb3bd6e6d2e09 +generated: "2023-09-05T11:24:06.99508+02:00" diff --git a/charts/bitnami/kafka/charts/zookeeper/Chart.yaml b/charts/bitnami/kafka/charts/zookeeper/Chart.yaml index 0ee7ef4e6..4a7cddb2a 100644 --- a/charts/bitnami/kafka/charts/zookeeper/Chart.yaml +++ b/charts/bitnami/kafka/charts/zookeeper/Chart.yaml @@ -26,4 +26,4 @@ maintainers: name: zookeeper sources: - https://github.com/bitnami/charts/tree/main/bitnami/zookeeper -version: 12.1.2 +version: 12.1.3 diff --git a/charts/bitnami/kafka/charts/zookeeper/charts/common/Chart.yaml b/charts/bitnami/kafka/charts/zookeeper/charts/common/Chart.yaml index 67e9a92ce..e35c2d0e7 100644 --- a/charts/bitnami/kafka/charts/zookeeper/charts/common/Chart.yaml +++ b/charts/bitnami/kafka/charts/zookeeper/charts/common/Chart.yaml @@ -20,4 +20,4 @@ name: common sources: - https://github.com/bitnami/charts type: library -version: 2.9.2 +version: 2.10.0 diff --git a/charts/bitnami/kafka/charts/zookeeper/charts/common/templates/_tplvalues.tpl b/charts/bitnami/kafka/charts/zookeeper/charts/common/templates/_tplvalues.tpl index edf99392c..a8ed7637e 100644 --- a/charts/bitnami/kafka/charts/zookeeper/charts/common/templates/_tplvalues.tpl +++ b/charts/bitnami/kafka/charts/zookeeper/charts/common/templates/_tplvalues.tpl @@ -22,3 +22,17 @@ Usage: {{- $value }} {{- end }} {{- end -}} + +{{/* +Merge a list of values that contains template after rendering them. +Merge precedence is consistent with http://masterminds.github.io/sprig/dicts.html#merge-mustmerge +Usage: +{{ include "common.tplvalues.merge" ( dict "values" (list .Values.path.to.the.Value1 .Values.path.to.the.Value2) "context" $ ) }} +*/}} +{{- define "common.tplvalues.merge" -}} +{{- $dst := dict -}} +{{- range .values -}} +{{- $dst = include "common.tplvalues.render" (dict "value" . "context" $.context "scope" $.scope) | fromYaml | merge $dst -}} +{{- end -}} +{{ $dst | toYaml }} +{{- end -}} diff --git a/charts/bitnami/kafka/charts/zookeeper/templates/metrics-svc.yaml b/charts/bitnami/kafka/charts/zookeeper/templates/metrics-svc.yaml index adc35c397..f66557c39 100644 --- a/charts/bitnami/kafka/charts/zookeeper/templates/metrics-svc.yaml +++ b/charts/bitnami/kafka/charts/zookeeper/templates/metrics-svc.yaml @@ -12,7 +12,7 @@ metadata: labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} app.kubernetes.io/component: metrics {{- if or .Values.metrics.service.annotations .Values.commonAnnotations }} - {{- $annotations := merge .Values.metrics.service.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.service.annotations .Values.commonAnnotations ) "context" . ) }} annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} {{- end }} spec: @@ -21,7 +21,7 @@ spec: - name: tcp-metrics port: {{ .Values.metrics.service.port }} targetPort: metrics - {{- $podLabels := merge .Values.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} app.kubernetes.io/component: zookeeper {{- end }} diff --git a/charts/bitnami/kafka/charts/zookeeper/templates/networkpolicy.yaml b/charts/bitnami/kafka/charts/zookeeper/templates/networkpolicy.yaml index 4165e4a60..34d36f971 100644 --- a/charts/bitnami/kafka/charts/zookeeper/templates/networkpolicy.yaml +++ b/charts/bitnami/kafka/charts/zookeeper/templates/networkpolicy.yaml @@ -14,7 +14,7 @@ metadata: annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} spec: - {{- $podLabels := merge .Values.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} podSelector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} policyTypes: diff --git a/charts/bitnami/kafka/charts/zookeeper/templates/pdb.yaml b/charts/bitnami/kafka/charts/zookeeper/templates/pdb.yaml index d657c9c5e..27b7bdcb2 100644 --- a/charts/bitnami/kafka/charts/zookeeper/templates/pdb.yaml +++ b/charts/bitnami/kafka/charts/zookeeper/templates/pdb.yaml @@ -22,7 +22,7 @@ spec: {{- if .Values.pdb.maxUnavailable }} maxUnavailable: {{ .Values.pdb.maxUnavailable }} {{- end }} - {{- $podLabels := merge .Values.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} selector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} app.kubernetes.io/component: zookeeper diff --git a/charts/bitnami/kafka/charts/zookeeper/templates/serviceaccount.yaml b/charts/bitnami/kafka/charts/zookeeper/templates/serviceaccount.yaml index f6113b9af..8e6d79cdd 100644 --- a/charts/bitnami/kafka/charts/zookeeper/templates/serviceaccount.yaml +++ b/charts/bitnami/kafka/charts/zookeeper/templates/serviceaccount.yaml @@ -13,7 +13,7 @@ metadata: app.kubernetes.io/component: zookeeper role: zookeeper {{- if or .Values.commonAnnotations .Values.serviceAccount.annotations }} - {{- $annotations := merge .Values.serviceAccount.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} {{- end }} automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} diff --git a/charts/bitnami/kafka/charts/zookeeper/templates/statefulset.yaml b/charts/bitnami/kafka/charts/zookeeper/templates/statefulset.yaml index 1d91580c2..9c9b5dfcf 100644 --- a/charts/bitnami/kafka/charts/zookeeper/templates/statefulset.yaml +++ b/charts/bitnami/kafka/charts/zookeeper/templates/statefulset.yaml @@ -17,7 +17,7 @@ metadata: spec: replicas: {{ .Values.replicaCount }} podManagementPolicy: {{ .Values.podManagementPolicy }} - {{- $podLabels := merge .Values.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} selector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} app.kubernetes.io/component: zookeeper diff --git a/charts/bitnami/kafka/charts/zookeeper/templates/svc-headless.yaml b/charts/bitnami/kafka/charts/zookeeper/templates/svc-headless.yaml index 611b84ab3..d571b0af4 100644 --- a/charts/bitnami/kafka/charts/zookeeper/templates/svc-headless.yaml +++ b/charts/bitnami/kafka/charts/zookeeper/templates/svc-headless.yaml @@ -11,7 +11,7 @@ metadata: labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} app.kubernetes.io/component: zookeeper {{- if or .Values.commonAnnotations .Values.service.headless.annotations }} - {{- $annotations := merge .Values.service.headless.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.service.headless.annotations .Values.commonAnnotations ) "context" . ) }} annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} {{- end }} spec: @@ -35,6 +35,6 @@ spec: - name: tcp-election port: {{ .Values.service.ports.election }} targetPort: election - {{- $podLabels := merge .Values.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} app.kubernetes.io/component: zookeeper diff --git a/charts/bitnami/kafka/charts/zookeeper/templates/svc.yaml b/charts/bitnami/kafka/charts/zookeeper/templates/svc.yaml index 2a894767f..bfa8b928e 100644 --- a/charts/bitnami/kafka/charts/zookeeper/templates/svc.yaml +++ b/charts/bitnami/kafka/charts/zookeeper/templates/svc.yaml @@ -11,7 +11,7 @@ metadata: labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} app.kubernetes.io/component: zookeeper {{- if or .Values.commonAnnotations .Values.service.annotations }} - {{- $annotations := merge .Values.service.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.service.annotations .Values.commonAnnotations ) "context" . ) }} annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} {{- end }} spec: @@ -64,6 +64,6 @@ spec: {{- if .Values.service.extraPorts }} {{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }} {{- end }} - {{- $podLabels := merge .Values.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} app.kubernetes.io/component: zookeeper diff --git a/charts/bitnami/kafka/templates/metrics/deployment.yaml b/charts/bitnami/kafka/templates/metrics/deployment.yaml index 688f66bf0..b32b36f91 100644 --- a/charts/bitnami/kafka/templates/metrics/deployment.yaml +++ b/charts/bitnami/kafka/templates/metrics/deployment.yaml @@ -13,14 +13,16 @@ kind: Deployment metadata: name: {{ include "kafka.metrics.kafka.fullname" . }} namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.metrics.kafka.image "chart" .Chart ) ) }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.commonLabels $versionLabel ) "context" . ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} app.kubernetes.io/component: cluster-metrics {{- if .Values.commonAnnotations }} annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} spec: replicas: 1 - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.kafka.podLabels .Values.commonLabels ) "context" . ) }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.kafka.podLabels .Values.commonLabels $versionLabel ) "context" . ) }} selector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} app.kubernetes.io/component: cluster-metrics diff --git a/charts/bitnami/kafka/templates/metrics/prometheusrule.yaml b/charts/bitnami/kafka/templates/metrics/prometheusrule.yaml index c758a39bf..f59f30025 100644 --- a/charts/bitnami/kafka/templates/metrics/prometheusrule.yaml +++ b/charts/bitnami/kafka/templates/metrics/prometheusrule.yaml @@ -9,7 +9,8 @@ kind: PrometheusRule metadata: name: {{ include "common.names.fullname" . }} namespace: {{ default (include "common.names.namespace" .) .Values.metrics.prometheusRule.namespace }} - {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.prometheusRule.labels .Values.commonLabels ) "context" . ) }} + {{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.metrics.kafka.image "chart" .Chart ) ) }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.prometheusRule.labels .Values.commonLabels $versionLabel ) "context" . ) }} labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} app.kubernetes.io/component: metrics {{- if .Values.commonAnnotations }} diff --git a/charts/bitnami/kafka/templates/metrics/serviceaccount.yaml b/charts/bitnami/kafka/templates/metrics/serviceaccount.yaml index f7678e3a6..bd3c0a10c 100644 --- a/charts/bitnami/kafka/templates/metrics/serviceaccount.yaml +++ b/charts/bitnami/kafka/templates/metrics/serviceaccount.yaml @@ -9,7 +9,9 @@ kind: ServiceAccount metadata: name: {{ template "kafka.metrics.kafka.serviceAccountName" . }} namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.metrics.kafka.image "chart" .Chart ) ) }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.commonLabels $versionLabel ) "context" . ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} app.kubernetes.io/component: cluster-metrics {{- if .Values.commonAnnotations }} annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} diff --git a/charts/bitnami/kafka/templates/metrics/servicemonitor.yaml b/charts/bitnami/kafka/templates/metrics/servicemonitor.yaml index bb057243a..1f64b9bba 100644 --- a/charts/bitnami/kafka/templates/metrics/servicemonitor.yaml +++ b/charts/bitnami/kafka/templates/metrics/servicemonitor.yaml @@ -9,7 +9,8 @@ kind: ServiceMonitor metadata: name: {{ printf "%s-metrics" (include "common.names.fullname" .) }} namespace: {{ default (include "common.names.namespace" .) .Values.metrics.serviceMonitor.namespace | quote }} - {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.serviceMonitor.labels .Values.commonLabels ) "context" . ) }} + {{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.metrics.kafka.image "chart" .Chart ) ) }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.serviceMonitor.labels .Values.commonLabels $versionLabel ) "context" . ) }} labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} app.kubernetes.io/component: cluster-metrics {{- if .Values.commonAnnotations }} diff --git a/charts/bitnami/kafka/templates/metrics/svc.yaml b/charts/bitnami/kafka/templates/metrics/svc.yaml index 5e4bf8114..eed033e83 100644 --- a/charts/bitnami/kafka/templates/metrics/svc.yaml +++ b/charts/bitnami/kafka/templates/metrics/svc.yaml @@ -9,7 +9,9 @@ kind: Service metadata: name: {{ printf "%s-metrics" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.metrics.kafka.image "chart" .Chart ) ) }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.commonLabels $versionLabel ) "context" . ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} app.kubernetes.io/component: cluster-metrics {{- if or .Values.metrics.kafka.service.annotations .Values.commonAnnotations }} {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.kafka.service.annotations .Values.commonAnnotations ) "context" . ) }} diff --git a/charts/bitnami/mysql/Chart.lock b/charts/bitnami/mysql/Chart.lock index 1e78f05db..a10521aa9 100644 --- a/charts/bitnami/mysql/Chart.lock +++ b/charts/bitnami/mysql/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.10.0 -digest: sha256:023ded170632d04528f30332370f34fc8fb96efb2886a01d934cb3bd6e6d2e09 -generated: "2023-09-05T11:34:55.400631+02:00" + version: 2.11.1 +digest: sha256:ead8f26c76a9ec082f23629a358e8efd8f88d87aaed734bf41febcb8a7bc5d4c +generated: "2023-09-19T07:52:06.908924822Z" diff --git a/charts/bitnami/mysql/Chart.yaml b/charts/bitnami/mysql/Chart.yaml index 4af6ce813..cff23a4f5 100644 --- a/charts/bitnami/mysql/Chart.yaml +++ b/charts/bitnami/mysql/Chart.yaml @@ -6,11 +6,11 @@ annotations: category: Database images: | - name: mysql - image: docker.io/bitnami/mysql:8.0.34-debian-11-r31 + image: docker.io/bitnami/mysql:8.0.34-debian-11-r56 - name: mysqld-exporter - image: docker.io/bitnami/mysqld-exporter:0.15.0-debian-11-r24 + image: docker.io/bitnami/mysqld-exporter:0.15.0-debian-11-r50 - name: os-shell - image: docker.io/bitnami/os-shell:11-debian-11-r43 + image: docker.io/bitnami/os-shell:11-debian-11-r72 licenses: Apache-2.0 apiVersion: v2 appVersion: 8.0.34 @@ -36,4 +36,4 @@ maintainers: name: mysql sources: - https://github.com/bitnami/charts/tree/main/bitnami/mysql -version: 9.12.2 +version: 9.12.3 diff --git a/charts/bitnami/mysql/README.md b/charts/bitnami/mysql/README.md index baf5c4ada..4538834c4 100644 --- a/charts/bitnami/mysql/README.md +++ b/charts/bitnami/mysql/README.md @@ -83,7 +83,7 @@ The command removes all the Kubernetes components associated with the chart and | -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | | `image.registry` | MySQL image registry | `docker.io` | | `image.repository` | MySQL image repository | `bitnami/mysql` | -| `image.tag` | MySQL image tag (immutable tags are recommended) | `8.0.34-debian-11-r31` | +| `image.tag` | MySQL image tag (immutable tags are recommended) | `8.0.34-debian-11-r56` | | `image.digest` | MySQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | MySQL image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | @@ -309,7 +309,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | | `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | | `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r43` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r72` | | `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | @@ -322,7 +322,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a side-car prometheus exporter | `false` | | `metrics.image.registry` | Exporter image registry | `docker.io` | | `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` | -| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.15.0-debian-11-r24` | +| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.15.0-debian-11-r50` | | `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | diff --git a/charts/bitnami/mysql/charts/common/Chart.yaml b/charts/bitnami/mysql/charts/common/Chart.yaml index e35c2d0e7..3be88e6aa 100644 --- a/charts/bitnami/mysql/charts/common/Chart.yaml +++ b/charts/bitnami/mysql/charts/common/Chart.yaml @@ -2,7 +2,7 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 2.9.2 +appVersion: 2.11.1 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. home: https://bitnami.com @@ -20,4 +20,4 @@ name: common sources: - https://github.com/bitnami/charts type: library -version: 2.10.0 +version: 2.11.1 diff --git a/charts/bitnami/mysql/charts/common/templates/_images.tpl b/charts/bitnami/mysql/charts/common/templates/_images.tpl index 2181f3224..e248d6d08 100644 --- a/charts/bitnami/mysql/charts/common/templates/_images.tpl +++ b/charts/bitnami/mysql/charts/common/templates/_images.tpl @@ -83,3 +83,19 @@ imagePullSecrets: {{- end }} {{- end }} {{- end -}} + +{{/* +Return the proper image version (ingores image revision/prerelease info & fallbacks to chart appVersion) +{{ include "common.images.version" ( dict "imageRoot" .Values.path.to.the.image "chart" .Chart ) }} +*/}} +{{- define "common.images.version" -}} +{{- $imageTag := .imageRoot.tag | toString -}} +{{/* regexp from https://github.com/Masterminds/semver/blob/23f51de38a0866c5ef0bfc42b3f735c73107b700/version.go#L41-L44 */}} +{{- if regexMatch `^([0-9]+)(\.[0-9]+)?(\.[0-9]+)?(-([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?(\+([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?$` $imageTag -}} + {{- $version := semver $imageTag -}} + {{- printf "%d.%d.%d" $version.Major $version.Minor $version.Patch -}} +{{- else -}} + {{- print .chart.AppVersion -}} +{{- end -}} +{{- end -}} + diff --git a/charts/bitnami/mysql/charts/common/templates/_labels.tpl b/charts/bitnami/mysql/charts/common/templates/_labels.tpl index fac46076a..a3cdc2bfd 100644 --- a/charts/bitnami/mysql/charts/common/templates/_labels.tpl +++ b/charts/bitnami/mysql/charts/common/templates/_labels.tpl @@ -11,21 +11,13 @@ Kubernetes standard labels */}} {{- define "common.labels.standard" -}} {{- if and (hasKey . "customLabels") (hasKey . "context") -}} -{{ merge - (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) - (dict - "app.kubernetes.io/name" (include "common.names.name" .context) - "helm.sh/chart" (include "common.names.chart" .context) - "app.kubernetes.io/instance" .context.Release.Name - "app.kubernetes.io/managed-by" .context.Release.Service - ) - | toYaml -}} +{{ merge (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) (dict "app.kubernetes.io/name" (include "common.names.name" .context) "helm.sh/chart" (include "common.names.chart" .context) "app.kubernetes.io/instance" .context.Release.Name "app.kubernetes.io/managed-by" .context.Release.Service "app.kubernetes.io/version" .context.Chart.AppVersion) | toYaml }} {{- else -}} app.kubernetes.io/name: {{ include "common.names.name" . }} helm.sh/chart: {{ include "common.names.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end -}} {{- end -}} @@ -40,14 +32,7 @@ overwrote them on metadata.labels fields. */}} {{- define "common.labels.matchLabels" -}} {{- if and (hasKey . "customLabels") (hasKey . "context") -}} -{{ merge - (pick (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) "app.kubernetes.io/name" "app.kubernetes.io/instance") - (dict - "app.kubernetes.io/name" (include "common.names.name" .context) - "app.kubernetes.io/instance" .context.Release.Name - ) - | toYaml -}} +{{ merge (pick (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) "app.kubernetes.io/name" "app.kubernetes.io/instance") (dict "app.kubernetes.io/name" (include "common.names.name" .context) "app.kubernetes.io/instance" .context.Release.Name ) | toYaml }} {{- else -}} app.kubernetes.io/name: {{ include "common.names.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/charts/bitnami/mysql/charts/common/values.schema.json b/charts/bitnami/mysql/charts/common/values.schema.json new file mode 100644 index 000000000..2124b3e4a --- /dev/null +++ b/charts/bitnami/mysql/charts/common/values.schema.json @@ -0,0 +1,11 @@ +{ + "title": "Chart Values", + "type": "object", + "properties": { + "exampleValue": { + "type": "string", + "description": "", + "default": "common-chart" + } + } +} \ No newline at end of file diff --git a/charts/bitnami/mysql/templates/primary/svc.yaml b/charts/bitnami/mysql/templates/primary/svc.yaml index 5ecc0c199..407696de8 100644 --- a/charts/bitnami/mysql/templates/primary/svc.yaml +++ b/charts/bitnami/mysql/templates/primary/svc.yaml @@ -29,7 +29,7 @@ spec: externalTrafficPolicy: {{ .Values.primary.service.externalTrafficPolicy | quote }} {{- end }} {{- if and (eq .Values.primary.service.type "LoadBalancer") (not (empty .Values.primary.service.loadBalancerSourceRanges)) }} - loadBalancerSourceRanges: {{ .Values.primary.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{- toYaml .Values.primary.service.loadBalancerSourceRanges | nindent 4}} {{- end }} {{- if and (eq .Values.primary.service.type "LoadBalancer") (not (empty .Values.primary.service.loadBalancerIP)) }} loadBalancerIP: {{ .Values.primary.service.loadBalancerIP }} diff --git a/charts/bitnami/mysql/templates/secondary/svc.yaml b/charts/bitnami/mysql/templates/secondary/svc.yaml index edffd4aff..87724b04c 100644 --- a/charts/bitnami/mysql/templates/secondary/svc.yaml +++ b/charts/bitnami/mysql/templates/secondary/svc.yaml @@ -30,7 +30,7 @@ spec: externalTrafficPolicy: {{ .Values.secondary.service.externalTrafficPolicy | quote }} {{- end }} {{- if and (eq .Values.secondary.service.type "LoadBalancer") (not (empty .Values.secondary.service.loadBalancerSourceRanges)) }} - loadBalancerSourceRanges: {{ .Values.secondary.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{- toYaml .Values.secondary.service.loadBalancerSourceRanges | nindent 4}} {{- end }} {{- if and (eq .Values.secondary.service.type "LoadBalancer") (not (empty .Values.secondary.service.loadBalancerIP)) }} loadBalancerIP: {{ .Values.secondary.service.loadBalancerIP }} diff --git a/charts/bitnami/mysql/values.schema.json b/charts/bitnami/mysql/values.schema.json index f75d785ee..df591567c 100644 --- a/charts/bitnami/mysql/values.schema.json +++ b/charts/bitnami/mysql/values.schema.json @@ -1,1670 +1,195 @@ { - "title": "Chart Values", - "type": "object", - "properties": { - "global": { - "type": "object", - "properties": { - "imageRegistry": { - "type": "string", - "description": "Global Docker image registry", - "default": "" - }, - "imagePullSecrets": { - "type": "array", - "description": "Global Docker registry secret names as an array", - "default": [], - "items": {} - }, - "storageClass": { - "type": "string", - "description": "Global StorageClass for Persistent Volume(s)", - "default": "" - } - } - }, - "kubeVersion": { - "type": "string", - "description": "Force target Kubernetes version (using Helm capabilities if not set)", - "default": "" - }, - "nameOverride": { - "type": "string", - "description": "String to partially override common.names.fullname template (will maintain the release name)", - "default": "" - }, - "fullnameOverride": { - "type": "string", - "description": "String to fully override common.names.fullname template", - "default": "" - }, - "namespaceOverride": { - "type": "string", - "description": "String to fully override common.names.namespace", - "default": "" - }, - "clusterDomain": { - "type": "string", - "description": "Cluster domain", - "default": "cluster.local" - }, - "commonAnnotations": { - "type": "object", - "description": "Common annotations to add to all MySQL resources (sub-charts are not considered). Evaluated as a template", - "default": {} - }, - "commonLabels": { - "type": "object", - "description": "Common labels to add to all MySQL resources (sub-charts are not considered). Evaluated as a template", - "default": {} - }, - "extraDeploy": { - "type": "array", - "description": "Array with extra yaml to deploy with the chart. Evaluated as a template", - "default": [], - "items": {} - }, - "serviceBindings": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Create secret for service binding (Experimental)", - "default": false - } - } - }, - "diagnosticMode": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable diagnostic mode (all probes will be disabled and the command will be overridden)", - "default": false - }, - "command": { - "type": "array", - "description": "Command to override all containers in the deployment", - "default": [ - "sleep" - ], - "items": { - "type": "string" - } - }, - "args": { - "type": "array", - "description": "Args to override all containers in the deployment", - "default": [ - "infinity" - ], - "items": { - "type": "string" - } - } - } - }, - "image": { - "type": "object", - "properties": { - "registry": { - "type": "string", - "description": "MySQL image registry", - "default": "docker.io" - }, - "repository": { - "type": "string", - "description": "MySQL image repository", - "default": "bitnami/mysql" - }, - "tag": { - "type": "string", - "description": "MySQL image tag (immutable tags are recommended)", - "default": "8.0.34-debian-11-r31" - }, - "digest": { - "type": "string", - "description": "MySQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", - "default": "" - }, - "pullPolicy": { - "type": "string", - "description": "MySQL image pull policy", - "default": "IfNotPresent" - }, - "pullSecrets": { - "type": "array", - "description": "Specify docker-registry secret names as an array", - "default": [], - "items": {} - }, - "debug": { - "type": "boolean", - "description": "Specify if debug logs should be enabled", - "default": false - } - } - }, - "architecture": { - "type": "string", - "description": "MySQL architecture (`standalone` or `replication`)", - "default": "standalone" - }, - "auth": { - "type": "object", - "properties": { - "rootPassword": { - "type": "string", - "description": "Password for the `root` user. Ignored if existing secret is provided", - "default": "" - }, - "createDatabase": { - "type": "boolean", - "description": "Whether to create the .Values.auth.database or not", - "default": true - }, - "database": { - "type": "string", - "description": "Name for a custom database to create", - "default": "my_database" - }, - "username": { - "type": "string", - "description": "Name for a custom user to create", - "default": "" - }, - "password": { - "type": "string", - "description": "Password for the new user. Ignored if existing secret is provided", - "default": "" - }, - "replicationUser": { - "type": "string", - "description": "MySQL replication user", - "default": "replicator" - }, - "replicationPassword": { - "type": "string", - "description": "MySQL replication user password. Ignored if existing secret is provided", - "default": "" - }, - "existingSecret": { - "type": "string", - "description": "Use existing secret for password details. The secret has to contain the keys `mysql-root-password`, `mysql-replication-password` and `mysql-password`", - "default": "" - }, - "usePasswordFiles": { - "type": "boolean", - "description": "Mount credentials as files instead of using an environment variable", - "default": false - }, - "customPasswordFiles": { - "type": "object", - "description": "Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication`", - "default": {} - } - } - }, - "initdbScripts": { - "type": "object", - "description": "Dictionary of initdb scripts", - "default": {} - }, - "initdbScriptsConfigMap": { - "type": "string", - "description": "ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`)", - "default": "" - }, - "startdbScripts": { - "type": "object", - "description": "Dictionary of startdb scripts", - "default": {} - }, - "startdbScriptsConfigMap": { - "type": "string", - "description": "ConfigMap with the startdb scripts (Note: Overrides `startdbScripts`)", - "default": "" - }, - "primary": { - "type": "object", - "properties": { - "name": { - "type": "string", - "description": "Name of the primary database (eg primary, master, leader, ...)", - "default": "primary" - }, - "command": { - "type": "array", - "description": "Override default container command on MySQL Primary container(s) (useful when using custom images)", - "default": [], - "items": {} - }, - "args": { - "type": "array", - "description": "Override default container args on MySQL Primary container(s) (useful when using custom images)", - "default": [], - "items": {} - }, - "lifecycleHooks": { - "type": "object", - "description": "for the MySQL Primary container(s) to automate configuration before or after startup", - "default": {} - }, - "hostAliases": { - "type": "array", - "description": "Deployment pod host aliases", - "default": [], - "items": {} - }, - "configuration": { - "type": "string", - "description": "Configure MySQL Primary with a custom my.cnf file", - "default": "[mysqld]\ndefault_authentication_plugin=mysql_native_password\nskip-name-resolve\nexplicit_defaults_for_timestamp\nbasedir=/opt/bitnami/mysql\nplugin_dir=/opt/bitnami/mysql/lib/plugin\nport=3306\nsocket=/opt/bitnami/mysql/tmp/mysql.sock\ndatadir=/bitnami/mysql/data\ntmpdir=/opt/bitnami/mysql/tmp\nmax_allowed_packet=16M\nbind-address=*\npid-file=/opt/bitnami/mysql/tmp/mysqld.pid\nlog-error=/opt/bitnami/mysql/logs/mysqld.log\ncharacter-set-server=UTF8\ncollation-server=utf8_general_ci\nslow_query_log=0\nlong_query_time=10.0\n\n[client]\nport=3306\nsocket=/opt/bitnami/mysql/tmp/mysql.sock\ndefault-character-set=UTF8\nplugin_dir=/opt/bitnami/mysql/lib/plugin\n\n[manager]\nport=3306\nsocket=/opt/bitnami/mysql/tmp/mysql.sock\npid-file=/opt/bitnami/mysql/tmp/mysqld.pid" - }, - "existingConfigmap": { - "type": "string", - "description": "Name of existing ConfigMap with MySQL Primary configuration.", - "default": "" - }, - "updateStrategy": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Update strategy type for the MySQL primary statefulset", - "default": "RollingUpdate" - } - } - }, - "podAnnotations": { - "type": "object", - "description": "Additional pod annotations for MySQL primary pods", - "default": {} - }, - "podAffinityPreset": { - "type": "string", - "description": "MySQL primary pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard`", - "default": "" - }, - "podAntiAffinityPreset": { - "type": "string", - "description": "MySQL primary pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard`", - "default": "soft" - }, - "nodeAffinityPreset": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "MySQL primary node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard`", - "default": "" - }, - "key": { - "type": "string", - "description": "MySQL primary node label key to match Ignored if `primary.affinity` is set.", - "default": "" - }, - "values": { - "type": "array", - "description": "MySQL primary node label values to match. Ignored if `primary.affinity` is set.", - "default": [], - "items": {} - } - } - }, - "affinity": { - "type": "object", - "description": "Affinity for MySQL primary pods assignment", - "default": {} - }, - "nodeSelector": { - "type": "object", - "description": "Node labels for MySQL primary pods assignment", - "default": {} - }, - "tolerations": { - "type": "array", - "description": "Tolerations for MySQL primary pods assignment", - "default": [], - "items": {} - }, - "priorityClassName": { - "type": "string", - "description": "MySQL primary pods' priorityClassName", - "default": "" - }, - "runtimeClassName": { - "type": "string", - "description": "MySQL primary pods' runtimeClassName", - "default": "" - }, - "schedulerName": { - "type": "string", - "description": "Name of the k8s scheduler (other than default)", - "default": "" - }, - "terminationGracePeriodSeconds": { - "type": "string", - "description": "In seconds, time the given to the MySQL primary pod needs to terminate gracefully", - "default": "" - }, - "topologySpreadConstraints": { - "type": "array", - "description": "Topology Spread Constraints for pod assignment", - "default": [], - "items": {} - }, - "podManagementPolicy": { - "type": "string", - "description": "podManagementPolicy to manage scaling operation of MySQL primary pods", - "default": "" - }, - "podSecurityContext": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable security context for MySQL primary pods", - "default": true - }, - "fsGroup": { - "type": "number", - "description": "Group ID for the mounted volumes' filesystem", - "default": 1001 - } - } - }, - "containerSecurityContext": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "MySQL primary container securityContext", - "default": true - }, - "runAsUser": { - "type": "number", - "description": "User ID for the MySQL primary container", - "default": 1001 - }, - "runAsNonRoot": { - "type": "boolean", - "description": "Set MySQL primary container's Security Context runAsNonRoot", - "default": true - } - } - }, - "resources": { - "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for MySQL primary containers", - "default": {} - }, - "requests": { - "type": "object", - "description": "The requested resources for MySQL primary containers", - "default": {} - } - } - }, - "livenessProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable livenessProbe", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for livenessProbe", - "default": 5 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for livenessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for livenessProbe", - "default": 1 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for livenessProbe", - "default": 3 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for livenessProbe", - "default": 1 - } - } - }, - "readinessProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable readinessProbe", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for readinessProbe", - "default": 5 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for readinessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for readinessProbe", - "default": 1 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for readinessProbe", - "default": 3 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for readinessProbe", - "default": 1 - } - } - }, - "startupProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable startupProbe", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for startupProbe", - "default": 15 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for startupProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for startupProbe", - "default": 1 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for startupProbe", - "default": 10 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for startupProbe", - "default": 1 - } - } - }, - "customLivenessProbe": { - "type": "object", - "description": "Override default liveness probe for MySQL primary containers", - "default": {} - }, - "customReadinessProbe": { - "type": "object", - "description": "Override default readiness probe for MySQL primary containers", - "default": {} - }, - "customStartupProbe": { - "type": "object", - "description": "Override default startup probe for MySQL primary containers", - "default": {} - }, - "extraFlags": { - "type": "string", - "description": "MySQL primary additional command line flags", - "default": "" - }, - "extraEnvVars": { - "type": "array", - "description": "Extra environment variables to be set on MySQL primary containers", - "default": [], - "items": {} - }, - "extraEnvVarsCM": { - "type": "string", - "description": "Name of existing ConfigMap containing extra env vars for MySQL primary containers", - "default": "" - }, - "extraEnvVarsSecret": { - "type": "string", - "description": "Name of existing Secret containing extra env vars for MySQL primary containers", - "default": "" - }, - "extraPorts": { - "type": "array", - "description": "Extra ports to expose", - "default": [], - "items": {} - }, - "persistence": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable persistence on MySQL primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir", - "default": true - }, - "existingClaim": { - "type": "string", - "description": "Name of an existing `PersistentVolumeClaim` for MySQL primary replicas", - "default": "" - }, - "subPath": { - "type": "string", - "description": "The name of a volume's sub path to mount for persistence", - "default": "" - }, - "storageClass": { - "type": "string", - "description": "MySQL primary persistent volume storage Class", - "default": "" - }, - "annotations": { - "type": "object", - "description": "MySQL primary persistent volume claim annotations", - "default": {} - }, - "accessModes": { - "type": "array", - "description": "MySQL primary persistent volume access Modes", - "default": [ - "ReadWriteOnce" - ], - "items": { - "type": "string" - } - }, - "size": { - "type": "string", - "description": "MySQL primary persistent volume size", - "default": "8Gi" - }, - "selector": { - "type": "object", - "description": "Selector to match an existing Persistent Volume", - "default": {} - } - } - }, - "extraVolumes": { - "type": "array", - "description": "Optionally specify extra list of additional volumes to the MySQL Primary pod(s)", - "default": [], - "items": {} - }, - "extraVolumeMounts": { - "type": "array", - "description": "Optionally specify extra list of additional volumeMounts for the MySQL Primary container(s)", - "default": [], - "items": {} - }, - "initContainers": { - "type": "array", - "description": "Add additional init containers for the MySQL Primary pod(s)", - "default": [], - "items": {} - }, - "sidecars": { - "type": "array", - "description": "Add additional sidecar containers for the MySQL Primary pod(s)", - "default": [], - "items": {} - }, - "service": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "MySQL Primary K8s service type", - "default": "ClusterIP" - }, - "ports": { - "type": "object", - "properties": { - "mysql": { - "type": "number", - "description": "MySQL Primary K8s service port", - "default": 3306 - } - } - }, - "nodePorts": { - "type": "object", - "properties": { - "mysql": { - "type": "string", - "description": "MySQL Primary K8s service node port", - "default": "" - } - } - }, - "clusterIP": { - "type": "string", - "description": "MySQL Primary K8s service clusterIP IP", - "default": "" - }, - "loadBalancerIP": { - "type": "string", - "description": "MySQL Primary loadBalancerIP if service type is `LoadBalancer`", - "default": "" - }, - "externalTrafficPolicy": { - "type": "string", - "description": "Enable client source IP preservation", - "default": "Cluster" - }, - "loadBalancerSourceRanges": { - "type": "array", - "description": "Addresses that are allowed when MySQL Primary service is LoadBalancer", - "default": [], - "items": {} - }, - "extraPorts": { - "type": "array", - "description": "Extra ports to expose (normally used with the `sidecar` value)", - "default": [], - "items": {} - }, - "annotations": { - "type": "object", - "description": "Additional custom annotations for MySQL primary service", - "default": {} - }, - "sessionAffinity": { - "type": "string", - "description": "Session Affinity for Kubernetes service, can be \"None\" or \"ClientIP\"", - "default": "None" - }, - "sessionAffinityConfig": { - "type": "object", - "description": "Additional settings for the sessionAffinity", - "default": {} - }, - "headless": { - "type": "object", - "properties": { - "annotations": { - "type": "object", - "description": "Additional custom annotations for headless MySQL primary service.", - "default": {} - } - } - } - } - }, - "pdb": { - "type": "object", - "properties": { - "create": { - "type": "boolean", - "description": "Enable/disable a Pod Disruption Budget creation for MySQL primary pods", - "default": false - }, - "minAvailable": { - "type": "number", - "description": "Minimum number/percentage of MySQL primary pods that should remain scheduled", - "default": 1 - }, - "maxUnavailable": { - "type": "string", - "description": "Maximum number/percentage of MySQL primary pods that may be made unavailable", - "default": "" - } - } - }, - "podLabels": { - "type": "object", - "description": "MySQL Primary pod label. If labels are same as commonLabels , this will take precedence", - "default": {} - } - } - }, - "secondary": { - "type": "object", - "properties": { - "name": { - "type": "string", - "description": "Name of the secondary database (eg secondary, slave, ...)", - "default": "secondary" - }, - "replicaCount": { - "type": "number", - "description": "Number of MySQL secondary replicas", - "default": 1 - }, - "hostAliases": { - "type": "array", - "description": "Deployment pod host aliases", - "default": [], - "items": {} - }, - "command": { - "type": "array", - "description": "Override default container command on MySQL Secondary container(s) (useful when using custom images)", - "default": [], - "items": {} - }, - "args": { - "type": "array", - "description": "Override default container args on MySQL Secondary container(s) (useful when using custom images)", - "default": [], - "items": {} - }, - "lifecycleHooks": { - "type": "object", - "description": "for the MySQL Secondary container(s) to automate configuration before or after startup", - "default": {} - }, - "configuration": { - "type": "string", - "description": "Configure MySQL Secondary with a custom my.cnf file", - "default": "[mysqld]\ndefault_authentication_plugin=mysql_native_password\nskip-name-resolve\nexplicit_defaults_for_timestamp\nbasedir=/opt/bitnami/mysql\nplugin_dir=/opt/bitnami/mysql/lib/plugin\nport=3306\nsocket=/opt/bitnami/mysql/tmp/mysql.sock\ndatadir=/bitnami/mysql/data\ntmpdir=/opt/bitnami/mysql/tmp\nmax_allowed_packet=16M\nbind-address=*\npid-file=/opt/bitnami/mysql/tmp/mysqld.pid\nlog-error=/opt/bitnami/mysql/logs/mysqld.log\ncharacter-set-server=UTF8\ncollation-server=utf8_general_ci\nslow_query_log=0\nlong_query_time=10.0\n\n[client]\nport=3306\nsocket=/opt/bitnami/mysql/tmp/mysql.sock\ndefault-character-set=UTF8\nplugin_dir=/opt/bitnami/mysql/lib/plugin\n\n[manager]\nport=3306\nsocket=/opt/bitnami/mysql/tmp/mysql.sock\npid-file=/opt/bitnami/mysql/tmp/mysqld.pid" - }, - "existingConfigmap": { - "type": "string", - "description": "Name of existing ConfigMap with MySQL Secondary configuration.", - "default": "" - }, - "updateStrategy": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Update strategy type for the MySQL secondary statefulset", - "default": "RollingUpdate" - } - } - }, - "podAnnotations": { - "type": "object", - "description": "Additional pod annotations for MySQL secondary pods", - "default": {} - }, - "podAffinityPreset": { - "type": "string", - "description": "MySQL secondary pod affinity preset. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard`", - "default": "" - }, - "podAntiAffinityPreset": { - "type": "string", - "description": "MySQL secondary pod anti-affinity preset. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard`", - "default": "soft" - }, - "nodeAffinityPreset": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "MySQL secondary node affinity preset type. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard`", - "default": "" - }, - "key": { - "type": "string", - "description": "MySQL secondary node label key to match Ignored if `secondary.affinity` is set.", - "default": "" - }, - "values": { - "type": "array", - "description": "MySQL secondary node label values to match. Ignored if `secondary.affinity` is set.", - "default": [], - "items": {} - } - } - }, - "affinity": { - "type": "object", - "description": "Affinity for MySQL secondary pods assignment", - "default": {} - }, - "nodeSelector": { - "type": "object", - "description": "Node labels for MySQL secondary pods assignment", - "default": {} - }, - "tolerations": { - "type": "array", - "description": "Tolerations for MySQL secondary pods assignment", - "default": [], - "items": {} - }, - "priorityClassName": { - "type": "string", - "description": "MySQL secondary pods' priorityClassName", - "default": "" - }, - "runtimeClassName": { - "type": "string", - "description": "MySQL secondary pods' runtimeClassName", - "default": "" - }, - "schedulerName": { - "type": "string", - "description": "Name of the k8s scheduler (other than default)", - "default": "" - }, - "terminationGracePeriodSeconds": { - "type": "string", - "description": "In seconds, time the given to the MySQL secondary pod needs to terminate gracefully", - "default": "" - }, - "topologySpreadConstraints": { - "type": "array", - "description": "Topology Spread Constraints for pod assignment", - "default": [], - "items": {} - }, - "podManagementPolicy": { - "type": "string", - "description": "podManagementPolicy to manage scaling operation of MySQL secondary pods", - "default": "" - }, - "podSecurityContext": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable security context for MySQL secondary pods", - "default": true - }, - "fsGroup": { - "type": "number", - "description": "Group ID for the mounted volumes' filesystem", - "default": 1001 - } - } - }, - "containerSecurityContext": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "MySQL secondary container securityContext", - "default": true - }, - "runAsUser": { - "type": "number", - "description": "User ID for the MySQL secondary container", - "default": 1001 - }, - "runAsNonRoot": { - "type": "boolean", - "description": "Set MySQL secondary container's Security Context runAsNonRoot", - "default": true - } - } - }, - "resources": { - "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for MySQL secondary containers", - "default": {} - }, - "requests": { - "type": "object", - "description": "The requested resources for MySQL secondary containers", - "default": {} - } - } - }, - "livenessProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable livenessProbe", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for livenessProbe", - "default": 5 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for livenessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for livenessProbe", - "default": 1 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for livenessProbe", - "default": 3 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for livenessProbe", - "default": 1 - } - } - }, - "readinessProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable readinessProbe", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for readinessProbe", - "default": 5 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for readinessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for readinessProbe", - "default": 1 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for readinessProbe", - "default": 3 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for readinessProbe", - "default": 1 - } - } - }, - "startupProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable startupProbe", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for startupProbe", - "default": 15 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for startupProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for startupProbe", - "default": 1 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for startupProbe", - "default": 15 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for startupProbe", - "default": 1 - } - } - }, - "customLivenessProbe": { - "type": "object", - "description": "Override default liveness probe for MySQL secondary containers", - "default": {} - }, - "customReadinessProbe": { - "type": "object", - "description": "Override default readiness probe for MySQL secondary containers", - "default": {} - }, - "customStartupProbe": { - "type": "object", - "description": "Override default startup probe for MySQL secondary containers", - "default": {} - }, - "extraFlags": { - "type": "string", - "description": "MySQL secondary additional command line flags", - "default": "" - }, - "extraEnvVars": { - "type": "array", - "description": "An array to add extra environment variables on MySQL secondary containers", - "default": [], - "items": {} - }, - "extraEnvVarsCM": { - "type": "string", - "description": "Name of existing ConfigMap containing extra env vars for MySQL secondary containers", - "default": "" - }, - "extraEnvVarsSecret": { - "type": "string", - "description": "Name of existing Secret containing extra env vars for MySQL secondary containers", - "default": "" - }, - "extraPorts": { - "type": "array", - "description": "Extra ports to expose", - "default": [], - "items": {} - }, - "persistence": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable persistence on MySQL secondary replicas using a `PersistentVolumeClaim`", - "default": true - }, - "existingClaim": { - "type": "string", - "description": "Name of an existing `PersistentVolumeClaim` for MySQL secondary replicas", - "default": "" - }, - "subPath": { - "type": "string", - "description": "The name of a volume's sub path to mount for persistence", - "default": "" - }, - "storageClass": { - "type": "string", - "description": "MySQL secondary persistent volume storage Class", - "default": "" - }, - "annotations": { - "type": "object", - "description": "MySQL secondary persistent volume claim annotations", - "default": {} - }, - "accessModes": { - "type": "array", - "description": "MySQL secondary persistent volume access Modes", - "default": [ - "ReadWriteOnce" - ], - "items": { - "type": "string" - } - }, - "size": { - "type": "string", - "description": "MySQL secondary persistent volume size", - "default": "8Gi" - }, - "selector": { - "type": "object", - "description": "Selector to match an existing Persistent Volume", - "default": {} - } - } - }, - "extraVolumes": { - "type": "array", - "description": "Optionally specify extra list of additional volumes to the MySQL secondary pod(s)", - "default": [], - "items": {} - }, - "extraVolumeMounts": { - "type": "array", - "description": "Optionally specify extra list of additional volumeMounts for the MySQL secondary container(s)", - "default": [], - "items": {} - }, - "initContainers": { - "type": "array", - "description": "Add additional init containers for the MySQL secondary pod(s)", - "default": [], - "items": {} - }, - "sidecars": { - "type": "array", - "description": "Add additional sidecar containers for the MySQL secondary pod(s)", - "default": [], - "items": {} - }, - "service": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "MySQL secondary Kubernetes service type", - "default": "ClusterIP" - }, - "ports": { - "type": "object", - "properties": { - "mysql": { - "type": "number", - "description": "MySQL secondary Kubernetes service port", - "default": 3306 - } - } - }, - "nodePorts": { - "type": "object", - "properties": { - "mysql": { - "type": "string", - "description": "MySQL secondary Kubernetes service node port", - "default": "" - } - } - }, - "clusterIP": { - "type": "string", - "description": "MySQL secondary Kubernetes service clusterIP IP", - "default": "" - }, - "loadBalancerIP": { - "type": "string", - "description": "MySQL secondary loadBalancerIP if service type is `LoadBalancer`", - "default": "" - }, - "externalTrafficPolicy": { - "type": "string", - "description": "Enable client source IP preservation", - "default": "Cluster" - }, - "loadBalancerSourceRanges": { - "type": "array", - "description": "Addresses that are allowed when MySQL secondary service is LoadBalancer", - "default": [], - "items": {} - }, - "extraPorts": { - "type": "array", - "description": "Extra ports to expose (normally used with the `sidecar` value)", - "default": [], - "items": {} - }, - "annotations": { - "type": "object", - "description": "Additional custom annotations for MySQL secondary service", - "default": {} - }, - "sessionAffinity": { - "type": "string", - "description": "Session Affinity for Kubernetes service, can be \"None\" or \"ClientIP\"", - "default": "None" - }, - "sessionAffinityConfig": { - "type": "object", - "description": "Additional settings for the sessionAffinity", - "default": {} - }, - "headless": { - "type": "object", - "properties": { - "annotations": { - "type": "object", - "description": "Additional custom annotations for headless MySQL secondary service.", - "default": {} - } - } - } - } - }, - "pdb": { - "type": "object", - "properties": { - "create": { - "type": "boolean", - "description": "Enable/disable a Pod Disruption Budget creation for MySQL secondary pods", - "default": false - }, - "minAvailable": { - "type": "number", - "description": "Minimum number/percentage of MySQL secondary pods that should remain scheduled", - "default": 1 - }, - "maxUnavailable": { - "type": "string", - "description": "Maximum number/percentage of MySQL secondary pods that may be made unavailable", - "default": "" - } - } - }, - "podLabels": { - "type": "object", - "description": "Additional pod labels for MySQL secondary pods", - "default": {} - } - } - }, - "serviceAccount": { - "type": "object", - "properties": { - "create": { - "type": "boolean", - "description": "Enable the creation of a ServiceAccount for MySQL pods", - "default": true - }, - "name": { - "type": "string", - "description": "Name of the created ServiceAccount", - "default": "" - }, - "annotations": { - "type": "object", - "description": "Annotations for MySQL Service Account", - "default": {} - }, - "automountServiceAccountToken": { - "type": "boolean", - "description": "Automount service account token for the server service account", - "default": true - } - } - }, - "rbac": { - "type": "object", - "properties": { - "create": { - "type": "boolean", - "description": "Whether to create & use RBAC resources or not", - "default": false - }, - "rules": { - "type": "array", - "description": "Custom RBAC rules to set", - "default": [], - "items": {} - } - } - }, - "networkPolicy": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable creation of NetworkPolicy resources", - "default": false - }, - "allowExternal": { - "type": "boolean", - "description": "The Policy model to apply.", - "default": true - }, - "explicitNamespacesSelector": { - "type": "object", - "description": "A Kubernetes LabelSelector to explicitly select namespaces from which ingress traffic could be allowed to MySQL", - "default": {} - } - } - }, - "volumePermissions": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup`", - "default": false - }, - "image": { - "type": "object", - "properties": { - "registry": { - "type": "string", - "description": "Init container volume-permissions image registry", - "default": "docker.io" - }, - "repository": { - "type": "string", - "description": "Init container volume-permissions image repository", - "default": "bitnami/os-shell" - }, - "tag": { - "type": "string", - "description": "Init container volume-permissions image tag (immutable tags are recommended)", - "default": "11-debian-11-r43" - }, - "digest": { - "type": "string", - "description": "Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", - "default": "" - }, - "pullPolicy": { - "type": "string", - "description": "Init container volume-permissions image pull policy", - "default": "IfNotPresent" - }, - "pullSecrets": { - "type": "array", - "description": "Specify docker-registry secret names as an array", - "default": [], - "items": {} - } - } - }, - "resources": { - "type": "object", - "description": "Init container volume-permissions resources", - "default": {} - } - } - }, - "metrics": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Start a side-car prometheus exporter", - "default": false - }, - "image": { - "type": "object", - "properties": { - "registry": { - "type": "string", - "description": "Exporter image registry", - "default": "docker.io" - }, - "repository": { - "type": "string", - "description": "Exporter image repository", - "default": "bitnami/mysqld-exporter" - }, - "tag": { - "type": "string", - "description": "Exporter image tag (immutable tags are recommended)", - "default": "0.15.0-debian-11-r24" - }, - "digest": { - "type": "string", - "description": "Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", - "default": "" - }, - "pullPolicy": { - "type": "string", - "description": "Exporter image pull policy", - "default": "IfNotPresent" - }, - "pullSecrets": { - "type": "array", - "description": "Specify docker-registry secret names as an array", - "default": [], - "items": {} - } - } - }, - "containerSecurityContext": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "MySQL metrics container securityContext", - "default": true - }, - "runAsUser": { - "type": "number", - "description": "User ID for the MySQL metrics container", - "default": 1001 - }, - "runAsNonRoot": { - "type": "boolean", - "description": "Set MySQL metrics container's Security Context runAsNonRoot", - "default": true - } - } - }, - "service": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Kubernetes service type for MySQL Prometheus Exporter", - "default": "ClusterIP" - }, - "clusterIP": { - "type": "string", - "description": "Kubernetes service clusterIP for MySQL Prometheus Exporter", - "default": "" - }, - "port": { - "type": "number", - "description": "MySQL Prometheus Exporter service port", - "default": 9104 - }, - "annotations": { - "type": "object", - "properties": { - "prometheus": { - "type": "object", - "properties": { - "io/scrape": { - "type": "string", - "description": "", - "default": "true" - }, - "io/port": { - "type": "string", - "description": "", - "default": "{{ .Values.metrics.service.port }}" - } - } - } - } - } - } - }, - "extraArgs": { - "type": "object", - "properties": { - "primary": { - "type": "array", - "description": "Extra args to be passed to mysqld_exporter on Primary pods", - "default": [], - "items": {} - }, - "secondary": { - "type": "array", - "description": "Extra args to be passed to mysqld_exporter on Secondary pods", - "default": [], - "items": {} - } - } - }, - "resources": { - "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for MySQL prometheus exporter containers", - "default": {} - }, - "requests": { - "type": "object", - "description": "The requested resources for MySQL prometheus exporter containers", - "default": {} - } - } - }, - "livenessProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable livenessProbe", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for livenessProbe", - "default": 120 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for livenessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for livenessProbe", - "default": 1 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for livenessProbe", - "default": 3 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for livenessProbe", - "default": 1 - } - } - }, - "readinessProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable readinessProbe", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for readinessProbe", - "default": 30 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for readinessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for readinessProbe", - "default": 1 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for readinessProbe", - "default": 3 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for readinessProbe", - "default": 1 - } - } - }, - "serviceMonitor": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Create ServiceMonitor Resource for scraping metrics using PrometheusOperator", - "default": false - }, - "namespace": { - "type": "string", - "description": "Specify the namespace in which the serviceMonitor resource will be created", - "default": "" - }, - "jobLabel": { - "type": "string", - "description": "The name of the label on the target service to use as the job name in prometheus.", - "default": "" - }, - "interval": { - "type": "string", - "description": "Specify the interval at which metrics should be scraped", - "default": "30s" - }, - "scrapeTimeout": { - "type": "string", - "description": "Specify the timeout after which the scrape is ended", - "default": "" - }, - "relabelings": { - "type": "array", - "description": "RelabelConfigs to apply to samples before scraping", - "default": [], - "items": {} - }, - "metricRelabelings": { - "type": "array", - "description": "MetricRelabelConfigs to apply to samples before ingestion", - "default": [], - "items": {} - }, - "selector": { - "type": "object", - "description": "ServiceMonitor selector labels", - "default": {} - }, - "honorLabels": { - "type": "boolean", - "description": "Specify honorLabels parameter to add the scrape endpoint", - "default": false - }, - "labels": { - "type": "object", - "description": "Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with", - "default": {} - }, - "annotations": { - "type": "object", - "description": "ServiceMonitor annotations", - "default": {} - } - } - }, - "prometheusRule": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Creates a Prometheus Operator prometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`)", - "default": false - }, - "namespace": { - "type": "string", - "description": "Namespace for the prometheusRule Resource (defaults to the Release Namespace)", - "default": "" - }, - "additionalLabels": { - "type": "object", - "description": "Additional labels that can be used so prometheusRule will be discovered by Prometheus", - "default": {} - }, - "rules": { - "type": "array", - "description": "Prometheus Rule definitions", - "default": [], - "items": {} - } - } - } - } + "$schema": "http://json-schema.org/schema#", + "type": "object", + "properties": { + "architecture": { + "type": "string", + "title": "MySQL architecture", + "form": true, + "description": "Allowed values: `standalone` or `replication`", + "enum": ["standalone", "replication"] + }, + "auth": { + "type": "object", + "title": "Authentication configuration", + "form": true, + "required": ["username", "password"], + "if": { + "properties": { + "createDatabase": { "enum": [ true ] } } + }, + "then": { + "properties": { + "database": { + "pattern": "[a-zA-Z0-9]{1,64}" + } + } + }, + "properties": { + "rootPassword": { + "type": "string", + "title": "MySQL root password", + "description": "Defaults to a random 10-character alphanumeric string if not set" + }, + "database": { + "type": "string", + "title": "MySQL custom database name", + "maxLength": 64 + }, + "username": { + "type": "string", + "title": "MySQL custom username" + }, + "password": { + "type": "string", + "title": "MySQL custom password" + }, + "replicationUser": { + "type": "string", + "title": "MySQL replication username" + }, + "replicationPassword": { + "type": "string", + "title": "MySQL replication password" + }, + "createDatabase": { + "type": "boolean", + "title": "MySQL create custom database" + } + } + }, + "primary": { + "type": "object", + "title": "Primary database configuration", + "form": true, + "properties": { + "podSecurityContext": { + "type": "object", + "title": "MySQL primary Pod security context", + "properties": { + "enabled": { + "type": "boolean", + "default": false + }, + "fsGroup": { + "type": "integer", + "default": 1001, + "hidden": { + "value": false, + "path": "primary/podSecurityContext/enabled" + } + } + } + }, + "containerSecurityContext": { + "type": "object", + "title": "MySQL primary container security context", + "properties": { + "enabled": { + "type": "boolean", + "default": false + }, + "runAsUser": { + "type": "integer", + "default": 1001, + "hidden": { + "value": false, + "path": "primary/containerSecurityContext/enabled" + } + } + } + }, + "persistence": { + "type": "object", + "title": "Enable persistence using Persistent Volume Claims", + "properties": { + "enabled": { + "type": "boolean", + "default": true, + "title": "If true, use a Persistent Volume Claim, If false, use emptyDir" + }, + "size": { + "type": "string", + "title": "Persistent Volume Size", + "form": true, + "render": "slider", + "sliderMin": 1, + "sliderUnit": "Gi", + "hidden": { + "value": false, + "path": "primary/persistence/enabled" + } + } + } + } + } + }, + "secondary": { + "type": "object", + "title": "Secondary database configuration", + "form": true, + "properties": { + "podSecurityContext": { + "type": "object", + "title": "MySQL secondary Pod security context", + "properties": { + "enabled": { + "type": "boolean", + "default": false + }, + "fsGroup": { + "type": "integer", + "default": 1001, + "hidden": { + "value": false, + "path": "secondary/podSecurityContext/enabled" + } + } + } + }, + "containerSecurityContext": { + "type": "object", + "title": "MySQL secondary container security context", + "properties": { + "enabled": { + "type": "boolean", + "default": false + }, + "runAsUser": { + "type": "integer", + "default": 1001, + "hidden": { + "value": false, + "path": "secondary/containerSecurityContext/enabled" + } + } + } + }, + "persistence": { + "type": "object", + "title": "Enable persistence using Persistent Volume Claims", + "properties": { + "enabled": { + "type": "boolean", + "default": true, + "title": "If true, use a Persistent Volume Claim, If false, use emptyDir" + }, + "size": { + "type": "string", + "title": "Persistent Volume Size", + "form": true, + "render": "slider", + "sliderMin": 1, + "sliderUnit": "Gi", + "hidden": { + "value": false, + "path": "secondary/persistence/enabled" + } + } + } + } + } } -} \ No newline at end of file + } +} diff --git a/charts/bitnami/mysql/values.yaml b/charts/bitnami/mysql/values.yaml index b405ec68a..f2b6b17a7 100644 --- a/charts/bitnami/mysql/values.yaml +++ b/charts/bitnami/mysql/values.yaml @@ -85,7 +85,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/mysql - tag: 8.0.34-debian-11-r31 + tag: 8.0.34-debian-11-r56 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1021,7 +1021,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 11-debian-11-r43 + tag: 11-debian-11-r72 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -1055,7 +1055,7 @@ metrics: image: registry: docker.io repository: bitnami/mysqld-exporter - tag: 0.15.0-debian-11-r24 + tag: 0.15.0-debian-11-r50 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/bitnami/postgresql/Chart.lock b/charts/bitnami/postgresql/Chart.lock index ac198523d..6c7414015 100644 --- a/charts/bitnami/postgresql/Chart.lock +++ b/charts/bitnami/postgresql/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.10.0 -digest: sha256:023ded170632d04528f30332370f34fc8fb96efb2886a01d934cb3bd6e6d2e09 -generated: "2023-09-05T11:35:37.879743+02:00" + version: 2.11.1 +digest: sha256:ead8f26c76a9ec082f23629a358e8efd8f88d87aaed734bf41febcb8a7bc5d4c +generated: "2023-09-18T13:15:45.397687963Z" diff --git a/charts/bitnami/postgresql/Chart.yaml b/charts/bitnami/postgresql/Chart.yaml index c715b5d35..feceb56f0 100644 --- a/charts/bitnami/postgresql/Chart.yaml +++ b/charts/bitnami/postgresql/Chart.yaml @@ -6,11 +6,11 @@ annotations: category: Database images: | - name: os-shell - image: docker.io/bitnami/os-shell:11-debian-11-r43 + image: docker.io/bitnami/os-shell:11-debian-11-r72 - name: postgres-exporter - image: docker.io/bitnami/postgres-exporter:0.13.2-debian-11-r25 + image: docker.io/bitnami/postgres-exporter:0.14.0-debian-11-r0 - name: postgresql - image: docker.io/bitnami/postgresql:15.4.0-debian-11-r10 + image: docker.io/bitnami/postgresql:15.4.0-debian-11-r39 licenses: Apache-2.0 apiVersion: v2 appVersion: 15.4.0 @@ -38,4 +38,4 @@ maintainers: name: postgresql sources: - https://github.com/bitnami/charts/tree/main/bitnami/postgresql -version: 12.11.2 +version: 12.12.4 diff --git a/charts/bitnami/postgresql/README.md b/charts/bitnami/postgresql/README.md index d5ee577c7..13c32a25d 100644 --- a/charts/bitnami/postgresql/README.md +++ b/charts/bitnami/postgresql/README.md @@ -100,7 +100,7 @@ kubectl delete pvc -l release=my-release | ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | | `image.registry` | PostgreSQL image registry | `docker.io` | | `image.repository` | PostgreSQL image repository | `bitnami/postgresql` | -| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.4.0-debian-11-r10` | +| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.4.0-debian-11-r39` | | `image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | PostgreSQL image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify image pull secrets | `[]` | @@ -389,6 +389,7 @@ kubectl delete pvc -l release=my-release | `backup.cronjob.command` | Set backup container's command to run | `["/bin/sh","-c","pg_dumpall --clean --if-exists --load-via-partition-root --quote-all-identifiers --no-password --file=${PGDUMP_DIR}/pg_dumpall-$(date '+%Y-%m-%d-%H-%M').pgdump"]` | | `backup.cronjob.labels` | Set the cronjob labels | `{}` | | `backup.cronjob.annotations` | Set the cronjob annotations | `{}` | +| `backup.cronjob.nodeSelector` | Node labels for PostgreSQL backup CronJob pod assignment | `{}` | | `backup.cronjob.storage.existingClaim` | Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`) | `""` | | `backup.cronjob.storage.resourcePolicy` | Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted | `""` | | `backup.cronjob.storage.storageClass` | PVC Storage Class for the backup data volume | `""` | @@ -425,7 +426,7 @@ kubectl delete pvc -l release=my-release | `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | | `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | | `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r43` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r72` | | `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | @@ -456,7 +457,7 @@ kubectl delete pvc -l release=my-release | `metrics.enabled` | Start a prometheus exporter | `false` | | `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `docker.io` | | `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `bitnami/postgres-exporter` | -| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.13.2-debian-11-r25` | +| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r0` | | `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Specify image pull secrets | `[]` | diff --git a/charts/bitnami/postgresql/charts/common/Chart.yaml b/charts/bitnami/postgresql/charts/common/Chart.yaml index e35c2d0e7..3be88e6aa 100644 --- a/charts/bitnami/postgresql/charts/common/Chart.yaml +++ b/charts/bitnami/postgresql/charts/common/Chart.yaml @@ -2,7 +2,7 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 2.9.2 +appVersion: 2.11.1 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. home: https://bitnami.com @@ -20,4 +20,4 @@ name: common sources: - https://github.com/bitnami/charts type: library -version: 2.10.0 +version: 2.11.1 diff --git a/charts/bitnami/postgresql/charts/common/templates/_images.tpl b/charts/bitnami/postgresql/charts/common/templates/_images.tpl index 2181f3224..e248d6d08 100644 --- a/charts/bitnami/postgresql/charts/common/templates/_images.tpl +++ b/charts/bitnami/postgresql/charts/common/templates/_images.tpl @@ -83,3 +83,19 @@ imagePullSecrets: {{- end }} {{- end }} {{- end -}} + +{{/* +Return the proper image version (ingores image revision/prerelease info & fallbacks to chart appVersion) +{{ include "common.images.version" ( dict "imageRoot" .Values.path.to.the.image "chart" .Chart ) }} +*/}} +{{- define "common.images.version" -}} +{{- $imageTag := .imageRoot.tag | toString -}} +{{/* regexp from https://github.com/Masterminds/semver/blob/23f51de38a0866c5ef0bfc42b3f735c73107b700/version.go#L41-L44 */}} +{{- if regexMatch `^([0-9]+)(\.[0-9]+)?(\.[0-9]+)?(-([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?(\+([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?$` $imageTag -}} + {{- $version := semver $imageTag -}} + {{- printf "%d.%d.%d" $version.Major $version.Minor $version.Patch -}} +{{- else -}} + {{- print .chart.AppVersion -}} +{{- end -}} +{{- end -}} + diff --git a/charts/bitnami/postgresql/charts/common/templates/_labels.tpl b/charts/bitnami/postgresql/charts/common/templates/_labels.tpl index fac46076a..a3cdc2bfd 100644 --- a/charts/bitnami/postgresql/charts/common/templates/_labels.tpl +++ b/charts/bitnami/postgresql/charts/common/templates/_labels.tpl @@ -11,21 +11,13 @@ Kubernetes standard labels */}} {{- define "common.labels.standard" -}} {{- if and (hasKey . "customLabels") (hasKey . "context") -}} -{{ merge - (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) - (dict - "app.kubernetes.io/name" (include "common.names.name" .context) - "helm.sh/chart" (include "common.names.chart" .context) - "app.kubernetes.io/instance" .context.Release.Name - "app.kubernetes.io/managed-by" .context.Release.Service - ) - | toYaml -}} +{{ merge (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) (dict "app.kubernetes.io/name" (include "common.names.name" .context) "helm.sh/chart" (include "common.names.chart" .context) "app.kubernetes.io/instance" .context.Release.Name "app.kubernetes.io/managed-by" .context.Release.Service "app.kubernetes.io/version" .context.Chart.AppVersion) | toYaml }} {{- else -}} app.kubernetes.io/name: {{ include "common.names.name" . }} helm.sh/chart: {{ include "common.names.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end -}} {{- end -}} @@ -40,14 +32,7 @@ overwrote them on metadata.labels fields. */}} {{- define "common.labels.matchLabels" -}} {{- if and (hasKey . "customLabels") (hasKey . "context") -}} -{{ merge - (pick (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) "app.kubernetes.io/name" "app.kubernetes.io/instance") - (dict - "app.kubernetes.io/name" (include "common.names.name" .context) - "app.kubernetes.io/instance" .context.Release.Name - ) - | toYaml -}} +{{ merge (pick (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) "app.kubernetes.io/name" "app.kubernetes.io/instance") (dict "app.kubernetes.io/name" (include "common.names.name" .context) "app.kubernetes.io/instance" .context.Release.Name ) | toYaml }} {{- else -}} app.kubernetes.io/name: {{ include "common.names.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/charts/bitnami/postgresql/charts/common/values.schema.json b/charts/bitnami/postgresql/charts/common/values.schema.json new file mode 100644 index 000000000..2124b3e4a --- /dev/null +++ b/charts/bitnami/postgresql/charts/common/values.schema.json @@ -0,0 +1,11 @@ +{ + "title": "Chart Values", + "type": "object", + "properties": { + "exampleValue": { + "type": "string", + "description": "", + "default": "common-chart" + } + } +} \ No newline at end of file diff --git a/charts/bitnami/postgresql/templates/backup/cronjob.yaml b/charts/bitnami/postgresql/templates/backup/cronjob.yaml index 6fe99ec7a..012a44f98 100644 --- a/charts/bitnami/postgresql/templates/backup/cronjob.yaml +++ b/charts/bitnami/postgresql/templates/backup/cronjob.yaml @@ -38,6 +38,9 @@ spec: annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 12 }} {{- end }} spec: + {{- if .Values.backup.cronjob.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.nodeSelector "context" $) | nindent 12 }} + {{- end }} containers: - name: {{ include "postgresql.v1.primary.fullname" . }}-pgdumpall image: {{ include "postgresql.v1.image" . }} diff --git a/charts/bitnami/postgresql/values.schema.json b/charts/bitnami/postgresql/values.schema.json index 8791cb85b..fc41483cd 100644 --- a/charts/bitnami/postgresql/values.schema.json +++ b/charts/bitnami/postgresql/values.schema.json @@ -1,2537 +1,156 @@ { - "title": "Chart Values", - "type": "object", - "properties": { - "global": { - "type": "object", - "properties": { - "imageRegistry": { - "type": "string", - "description": "Global Docker image registry", - "default": "" - }, - "imagePullSecrets": { - "type": "array", - "description": "Global Docker registry secret names as an array", - "default": [], - "items": {} - }, - "storageClass": { - "type": "string", - "description": "Global StorageClass for Persistent Volume(s)", - "default": "" - }, - "postgresql": { - "type": "object", - "properties": { - "auth": { - "type": "object", - "properties": { - "postgresPassword": { - "type": "string", - "description": "Password for the \"postgres\" admin user (overrides `auth.postgresPassword`)", - "default": "" - }, - "username": { - "type": "string", - "description": "Name for a custom user to create (overrides `auth.username`)", - "default": "" - }, - "password": { - "type": "string", - "description": "Password for the custom user to create (overrides `auth.password`)", - "default": "" - }, - "database": { - "type": "string", - "description": "Name for a custom database to create (overrides `auth.database`)", - "default": "" - }, - "existingSecret": { - "type": "string", - "description": "Name of existing secret to use for PostgreSQL credentials (overrides `auth.existingSecret`).", - "default": "" - }, - "secretKeys": { - "type": "object", - "properties": { - "adminPasswordKey": { - "type": "string", - "description": "Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.adminPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set.", - "default": "" - }, - "userPasswordKey": { - "type": "string", - "description": "Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.userPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set.", - "default": "" - }, - "replicationPasswordKey": { - "type": "string", - "description": "Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.replicationPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set.", - "default": "" - } - } - } - } - }, - "service": { - "type": "object", - "properties": { - "ports": { - "type": "object", - "properties": { - "postgresql": { - "type": "string", - "description": "PostgreSQL service port (overrides `service.ports.postgresql`)", - "default": "" - } - } - } - } - } - } - } - } - }, - "kubeVersion": { - "type": "string", - "description": "Override Kubernetes version", - "default": "" - }, - "nameOverride": { - "type": "string", - "description": "String to partially override common.names.fullname template (will maintain the release name)", - "default": "" - }, - "fullnameOverride": { - "type": "string", - "description": "String to fully override common.names.fullname template", - "default": "" - }, - "clusterDomain": { - "type": "string", - "description": "Kubernetes Cluster Domain", - "default": "cluster.local" - }, - "extraDeploy": { - "type": "array", - "description": "Array of extra objects to deploy with the release (evaluated as a template)", - "default": [], - "items": {} - }, - "commonLabels": { - "type": "object", - "description": "Add labels to all the deployed resources", - "default": {} - }, - "commonAnnotations": { - "type": "object", - "description": "Add annotations to all the deployed resources", - "default": {} - }, - "diagnosticMode": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable diagnostic mode (all probes will be disabled and the command will be overridden)", - "default": false - }, - "command": { - "type": "array", - "description": "Command to override all containers in the statefulset", - "default": [ - "sleep" - ], - "items": { - "type": "string" - } - }, - "args": { - "type": "array", - "description": "Args to override all containers in the statefulset", - "default": [ - "infinity" - ], - "items": { - "type": "string" - } - } - } - }, - "image": { - "type": "object", - "properties": { - "registry": { - "type": "string", - "description": "PostgreSQL image registry", - "default": "docker.io" - }, - "repository": { - "type": "string", - "description": "PostgreSQL image repository", - "default": "bitnami/postgresql" - }, - "tag": { - "type": "string", - "description": "PostgreSQL image tag (immutable tags are recommended)", - "default": "15.4.0-debian-11-r10" - }, - "digest": { - "type": "string", - "description": "PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", - "default": "" - }, - "pullPolicy": { - "type": "string", - "description": "PostgreSQL image pull policy", - "default": "IfNotPresent" - }, - "pullSecrets": { - "type": "array", - "description": "Specify image pull secrets", - "default": [], - "items": {} - }, - "debug": { - "type": "boolean", - "description": "Specify if debug values should be set", - "default": false - } - } - }, - "auth": { - "type": "object", - "properties": { - "enablePostgresUser": { - "type": "boolean", - "description": "Assign a password to the \"postgres\" admin user. Otherwise, remote access will be blocked for this user", - "default": true - }, - "postgresPassword": { - "type": "string", - "description": "Password for the \"postgres\" admin user. Ignored if `auth.existingSecret` is provided", - "default": "" - }, - "username": { - "type": "string", - "description": "Name for a custom user to create", - "default": "" - }, - "password": { - "type": "string", - "description": "Password for the custom user to create. Ignored if `auth.existingSecret` is provided", - "default": "" - }, - "database": { - "type": "string", - "description": "Name for a custom database to create", - "default": "" - }, - "replicationUsername": { - "type": "string", - "description": "Name of the replication user", - "default": "repl_user" - }, - "replicationPassword": { - "type": "string", - "description": "Password for the replication user. Ignored if `auth.existingSecret` is provided", - "default": "" - }, - "existingSecret": { - "type": "string", - "description": "Name of existing secret to use for PostgreSQL credentials. `auth.postgresPassword`, `auth.password`, and `auth.replicationPassword` will be ignored and picked up from this secret. The secret might also contains the key `ldap-password` if LDAP is enabled. `ldap.bind_password` will be ignored and picked from this secret in this case.", - "default": "" - }, - "secretKeys": { - "type": "object", - "properties": { - "adminPasswordKey": { - "type": "string", - "description": "Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set.", - "default": "postgres-password" - }, - "userPasswordKey": { - "type": "string", - "description": "Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set.", - "default": "password" - }, - "replicationPasswordKey": { - "type": "string", - "description": "Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set.", - "default": "replication-password" - } - } - }, - "usePasswordFiles": { - "type": "boolean", - "description": "Mount credentials as a files instead of using an environment variable", - "default": false - } - } - }, - "architecture": { - "type": "string", - "description": "PostgreSQL architecture (`standalone` or `replication`)", - "default": "standalone" - }, - "replication": { - "type": "object", - "properties": { - "synchronousCommit": { - "type": "string", - "description": "Set synchronous commit mode. Allowed values: `on`, `remote_apply`, `remote_write`, `local` and `off`", - "default": "off" - }, - "numSynchronousReplicas": { - "type": "number", - "description": "Number of replicas that will have synchronous replication. Note: Cannot be greater than `readReplicas.replicaCount`.", - "default": 0 - }, - "applicationName": { - "type": "string", - "description": "Cluster application name. Useful for advanced replication settings", - "default": "my_application" - } - } - }, - "containerPorts": { - "type": "object", - "properties": { - "postgresql": { - "type": "number", - "description": "PostgreSQL container port", - "default": 5432 - } - } - }, - "audit": { - "type": "object", - "properties": { - "logHostname": { - "type": "boolean", - "description": "Log client hostnames", - "default": false - }, - "logConnections": { - "type": "boolean", - "description": "Add client log-in operations to the log file", - "default": false - }, - "logDisconnections": { - "type": "boolean", - "description": "Add client log-outs operations to the log file", - "default": false - }, - "pgAuditLog": { - "type": "string", - "description": "Add operations to log using the pgAudit extension", - "default": "" - }, - "pgAuditLogCatalog": { - "type": "string", - "description": "Log catalog using pgAudit", - "default": "off" - }, - "clientMinMessages": { - "type": "string", - "description": "Message log level to share with the user", - "default": "error" - }, - "logLinePrefix": { - "type": "string", - "description": "Template for log line prefix (default if not set)", - "default": "" - }, - "logTimezone": { - "type": "string", - "description": "Timezone for the log timestamps", - "default": "" - } - } - }, - "ldap": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable LDAP support", - "default": false - }, - "server": { - "type": "string", - "description": "IP address or name of the LDAP server.", - "default": "" - }, - "port": { - "type": "string", - "description": "Port number on the LDAP server to connect to", - "default": "" - }, - "prefix": { - "type": "string", - "description": "String to prepend to the user name when forming the DN to bind", - "default": "" - }, - "suffix": { - "type": "string", - "description": "String to append to the user name when forming the DN to bind", - "default": "" - }, - "basedn": { - "type": "string", - "description": "Root DN to begin the search for the user in", - "default": "" - }, - "binddn": { - "type": "string", - "description": "DN of user to bind to LDAP", - "default": "" - }, - "bindpw": { - "type": "string", - "description": "Password for the user to bind to LDAP", - "default": "" - }, - "searchAttribute": { - "type": "string", - "description": "Attribute to match against the user name in the search", - "default": "" - }, - "searchFilter": { - "type": "string", - "description": "The search filter to use when doing search+bind authentication", - "default": "" - }, - "scheme": { - "type": "string", - "description": "Set to `ldaps` to use LDAPS", - "default": "" - }, - "tls": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Se to true to enable TLS encryption", - "default": false - } - } - }, - "uri": { - "type": "string", - "description": "LDAP URL beginning in the form `ldap[s]://host[:port]/basedn`. If provided, all the other LDAP parameters will be ignored.", - "default": "" - } - } - }, - "postgresqlDataDir": { - "type": "string", - "description": "PostgreSQL data dir folder", - "default": "/bitnami/postgresql/data" - }, - "postgresqlSharedPreloadLibraries": { - "type": "string", - "description": "Shared preload libraries (comma-separated list)", - "default": "pgaudit" - }, - "shmVolume": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable emptyDir volume for /dev/shm for PostgreSQL pod(s)", - "default": true - }, - "sizeLimit": { - "type": "string", - "description": "Set this to enable a size limit on the shm tmpfs", - "default": "" - } - } - }, - "tls": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable TLS traffic support", - "default": false - }, - "autoGenerated": { - "type": "boolean", - "description": "Generate automatically self-signed TLS certificates", - "default": false - }, - "preferServerCiphers": { - "type": "boolean", - "description": "Whether to use the server's TLS cipher preferences rather than the client's", - "default": true - }, - "certificatesSecret": { - "type": "string", - "description": "Name of an existing secret that contains the certificates", - "default": "" - }, - "certFilename": { - "type": "string", - "description": "Certificate filename", - "default": "" - }, - "certKeyFilename": { - "type": "string", - "description": "Certificate key filename", - "default": "" - }, - "certCAFilename": { - "type": "string", - "description": "CA Certificate filename", - "default": "" - }, - "crlFilename": { - "type": "string", - "description": "File containing a Certificate Revocation List", - "default": "" - } - } - }, - "primary": { - "type": "object", - "properties": { - "name": { - "type": "string", - "description": "Name of the primary database (eg primary, master, leader, ...)", - "default": "primary" - }, - "configuration": { - "type": "string", - "description": "PostgreSQL Primary main configuration to be injected as ConfigMap", - "default": "" - }, - "pgHbaConfiguration": { - "type": "string", - "description": "PostgreSQL Primary client authentication configuration", - "default": "" - }, - "existingConfigmap": { - "type": "string", - "description": "Name of an existing ConfigMap with PostgreSQL Primary configuration", - "default": "" - }, - "extendedConfiguration": { - "type": "string", - "description": "Extended PostgreSQL Primary configuration (appended to main or default configuration)", - "default": "" - }, - "existingExtendedConfigmap": { - "type": "string", - "description": "Name of an existing ConfigMap with PostgreSQL Primary extended configuration", - "default": "" - }, - "initdb": { - "type": "object", - "properties": { - "args": { - "type": "string", - "description": "PostgreSQL initdb extra arguments", - "default": "" - }, - "postgresqlWalDir": { - "type": "string", - "description": "Specify a custom location for the PostgreSQL transaction log", - "default": "" - }, - "scripts": { - "type": "object", - "description": "Dictionary of initdb scripts", - "default": {} - }, - "scriptsConfigMap": { - "type": "string", - "description": "ConfigMap with scripts to be run at first boot", - "default": "" - }, - "scriptsSecret": { - "type": "string", - "description": "Secret with scripts to be run at first boot (in case it contains sensitive information)", - "default": "" - }, - "user": { - "type": "string", - "description": "Specify the PostgreSQL username to execute the initdb scripts", - "default": "" - }, - "password": { - "type": "string", - "description": "Specify the PostgreSQL password to execute the initdb scripts", - "default": "" - } - } - }, - "standby": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Whether to enable current cluster's primary as standby server of another cluster or not", - "default": false - }, - "primaryHost": { - "type": "string", - "description": "The Host of replication primary in the other cluster", - "default": "" - }, - "primaryPort": { - "type": "string", - "description": "The Port of replication primary in the other cluster", - "default": "" - } - } - }, - "extraEnvVars": { - "type": "array", - "description": "Array with extra environment variables to add to PostgreSQL Primary nodes", - "default": [], - "items": {} - }, - "extraEnvVarsCM": { - "type": "string", - "description": "Name of existing ConfigMap containing extra env vars for PostgreSQL Primary nodes", - "default": "" - }, - "extraEnvVarsSecret": { - "type": "string", - "description": "Name of existing Secret containing extra env vars for PostgreSQL Primary nodes", - "default": "" - }, - "command": { - "type": "array", - "description": "Override default container command (useful when using custom images)", - "default": [], - "items": {} - }, - "args": { - "type": "array", - "description": "Override default container args (useful when using custom images)", - "default": [], - "items": {} - }, - "livenessProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable livenessProbe on PostgreSQL Primary containers", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for livenessProbe", - "default": 30 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for livenessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for livenessProbe", - "default": 5 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for livenessProbe", - "default": 6 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for livenessProbe", - "default": 1 - } - } - }, - "readinessProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable readinessProbe on PostgreSQL Primary containers", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for readinessProbe", - "default": 5 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for readinessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for readinessProbe", - "default": 5 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for readinessProbe", - "default": 6 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for readinessProbe", - "default": 1 - } - } - }, - "startupProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable startupProbe on PostgreSQL Primary containers", - "default": false - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for startupProbe", - "default": 30 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for startupProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for startupProbe", - "default": 1 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for startupProbe", - "default": 15 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for startupProbe", - "default": 1 - } - } - }, - "customLivenessProbe": { - "type": "object", - "description": "Custom livenessProbe that overrides the default one", - "default": {} - }, - "customReadinessProbe": { - "type": "object", - "description": "Custom readinessProbe that overrides the default one", - "default": {} - }, - "customStartupProbe": { - "type": "object", - "description": "Custom startupProbe that overrides the default one", - "default": {} - }, - "lifecycleHooks": { - "type": "object", - "description": "for the PostgreSQL Primary container to automate configuration before or after startup", - "default": {} - }, - "resources": { - "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the PostgreSQL Primary containers", - "default": {} - }, - "requests": { - "type": "object", - "properties": { - "memory": { - "type": "string", - "description": "The requested memory for the PostgreSQL Primary containers", - "default": "256Mi" - }, - "cpu": { - "type": "string", - "description": "The requested cpu for the PostgreSQL Primary containers", - "default": "250m" - } - } - } - } - }, - "podSecurityContext": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable security context", - "default": true - }, - "fsGroup": { - "type": "number", - "description": "Group ID for the pod", - "default": 1001 - } - } - }, - "containerSecurityContext": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable container security context", - "default": true - }, - "runAsUser": { - "type": "number", - "description": "User ID for the container", - "default": 1001 - }, - "runAsGroup": { - "type": "number", - "description": "Group ID for the container", - "default": 0 - }, - "runAsNonRoot": { - "type": "boolean", - "description": "Set runAsNonRoot for the container", - "default": true - }, - "allowPrivilegeEscalation": { - "type": "boolean", - "description": "Set allowPrivilegeEscalation for the container", - "default": false - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Set seccompProfile.type for the container", - "default": "RuntimeDefault" - } - } - }, - "capabilities": { - "type": "object", - "properties": { - "drop": { - "type": "array", - "description": "Set capabilities.drop for the container", - "default": [ - "ALL" - ], - "items": { - "type": "string" - } - } - } - } - } - }, - "hostAliases": { - "type": "array", - "description": "PostgreSQL primary pods host aliases", - "default": [], - "items": {} - }, - "hostNetwork": { - "type": "boolean", - "description": "Specify if host network should be enabled for PostgreSQL pod (postgresql primary)", - "default": false - }, - "hostIPC": { - "type": "boolean", - "description": "Specify if host IPC should be enabled for PostgreSQL pod (postgresql primary)", - "default": false - }, - "labels": { - "type": "object", - "description": "Map of labels to add to the statefulset (postgresql primary)", - "default": {} - }, - "annotations": { - "type": "object", - "description": "Annotations for PostgreSQL primary pods", - "default": {} - }, - "podLabels": { - "type": "object", - "description": "Map of labels to add to the pods (postgresql primary)", - "default": {} - }, - "podAnnotations": { - "type": "object", - "description": "Map of annotations to add to the pods (postgresql primary)", - "default": {} - }, - "podAffinityPreset": { - "type": "string", - "description": "PostgreSQL primary pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard`", - "default": "" - }, - "podAntiAffinityPreset": { - "type": "string", - "description": "PostgreSQL primary pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard`", - "default": "soft" - }, - "nodeAffinityPreset": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "PostgreSQL primary node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard`", - "default": "" - }, - "key": { - "type": "string", - "description": "PostgreSQL primary node label key to match Ignored if `primary.affinity` is set.", - "default": "" - }, - "values": { - "type": "array", - "description": "PostgreSQL primary node label values to match. Ignored if `primary.affinity` is set.", - "default": [], - "items": {} - } - } - }, - "affinity": { - "type": "object", - "description": "Affinity for PostgreSQL primary pods assignment", - "default": {} - }, - "nodeSelector": { - "type": "object", - "description": "Node labels for PostgreSQL primary pods assignment", - "default": {} - }, - "tolerations": { - "type": "array", - "description": "Tolerations for PostgreSQL primary pods assignment", - "default": [], - "items": {} - }, - "topologySpreadConstraints": { - "type": "array", - "description": "Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template", - "default": [], - "items": {} - }, - "priorityClassName": { - "type": "string", - "description": "Priority Class to use for each pod (postgresql primary)", - "default": "" - }, - "schedulerName": { - "type": "string", - "description": "Use an alternate scheduler, e.g. \"stork\".", - "default": "" - }, - "terminationGracePeriodSeconds": { - "type": "string", - "description": "Seconds PostgreSQL primary pod needs to terminate gracefully", - "default": "" - }, - "updateStrategy": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "PostgreSQL Primary statefulset strategy type", - "default": "RollingUpdate" - }, - "rollingUpdate": { - "type": "object", - "description": "PostgreSQL Primary statefulset rolling update configuration parameters", - "default": {} - } - } - }, - "extraVolumeMounts": { - "type": "array", - "description": "Optionally specify extra list of additional volumeMounts for the PostgreSQL Primary container(s)", - "default": [], - "items": {} - }, - "extraVolumes": { - "type": "array", - "description": "Optionally specify extra list of additional volumes for the PostgreSQL Primary pod(s)", - "default": [], - "items": {} - }, - "sidecars": { - "type": "array", - "description": "Add additional sidecar containers to the PostgreSQL Primary pod(s)", - "default": [], - "items": {} - }, - "initContainers": { - "type": "array", - "description": "Add additional init containers to the PostgreSQL Primary pod(s)", - "default": [], - "items": {} - }, - "extraPodSpec": { - "type": "object", - "description": "Optionally specify extra PodSpec for the PostgreSQL Primary pod(s)", - "default": {} - }, - "service": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Kubernetes Service type", - "default": "ClusterIP" - }, - "ports": { - "type": "object", - "properties": { - "postgresql": { - "type": "number", - "description": "PostgreSQL service port", - "default": 5432 - } - } - }, - "nodePorts": { - "type": "object", - "properties": { - "postgresql": { - "type": "string", - "description": "Node port for PostgreSQL", - "default": "" - } - } - }, - "clusterIP": { - "type": "string", - "description": "Static clusterIP or None for headless services", - "default": "" - }, - "annotations": { - "type": "object", - "description": "Annotations for PostgreSQL primary service", - "default": {} - }, - "loadBalancerIP": { - "type": "string", - "description": "Load balancer IP if service type is `LoadBalancer`", - "default": "" - }, - "externalTrafficPolicy": { - "type": "string", - "description": "Enable client source IP preservation", - "default": "Cluster" - }, - "loadBalancerSourceRanges": { - "type": "array", - "description": "Addresses that are allowed when service is LoadBalancer", - "default": [], - "items": {} - }, - "extraPorts": { - "type": "array", - "description": "Extra ports to expose in the PostgreSQL primary service", - "default": [], - "items": {} - }, - "sessionAffinity": { - "type": "string", - "description": "Session Affinity for Kubernetes service, can be \"None\" or \"ClientIP\"", - "default": "None" - }, - "sessionAffinityConfig": { - "type": "object", - "description": "Additional settings for the sessionAffinity", - "default": {} - }, - "headless": { - "type": "object", - "properties": { - "annotations": { - "type": "object", - "description": "Additional custom annotations for headless PostgreSQL primary service", - "default": {} - } - } - } - } - }, - "persistence": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable PostgreSQL Primary data persistence using PVC", - "default": true - }, - "existingClaim": { - "type": "string", - "description": "Name of an existing PVC to use", - "default": "" - }, - "mountPath": { - "type": "string", - "description": "The path the volume will be mounted at", - "default": "/bitnami/postgresql" - }, - "subPath": { - "type": "string", - "description": "The subdirectory of the volume to mount to", - "default": "" - }, - "storageClass": { - "type": "string", - "description": "PVC Storage Class for PostgreSQL Primary data volume", - "default": "" - }, - "accessModes": { - "type": "array", - "description": "PVC Access Mode for PostgreSQL volume", - "default": [ - "ReadWriteOnce" - ], - "items": { - "type": "string" - } - }, - "size": { - "type": "string", - "description": "PVC Storage Request for PostgreSQL volume", - "default": "8Gi" - }, - "annotations": { - "type": "object", - "description": "Annotations for the PVC", - "default": {} - }, - "labels": { - "type": "object", - "description": "Labels for the PVC", - "default": {} - }, - "selector": { - "type": "object", - "description": "Selector to match an existing Persistent Volume (this value is evaluated as a template)", - "default": {} - }, - "dataSource": { - "type": "object", - "description": "Custom PVC data source", - "default": {} - } - } - }, - "persistentVolumeClaimRetentionPolicy": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable Persistent volume retention policy for Primary Statefulset", - "default": false - }, - "whenScaled": { - "type": "string", - "description": "Volume retention behavior when the replica count of the StatefulSet is reduced", - "default": "Retain" - }, - "whenDeleted": { - "type": "string", - "description": "Volume retention behavior that applies when the StatefulSet is deleted", - "default": "Retain" - } - } - } + "$schema": "http://json-schema.org/schema#", + "type": "object", + "properties": { + "architecture": { + "type": "string", + "title": "PostgreSQL architecture", + "form": true, + "description": "Allowed values: `standalone` or `replication`" + }, + "auth": { + "type": "object", + "title": "Authentication configuration", + "form": true, + "properties": { + "enablePostgresUser": { + "type": "boolean", + "title": "Enable \"postgres\" admin user", + "description": "Assign a password to the \"postgres\" admin user. Otherwise, remote access will be blocked for this user", + "form": true + }, + "postgresPassword": { + "type": "string", + "title": "Password for the \"postgres\" admin user", + "description": "Defaults to a random 10-character alphanumeric string if not set", + "form": true + }, + "database": { + "type": "string", + "title": "PostgreSQL custom database", + "description": "Name of the custom database to be created during the 1st initialization of PostgreSQL", + "form": true + }, + "username": { + "type": "string", + "title": "PostgreSQL custom user", + "description": "Name of the custom user to be created during the 1st initialization of PostgreSQL. This user only has permissions on the PostgreSQL custom database", + "form": true + }, + "password": { + "type": "string", + "title": "Password for the custom user to create", + "description": "Defaults to a random 10-character alphanumeric string if not set", + "form": true + }, + "replicationUsername": { + "type": "string", + "title": "PostgreSQL replication user", + "description": "Name of user used to manage replication.", + "form": true, + "hidden": { + "value": "standalone", + "path": "architecture" + } + }, + "replicationPassword": { + "type": "string", + "title": "Password for PostgreSQL replication user", + "description": "Defaults to a random 10-character alphanumeric string if not set", + "form": true, + "hidden": { + "value": "standalone", + "path": "architecture" + } + } + } + }, + "persistence": { + "type": "object", + "properties": { + "size": { + "type": "string", + "title": "Persistent Volume Size", + "form": true, + "render": "slider", + "sliderMin": 1, + "sliderMax": 100, + "sliderUnit": "Gi" + } + } + }, + "resources": { + "type": "object", + "title": "Required Resources", + "description": "Configure resource requests", + "form": true, + "properties": { + "requests": { + "type": "object", + "properties": { + "memory": { + "type": "string", + "form": true, + "render": "slider", + "title": "Memory Request", + "sliderMin": 10, + "sliderMax": 2048, + "sliderUnit": "Mi" + }, + "cpu": { + "type": "string", + "form": true, + "render": "slider", + "title": "CPU Request", + "sliderMin": 10, + "sliderMax": 2000, + "sliderUnit": "m" } + } + } + } + }, + "replication": { + "type": "object", + "form": true, + "title": "Replication Details", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable Replication", + "form": true }, "readReplicas": { - "type": "object", - "properties": { - "name": { - "type": "string", - "description": "Name of the read replicas database (eg secondary, slave, ...)", - "default": "read" - }, - "replicaCount": { - "type": "number", - "description": "Number of PostgreSQL read only replicas", - "default": 1 - }, - "extendedConfiguration": { - "type": "string", - "description": "Extended PostgreSQL read only replicas configuration (appended to main or default configuration)", - "default": "" - }, - "extraEnvVars": { - "type": "array", - "description": "Array with extra environment variables to add to PostgreSQL read only nodes", - "default": [], - "items": {} - }, - "extraEnvVarsCM": { - "type": "string", - "description": "Name of existing ConfigMap containing extra env vars for PostgreSQL read only nodes", - "default": "" - }, - "extraEnvVarsSecret": { - "type": "string", - "description": "Name of existing Secret containing extra env vars for PostgreSQL read only nodes", - "default": "" - }, - "command": { - "type": "array", - "description": "Override default container command (useful when using custom images)", - "default": [], - "items": {} - }, - "args": { - "type": "array", - "description": "Override default container args (useful when using custom images)", - "default": [], - "items": {} - }, - "livenessProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable livenessProbe on PostgreSQL read only containers", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for livenessProbe", - "default": 30 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for livenessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for livenessProbe", - "default": 5 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for livenessProbe", - "default": 6 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for livenessProbe", - "default": 1 - } - } - }, - "readinessProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable readinessProbe on PostgreSQL read only containers", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for readinessProbe", - "default": 5 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for readinessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for readinessProbe", - "default": 5 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for readinessProbe", - "default": 6 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for readinessProbe", - "default": 1 - } - } - }, - "startupProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable startupProbe on PostgreSQL read only containers", - "default": false - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for startupProbe", - "default": 30 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for startupProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for startupProbe", - "default": 1 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for startupProbe", - "default": 15 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for startupProbe", - "default": 1 - } - } - }, - "customLivenessProbe": { - "type": "object", - "description": "Custom livenessProbe that overrides the default one", - "default": {} - }, - "customReadinessProbe": { - "type": "object", - "description": "Custom readinessProbe that overrides the default one", - "default": {} - }, - "customStartupProbe": { - "type": "object", - "description": "Custom startupProbe that overrides the default one", - "default": {} - }, - "lifecycleHooks": { - "type": "object", - "description": "for the PostgreSQL read only container to automate configuration before or after startup", - "default": {} - }, - "resources": { - "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the PostgreSQL read only containers", - "default": {} - }, - "requests": { - "type": "object", - "properties": { - "memory": { - "type": "string", - "description": "The requested memory for the PostgreSQL read only containers", - "default": "256Mi" - }, - "cpu": { - "type": "string", - "description": "The requested cpu for the PostgreSQL read only containers", - "default": "250m" - } - } - } - } - }, - "podSecurityContext": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable security context", - "default": true - }, - "fsGroup": { - "type": "number", - "description": "Group ID for the pod", - "default": 1001 - } - } - }, - "containerSecurityContext": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable container security context", - "default": true - }, - "runAsUser": { - "type": "number", - "description": "User ID for the container", - "default": 1001 - }, - "runAsGroup": { - "type": "number", - "description": "Group ID for the container", - "default": 0 - }, - "runAsNonRoot": { - "type": "boolean", - "description": "Set runAsNonRoot for the container", - "default": true - }, - "allowPrivilegeEscalation": { - "type": "boolean", - "description": "Set allowPrivilegeEscalation for the container", - "default": false - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Set seccompProfile.type for the container", - "default": "RuntimeDefault" - } - } - }, - "capabilities": { - "type": "object", - "properties": { - "drop": { - "type": "array", - "description": "Set capabilities.drop for the container", - "default": [ - "ALL" - ], - "items": { - "type": "string" - } - } - } - } - } - }, - "hostAliases": { - "type": "array", - "description": "PostgreSQL read only pods host aliases", - "default": [], - "items": {} - }, - "hostNetwork": { - "type": "boolean", - "description": "Specify if host network should be enabled for PostgreSQL pod (PostgreSQL read only)", - "default": false - }, - "hostIPC": { - "type": "boolean", - "description": "Specify if host IPC should be enabled for PostgreSQL pod (postgresql primary)", - "default": false - }, - "labels": { - "type": "object", - "description": "Map of labels to add to the statefulset (PostgreSQL read only)", - "default": {} - }, - "annotations": { - "type": "object", - "description": "Annotations for PostgreSQL read only pods", - "default": {} - }, - "podLabels": { - "type": "object", - "description": "Map of labels to add to the pods (PostgreSQL read only)", - "default": {} - }, - "podAnnotations": { - "type": "object", - "description": "Map of annotations to add to the pods (PostgreSQL read only)", - "default": {} - }, - "podAffinityPreset": { - "type": "string", - "description": "PostgreSQL read only pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard`", - "default": "" - }, - "podAntiAffinityPreset": { - "type": "string", - "description": "PostgreSQL read only pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard`", - "default": "soft" - }, - "nodeAffinityPreset": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "PostgreSQL read only node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard`", - "default": "" - }, - "key": { - "type": "string", - "description": "PostgreSQL read only node label key to match Ignored if `primary.affinity` is set.", - "default": "" - }, - "values": { - "type": "array", - "description": "PostgreSQL read only node label values to match. Ignored if `primary.affinity` is set.", - "default": [], - "items": {} - } - } - }, - "affinity": { - "type": "object", - "description": "Affinity for PostgreSQL read only pods assignment", - "default": {} - }, - "nodeSelector": { - "type": "object", - "description": "Node labels for PostgreSQL read only pods assignment", - "default": {} - }, - "tolerations": { - "type": "array", - "description": "Tolerations for PostgreSQL read only pods assignment", - "default": [], - "items": {} - }, - "topologySpreadConstraints": { - "type": "array", - "description": "Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template", - "default": [], - "items": {} - }, - "priorityClassName": { - "type": "string", - "description": "Priority Class to use for each pod (PostgreSQL read only)", - "default": "" - }, - "schedulerName": { - "type": "string", - "description": "Use an alternate scheduler, e.g. \"stork\".", - "default": "" - }, - "terminationGracePeriodSeconds": { - "type": "string", - "description": "Seconds PostgreSQL read only pod needs to terminate gracefully", - "default": "" - }, - "updateStrategy": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "PostgreSQL read only statefulset strategy type", - "default": "RollingUpdate" - }, - "rollingUpdate": { - "type": "object", - "description": "PostgreSQL read only statefulset rolling update configuration parameters", - "default": {} - } - } - }, - "extraVolumeMounts": { - "type": "array", - "description": "Optionally specify extra list of additional volumeMounts for the PostgreSQL read only container(s)", - "default": [], - "items": {} - }, - "extraVolumes": { - "type": "array", - "description": "Optionally specify extra list of additional volumes for the PostgreSQL read only pod(s)", - "default": [], - "items": {} - }, - "sidecars": { - "type": "array", - "description": "Add additional sidecar containers to the PostgreSQL read only pod(s)", - "default": [], - "items": {} - }, - "initContainers": { - "type": "array", - "description": "Add additional init containers to the PostgreSQL read only pod(s)", - "default": [], - "items": {} - }, - "extraPodSpec": { - "type": "object", - "description": "Optionally specify extra PodSpec for the PostgreSQL read only pod(s)", - "default": {} - }, - "service": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Kubernetes Service type", - "default": "ClusterIP" - }, - "ports": { - "type": "object", - "properties": { - "postgresql": { - "type": "number", - "description": "PostgreSQL service port", - "default": 5432 - } - } - }, - "nodePorts": { - "type": "object", - "properties": { - "postgresql": { - "type": "string", - "description": "Node port for PostgreSQL", - "default": "" - } - } - }, - "clusterIP": { - "type": "string", - "description": "Static clusterIP or None for headless services", - "default": "" - }, - "annotations": { - "type": "object", - "description": "Annotations for PostgreSQL read only service", - "default": {} - }, - "loadBalancerIP": { - "type": "string", - "description": "Load balancer IP if service type is `LoadBalancer`", - "default": "" - }, - "externalTrafficPolicy": { - "type": "string", - "description": "Enable client source IP preservation", - "default": "Cluster" - }, - "loadBalancerSourceRanges": { - "type": "array", - "description": "Addresses that are allowed when service is LoadBalancer", - "default": [], - "items": {} - }, - "extraPorts": { - "type": "array", - "description": "Extra ports to expose in the PostgreSQL read only service", - "default": [], - "items": {} - }, - "sessionAffinity": { - "type": "string", - "description": "Session Affinity for Kubernetes service, can be \"None\" or \"ClientIP\"", - "default": "None" - }, - "sessionAffinityConfig": { - "type": "object", - "description": "Additional settings for the sessionAffinity", - "default": {} - }, - "headless": { - "type": "object", - "properties": { - "annotations": { - "type": "object", - "description": "Additional custom annotations for headless PostgreSQL read only service", - "default": {} - } - } - } - } - }, - "persistence": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable PostgreSQL read only data persistence using PVC", - "default": true - }, - "existingClaim": { - "type": "string", - "description": "Name of an existing PVC to use", - "default": "" - }, - "mountPath": { - "type": "string", - "description": "The path the volume will be mounted at", - "default": "/bitnami/postgresql" - }, - "subPath": { - "type": "string", - "description": "The subdirectory of the volume to mount to", - "default": "" - }, - "storageClass": { - "type": "string", - "description": "PVC Storage Class for PostgreSQL read only data volume", - "default": "" - }, - "accessModes": { - "type": "array", - "description": "PVC Access Mode for PostgreSQL volume", - "default": [ - "ReadWriteOnce" - ], - "items": { - "type": "string" - } - }, - "size": { - "type": "string", - "description": "PVC Storage Request for PostgreSQL volume", - "default": "8Gi" - }, - "annotations": { - "type": "object", - "description": "Annotations for the PVC", - "default": {} - }, - "labels": { - "type": "object", - "description": "Labels for the PVC", - "default": {} - }, - "selector": { - "type": "object", - "description": "Selector to match an existing Persistent Volume (this value is evaluated as a template)", - "default": {} - }, - "dataSource": { - "type": "object", - "description": "Custom PVC data source", - "default": {} - } - } - }, - "persistentVolumeClaimRetentionPolicy": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable Persistent volume retention policy for read only Statefulset", - "default": false - }, - "whenScaled": { - "type": "string", - "description": "Volume retention behavior when the replica count of the StatefulSet is reduced", - "default": "Retain" - }, - "whenDeleted": { - "type": "string", - "description": "Volume retention behavior that applies when the StatefulSet is deleted", - "default": "Retain" - } - } - } - } - }, - "backup": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable the logical dump of the database \"regularly\"", - "default": false - }, - "cronjob": { - "type": "object", - "properties": { - "schedule": { - "type": "string", - "description": "Set the cronjob parameter schedule", - "default": "@daily" - }, - "concurrencyPolicy": { - "type": "string", - "description": "Set the cronjob parameter concurrencyPolicy", - "default": "Allow" - }, - "failedJobsHistoryLimit": { - "type": "number", - "description": "Set the cronjob parameter failedJobsHistoryLimit", - "default": 1 - }, - "successfulJobsHistoryLimit": { - "type": "number", - "description": "Set the cronjob parameter successfulJobsHistoryLimit", - "default": 3 - }, - "startingDeadlineSeconds": { - "type": "string", - "description": "Set the cronjob parameter startingDeadlineSeconds", - "default": "" - }, - "ttlSecondsAfterFinished": { - "type": "string", - "description": "Set the cronjob parameter ttlSecondsAfterFinished", - "default": "" - }, - "restartPolicy": { - "type": "string", - "description": "Set the cronjob parameter restartPolicy", - "default": "OnFailure" - }, - "containerSecurityContext": { - "type": "object", - "properties": { - "runAsUser": { - "type": "number", - "description": "User ID for the backup container", - "default": 1001 - }, - "runAsGroup": { - "type": "number", - "description": "Group ID for the backup container", - "default": 0 - }, - "runAsNonRoot": { - "type": "boolean", - "description": "Set backup container's Security Context runAsNonRoot", - "default": true - }, - "readOnlyRootFilesystem": { - "type": "boolean", - "description": "Is the container itself readonly", - "default": true - }, - "allowPrivilegeEscalation": { - "type": "boolean", - "description": "Is it possible to escalate backup pod(s) privileges", - "default": false - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Set backup container's Security Context seccompProfile type", - "default": "RuntimeDefault" - } - } - }, - "capabilities": { - "type": "object", - "properties": { - "drop": { - "type": "array", - "description": "Set backup container's Security Context capabilities to drop", - "default": [ - "ALL" - ], - "items": { - "type": "string" - } - } - } - } - } - }, - "command": { - "type": "array", - "description": "Set backup container's command to run", - "default": [ - "/bin/sh", - "-c", - "pg_dumpall --clean --if-exists --load-via-partition-root --quote-all-identifiers --no-password --file=${PGDUMP_DIR}/pg_dumpall-$(date '+%Y-%m-%d-%H-%M').pgdump" - ], - "items": { - "type": "string" - } - }, - "labels": { - "type": "object", - "description": "Set the cronjob labels", - "default": {} - }, - "annotations": { - "type": "object", - "description": "Set the cronjob annotations", - "default": {} - }, - "storage": { - "type": "object", - "properties": { - "existingClaim": { - "type": "string", - "description": "Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`)", - "default": "" - }, - "resourcePolicy": { - "type": "string", - "description": "Setting it to \"keep\" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted", - "default": "" - }, - "storageClass": { - "type": "string", - "description": "PVC Storage Class for the backup data volume", - "default": "" - }, - "accessModes": { - "type": "array", - "description": "PV Access Mode", - "default": [ - "ReadWriteOnce" - ], - "items": { - "type": "string" - } - }, - "size": { - "type": "string", - "description": "PVC Storage Request for the backup data volume", - "default": "8Gi" - }, - "annotations": { - "type": "object", - "description": "PVC annotations", - "default": {} - }, - "mountPath": { - "type": "string", - "description": "Path to mount the volume at ", - "default": "/backup/pgdump" - }, - "subPath": { - "type": "string", - "description": "Subdirectory of the volume to mount at", - "default": "" - }, - "volumeClaimTemplates": { - "type": "object", - "properties": { - "selector": { - "type": "object", - "description": "A label query over volumes to consider for binding (e.g. when using local volumes)", - "default": {} - } - } - } - } - } - } - } - } - }, - "networkPolicy": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable network policies", - "default": false - }, - "metrics": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable network policies for metrics (prometheus)", - "default": false - } - } - }, - "ingressRules": { - "type": "object", - "properties": { - "primaryAccessOnlyFrom": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable ingress rule that makes PostgreSQL primary node only accessible from a particular origin.", - "default": false - }, - "customRules": { - "type": "array", - "description": "Custom network policy for the PostgreSQL primary node.", - "default": [], - "items": {} - } - } - }, - "readReplicasAccessOnlyFrom": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable ingress rule that makes PostgreSQL read-only nodes only accessible from a particular origin.", - "default": false - }, - "customRules": { - "type": "array", - "description": "Custom network policy for the PostgreSQL read-only nodes.", - "default": [], - "items": {} - } - } - } - } - }, - "egressRules": { - "type": "object", - "properties": { - "denyConnectionsToExternal": { - "type": "boolean", - "description": "Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53).", - "default": false - }, - "customRules": { - "type": "array", - "description": "Custom network policy rule", - "default": [], - "items": {} - } - } - } - } - }, - "volumePermissions": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable init container that changes the owner and group of the persistent volume", - "default": false - }, - "image": { - "type": "object", - "properties": { - "registry": { - "type": "string", - "description": "Init container volume-permissions image registry", - "default": "docker.io" - }, - "repository": { - "type": "string", - "description": "Init container volume-permissions image repository", - "default": "bitnami/os-shell" - }, - "tag": { - "type": "string", - "description": "Init container volume-permissions image tag (immutable tags are recommended)", - "default": "11-debian-11-r43" - }, - "digest": { - "type": "string", - "description": "Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", - "default": "" - }, - "pullPolicy": { - "type": "string", - "description": "Init container volume-permissions image pull policy", - "default": "IfNotPresent" - }, - "pullSecrets": { - "type": "array", - "description": "Init container volume-permissions image pull secrets", - "default": [], - "items": {} - } - } - }, - "resources": { - "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "Init container volume-permissions resource limits", - "default": {} - }, - "requests": { - "type": "object", - "description": "Init container volume-permissions resource requests", - "default": {} - } - } - }, - "containerSecurityContext": { - "type": "object", - "properties": { - "runAsUser": { - "type": "number", - "description": "User ID for the init container", - "default": 0 - }, - "runAsGroup": { - "type": "number", - "description": "Group ID for the init container", - "default": 0 - }, - "runAsNonRoot": { - "type": "boolean", - "description": "runAsNonRoot for the init container", - "default": false - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "seccompProfile.type for the init container", - "default": "RuntimeDefault" - } - } - } - } - } - } - }, - "serviceBindings": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Create secret for service binding (Experimental)", - "default": false - } - } - }, - "serviceAccount": { - "type": "object", - "properties": { - "create": { - "type": "boolean", - "description": "Enable creation of ServiceAccount for PostgreSQL pod", - "default": false - }, - "name": { - "type": "string", - "description": "The name of the ServiceAccount to use.", - "default": "" - }, - "automountServiceAccountToken": { - "type": "boolean", - "description": "Allows auto mount of ServiceAccountToken on the serviceAccount created", - "default": true - }, - "annotations": { - "type": "object", - "description": "Additional custom annotations for the ServiceAccount", - "default": {} - } - } - }, - "rbac": { - "type": "object", - "properties": { - "create": { - "type": "boolean", - "description": "Create Role and RoleBinding (required for PSP to work)", - "default": false - }, - "rules": { - "type": "array", - "description": "Custom RBAC rules to set", - "default": [], - "items": {} - } - } - }, - "psp": { - "type": "object", - "properties": { - "create": { - "type": "boolean", - "description": "Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later", - "default": false - } - } - }, - "metrics": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Start a prometheus exporter", - "default": false - }, - "image": { - "type": "object", - "properties": { - "registry": { - "type": "string", - "description": "PostgreSQL Prometheus Exporter image registry", - "default": "docker.io" - }, - "repository": { - "type": "string", - "description": "PostgreSQL Prometheus Exporter image repository", - "default": "bitnami/postgres-exporter" - }, - "tag": { - "type": "string", - "description": "PostgreSQL Prometheus Exporter image tag (immutable tags are recommended)", - "default": "0.13.2-debian-11-r25" - }, - "digest": { - "type": "string", - "description": "PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", - "default": "" - }, - "pullPolicy": { - "type": "string", - "description": "PostgreSQL Prometheus Exporter image pull policy", - "default": "IfNotPresent" - }, - "pullSecrets": { - "type": "array", - "description": "Specify image pull secrets", - "default": [], - "items": {} - } - } - }, - "customMetrics": { - "type": "object", - "description": "Define additional custom metrics", - "default": {} - }, - "extraEnvVars": { - "type": "array", - "description": "Extra environment variables to add to PostgreSQL Prometheus exporter", - "default": [], - "items": {} - }, - "containerSecurityContext": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable PostgreSQL Prometheus exporter containers' Security Context", - "default": true - }, - "runAsUser": { - "type": "number", - "description": "Set PostgreSQL Prometheus exporter containers' Security Context runAsUser", - "default": 1001 - }, - "runAsGroup": { - "type": "number", - "description": "Set PostgreSQL Prometheus exporter containers' Security Context runAsGroup", - "default": 0 - }, - "runAsNonRoot": { - "type": "boolean", - "description": "Set PostgreSQL Prometheus exporter containers' Security Context runAsNonRoot", - "default": true - }, - "allowPrivilegeEscalation": { - "type": "boolean", - "description": "Set PostgreSQL Prometheus exporter containers' Security Context allowPrivilegeEscalation", - "default": false - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Set PostgreSQL Prometheus exporter containers' Security Context seccompProfile.type", - "default": "RuntimeDefault" - } - } - }, - "capabilities": { - "type": "object", - "properties": { - "drop": { - "type": "array", - "description": "Set PostgreSQL Prometheus exporter containers' Security Context capabilities.drop", - "default": [ - "ALL" - ], - "items": { - "type": "string" - } - } - } - } - } - }, - "livenessProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable livenessProbe on PostgreSQL Prometheus exporter containers", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for livenessProbe", - "default": 5 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for livenessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for livenessProbe", - "default": 5 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for livenessProbe", - "default": 6 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for livenessProbe", - "default": 1 - } - } - }, - "readinessProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable readinessProbe on PostgreSQL Prometheus exporter containers", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for readinessProbe", - "default": 5 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for readinessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for readinessProbe", - "default": 5 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for readinessProbe", - "default": 6 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for readinessProbe", - "default": 1 - } - } - }, - "startupProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable startupProbe on PostgreSQL Prometheus exporter containers", - "default": false - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for startupProbe", - "default": 10 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for startupProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for startupProbe", - "default": 1 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for startupProbe", - "default": 15 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for startupProbe", - "default": 1 - } - } - }, - "customLivenessProbe": { - "type": "object", - "description": "Custom livenessProbe that overrides the default one", - "default": {} - }, - "customReadinessProbe": { - "type": "object", - "description": "Custom readinessProbe that overrides the default one", - "default": {} - }, - "customStartupProbe": { - "type": "object", - "description": "Custom startupProbe that overrides the default one", - "default": {} - }, - "containerPorts": { - "type": "object", - "properties": { - "metrics": { - "type": "number", - "description": "PostgreSQL Prometheus exporter metrics container port", - "default": 9187 - } - } - }, - "resources": { - "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the PostgreSQL Prometheus exporter container", - "default": {} - }, - "requests": { - "type": "object", - "description": "The requested resources for the PostgreSQL Prometheus exporter container", - "default": {} - } - } - }, - "service": { - "type": "object", - "properties": { - "ports": { - "type": "object", - "properties": { - "metrics": { - "type": "number", - "description": "PostgreSQL Prometheus Exporter service port", - "default": 9187 - } - } - }, - "clusterIP": { - "type": "string", - "description": "Static clusterIP or None for headless services", - "default": "" - }, - "sessionAffinity": { - "type": "string", - "description": "Control where client requests go, to the same pod or round-robin", - "default": "None" - }, - "annotations": { - "type": "object", - "properties": { - "prometheus": { - "type": "object", - "properties": { - "io/scrape": { - "type": "string", - "description": "", - "default": "true" - }, - "io/port": { - "type": "string", - "description": "", - "default": "{{ .Values.metrics.service.ports.metrics }}" - } - } - } - } - } - } - }, - "serviceMonitor": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Create ServiceMonitor Resource for scraping metrics using Prometheus Operator", - "default": false - }, - "namespace": { - "type": "string", - "description": "Namespace for the ServiceMonitor Resource (defaults to the Release Namespace)", - "default": "" - }, - "interval": { - "type": "string", - "description": "Interval at which metrics should be scraped.", - "default": "" - }, - "scrapeTimeout": { - "type": "string", - "description": "Timeout after which the scrape is ended", - "default": "" - }, - "labels": { - "type": "object", - "description": "Additional labels that can be used so ServiceMonitor will be discovered by Prometheus", - "default": {} - }, - "selector": { - "type": "object", - "description": "Prometheus instance selector labels", - "default": {} - }, - "relabelings": { - "type": "array", - "description": "RelabelConfigs to apply to samples before scraping", - "default": [], - "items": {} - }, - "metricRelabelings": { - "type": "array", - "description": "MetricRelabelConfigs to apply to samples before ingestion", - "default": [], - "items": {} - }, - "honorLabels": { - "type": "boolean", - "description": "Specify honorLabels parameter to add the scrape endpoint", - "default": false - }, - "jobLabel": { - "type": "string", - "description": "The name of the label on the target service to use as the job name in prometheus.", - "default": "" - } - } - }, - "prometheusRule": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Create a PrometheusRule for Prometheus Operator", - "default": false - }, - "namespace": { - "type": "string", - "description": "Namespace for the PrometheusRule Resource (defaults to the Release Namespace)", - "default": "" - }, - "labels": { - "type": "object", - "description": "Additional labels that can be used so PrometheusRule will be discovered by Prometheus", - "default": {} - }, - "rules": { - "type": "array", - "description": "PrometheusRule definitions", - "default": [], - "items": {} - } - } - } - } + "type": "integer", + "title": "read Replicas", + "form": true, + "hidden": { + "value": "standalone", + "path": "architecture" + } } + } + }, + "volumePermissions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "form": true, + "title": "Enable Init Containers", + "description": "Change the owner of the persist volume mountpoint to RunAsUser:fsGroup" + } + } + }, + "metrics": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "title": "Configure metrics exporter", + "form": true + } + } } -} \ No newline at end of file + } +} diff --git a/charts/bitnami/postgresql/values.yaml b/charts/bitnami/postgresql/values.yaml index 020834475..3c7e9b704 100644 --- a/charts/bitnami/postgresql/values.yaml +++ b/charts/bitnami/postgresql/values.yaml @@ -98,7 +98,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/postgresql - tag: 15.4.0-debian-11-r10 + tag: 15.4.0-debian-11-r39 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1129,6 +1129,10 @@ backup: labels: {} ## @param backup.cronjob.annotations Set the cronjob annotations annotations: {} + ## @param backup.cronjob.nodeSelector Node labels for PostgreSQL backup CronJob pod assignment + ## ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} storage: ## @param backup.cronjob.storage.existingClaim Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`) ## If defined, PVC must be created manually before volume will be bound @@ -1286,7 +1290,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 11-debian-11-r43 + tag: 11-debian-11-r72 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -1387,7 +1391,7 @@ metrics: image: registry: docker.io repository: bitnami/postgres-exporter - tag: 0.13.2-debian-11-r25 + tag: 0.14.0-debian-11-r0 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/bitnami/wordpress/Chart.lock b/charts/bitnami/wordpress/Chart.lock index 2e9297d86..ca9294aab 100644 --- a/charts/bitnami/wordpress/Chart.lock +++ b/charts/bitnami/wordpress/Chart.lock @@ -7,6 +7,6 @@ dependencies: version: 13.1.3 - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.11.0 -digest: sha256:ff0afc3f2e4eeae2e6aaad5cded81bbfd65a82b8c4b3cef4b6b5e370956f0ab4 -generated: "2023-09-15T01:58:58.949665927Z" + version: 2.11.1 +digest: sha256:e79bf475c8f60746fc1c2051b9f02ac05609544ef559f063fb188450b45713e2 +generated: "2023-09-20T07:04:27.359744247Z" diff --git a/charts/bitnami/wordpress/Chart.yaml b/charts/bitnami/wordpress/Chart.yaml index 978caf553..861519812 100644 --- a/charts/bitnami/wordpress/Chart.yaml +++ b/charts/bitnami/wordpress/Chart.yaml @@ -6,11 +6,11 @@ annotations: category: CMS images: | - name: apache-exporter - image: docker.io/bitnami/apache-exporter:1.0.1-debian-11-r44 + image: docker.io/bitnami/apache-exporter:1.0.1-debian-11-r50 - name: os-shell - image: docker.io/bitnami/os-shell:11-debian-11-r66 + image: docker.io/bitnami/os-shell:11-debian-11-r72 - name: wordpress - image: docker.io/bitnami/wordpress:6.3.1-debian-11-r14 + image: docker.io/bitnami/wordpress:6.3.1-debian-11-r19 licenses: Apache-2.0 apiVersion: v2 appVersion: 6.3.1 @@ -47,4 +47,4 @@ maintainers: name: wordpress sources: - https://github.com/bitnami/charts/tree/main/bitnami/wordpress -version: 17.1.8 +version: 17.1.9 diff --git a/charts/bitnami/wordpress/README.md b/charts/bitnami/wordpress/README.md index 4307de97b..e8848367b 100644 --- a/charts/bitnami/wordpress/README.md +++ b/charts/bitnami/wordpress/README.md @@ -82,7 +82,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | | `image.registry` | WordPress image registry | `docker.io` | | `image.repository` | WordPress image repository | `bitnami/wordpress` | -| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.3.1-debian-11-r14` | +| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.3.1-debian-11-r19` | | `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` | | `image.pullSecrets` | WordPress image pull secrets | `[]` | @@ -249,7 +249,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | | `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | | `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r66` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r72` | | `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | @@ -281,7 +281,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` | | `metrics.image.registry` | Apache exporter image registry | `docker.io` | | `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.1-debian-11-r44` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.1-debian-11-r50` | | `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Apache exporter image pull secrets | `[]` | @@ -444,7 +444,7 @@ externalCache.port=11211 ### Ingress -This chart provides support for Ingress resources. If an Ingress controller, such as nginx-ingress or traefik, that Ingress controller can be used to serve WordPress. +This chart provides support for Ingress resources. If you have an ingress controller installed on your cluster, such as [nginx-ingress-controller](https://github.com/bitnami/charts/tree/main/bitnami/nginx-ingress-controller) or [contour](https://github.com/bitnami/charts/tree/main/bitnami/contour) you can utilize the ingress controller to serve your application. To enable Ingress integration, set `ingress.enabled` to `true`. The `ingress.hostname` property can be used to set the host name. The `ingress.tls` parameter can be used to add the TLS configuration for this host. It is also possible to have more than one host, with a separate TLS configuration for each host. [Learn more about configuring and using Ingress](https://docs.bitnami.com/kubernetes/apps/wordpress/configuration/configure-ingress/). diff --git a/charts/bitnami/wordpress/charts/common/Chart.yaml b/charts/bitnami/wordpress/charts/common/Chart.yaml index f62cb205e..3be88e6aa 100644 --- a/charts/bitnami/wordpress/charts/common/Chart.yaml +++ b/charts/bitnami/wordpress/charts/common/Chart.yaml @@ -2,7 +2,7 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 2.11.0 +appVersion: 2.11.1 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. home: https://bitnami.com @@ -20,4 +20,4 @@ name: common sources: - https://github.com/bitnami/charts type: library -version: 2.11.0 +version: 2.11.1 diff --git a/charts/bitnami/wordpress/charts/common/templates/_labels.tpl b/charts/bitnami/wordpress/charts/common/templates/_labels.tpl index a0534f7f9..a3cdc2bfd 100644 --- a/charts/bitnami/wordpress/charts/common/templates/_labels.tpl +++ b/charts/bitnami/wordpress/charts/common/templates/_labels.tpl @@ -11,12 +11,13 @@ Kubernetes standard labels */}} {{- define "common.labels.standard" -}} {{- if and (hasKey . "customLabels") (hasKey . "context") -}} -{{ merge (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) (dict "app.kubernetes.io/name" (include "common.names.name" .context) "helm.sh/chart" (include "common.names.chart" .context) "app.kubernetes.io/instance" .context.Release.Name "app.kubernetes.io/managed-by" .context.Release.Service) | toYaml }} +{{ merge (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) (dict "app.kubernetes.io/name" (include "common.names.name" .context) "helm.sh/chart" (include "common.names.chart" .context) "app.kubernetes.io/instance" .context.Release.Name "app.kubernetes.io/managed-by" .context.Release.Service "app.kubernetes.io/version" .context.Chart.AppVersion) | toYaml }} {{- else -}} app.kubernetes.io/name: {{ include "common.names.name" . }} helm.sh/chart: {{ include "common.names.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end -}} {{- end -}} diff --git a/charts/bitnami/wordpress/values.schema.json b/charts/bitnami/wordpress/values.schema.json index 0a2902f2d..0e2466a97 100644 --- a/charts/bitnami/wordpress/values.schema.json +++ b/charts/bitnami/wordpress/values.schema.json @@ -1,1669 +1,212 @@ { - "title": "Chart Values", - "type": "object", - "properties": { - "global": { - "type": "object", - "properties": { - "imageRegistry": { - "type": "string", - "description": "Global Docker image registry", - "default": "" - }, - "imagePullSecrets": { - "type": "array", - "description": "Global Docker registry secret names as an array", - "default": [], - "items": {} - }, - "storageClass": { - "type": "string", - "description": "Global StorageClass for Persistent Volume(s)", - "default": "" - } - } - }, - "kubeVersion": { - "type": "string", - "description": "Override Kubernetes version", - "default": "" - }, - "nameOverride": { - "type": "string", - "description": "String to partially override common.names.fullname template (will maintain the release name)", - "default": "" - }, - "fullnameOverride": { - "type": "string", - "description": "String to fully override common.names.fullname template", - "default": "" - }, - "commonLabels": { - "type": "object", - "description": "Labels to add to all deployed resources", - "default": {} - }, - "commonAnnotations": { - "type": "object", - "description": "Annotations to add to all deployed resources", - "default": {} - }, - "clusterDomain": { - "type": "string", - "description": "Kubernetes Cluster Domain", - "default": "cluster.local" - }, - "extraDeploy": { - "type": "array", - "description": "Array of extra objects to deploy with the release", - "default": [], - "items": {} - }, - "diagnosticMode": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable diagnostic mode (all probes will be disabled and the command will be overridden)", - "default": false - }, - "command": { - "type": "array", - "description": "Command to override all containers in the deployment", - "default": [ - "sleep" - ], - "items": { - "type": "string" - } - }, - "args": { - "type": "array", - "description": "Args to override all containers in the deployment", - "default": [ - "infinity" - ], - "items": { - "type": "string" - } - } - } - }, - "image": { - "type": "object", - "properties": { - "registry": { - "type": "string", - "description": "WordPress image registry", - "default": "docker.io" - }, - "repository": { - "type": "string", - "description": "WordPress image repository", - "default": "bitnami/wordpress" - }, - "tag": { - "type": "string", - "description": "WordPress image tag (immutable tags are recommended)", - "default": "6.3.1-debian-11-r2" - }, - "digest": { - "type": "string", - "description": "WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", - "default": "" - }, - "pullPolicy": { - "type": "string", - "description": "WordPress image pull policy", - "default": "IfNotPresent" - }, - "pullSecrets": { - "type": "array", - "description": "WordPress image pull secrets", - "default": [], - "items": {} - }, - "debug": { - "type": "boolean", - "description": "Specify if debug values should be set", - "default": false - } - } - }, - "wordpressUsername": { - "type": "string", - "description": "WordPress username", - "default": "user" - }, - "wordpressPassword": { - "type": "string", - "description": "WordPress user password", - "default": "" - }, - "existingSecret": { - "type": "string", - "description": "Name of existing secret containing WordPress credentials", - "default": "" - }, - "wordpressEmail": { - "type": "string", - "description": "WordPress user email", - "default": "user@example.com" - }, - "wordpressFirstName": { - "type": "string", - "description": "WordPress user first name", - "default": "FirstName" - }, - "wordpressLastName": { - "type": "string", - "description": "WordPress user last name", - "default": "LastName" - }, - "wordpressBlogName": { - "type": "string", - "description": "Blog name", - "default": "User's Blog!" - }, - "wordpressTablePrefix": { - "type": "string", - "description": "Prefix to use for WordPress database tables", - "default": "wp_" - }, - "wordpressScheme": { - "type": "string", - "description": "Scheme to use to generate WordPress URLs", - "default": "http" - }, - "wordpressSkipInstall": { - "type": "boolean", - "description": "Skip wizard installation", - "default": false - }, - "wordpressExtraConfigContent": { - "type": "string", - "description": "Add extra content to the default wp-config.php file", - "default": "" - }, - "wordpressConfiguration": { - "type": "string", - "description": "The content for your custom wp-config.php file (advanced feature)", - "default": "" - }, - "existingWordPressConfigurationSecret": { - "type": "string", - "description": "The name of an existing secret with your custom wp-config.php file (advanced feature)", - "default": "" - }, - "wordpressConfigureCache": { - "type": "boolean", - "description": "Enable W3 Total Cache plugin and configure cache settings", - "default": false - }, - "wordpressPlugins": { - "type": "string", - "description": "Array of plugins to install and activate. Can be specified as `all` or `none`.", - "default": "none" - }, - "apacheConfiguration": { - "type": "string", - "description": "The content for your custom httpd.conf file (advanced feature)", - "default": "" - }, - "existingApacheConfigurationConfigMap": { - "type": "string", - "description": "The name of an existing secret with your custom httpd.conf file (advanced feature)", - "default": "" - }, - "customPostInitScripts": { - "type": "object", - "description": "Custom post-init.d user scripts", - "default": {} - }, - "smtpHost": { - "type": "string", - "description": "SMTP server host", - "default": "" - }, - "smtpPort": { - "type": "string", - "description": "SMTP server port", - "default": "" - }, - "smtpUser": { - "type": "string", - "description": "SMTP username", - "default": "" - }, - "smtpPassword": { - "type": "string", - "description": "SMTP user password", - "default": "" - }, - "smtpProtocol": { - "type": "string", - "description": "SMTP protocol", - "default": "" - }, - "smtpExistingSecret": { - "type": "string", - "description": "The name of an existing secret with SMTP credentials", - "default": "" - }, - "allowEmptyPassword": { - "type": "boolean", - "description": "Allow the container to be started with blank passwords", - "default": true - }, - "allowOverrideNone": { - "type": "boolean", - "description": "Configure Apache to prohibit overriding directives with htaccess files", - "default": false - }, - "overrideDatabaseSettings": { - "type": "boolean", - "description": "Allow overriding the database settings persisted in wp-config.php", - "default": false - }, - "htaccessPersistenceEnabled": { - "type": "boolean", - "description": "Persist custom changes on htaccess files", - "default": false - }, - "customHTAccessCM": { - "type": "string", - "description": "The name of an existing ConfigMap with custom htaccess rules", - "default": "" - }, - "command": { - "type": "array", - "description": "Override default container command (useful when using custom images)", - "default": [], - "items": {} - }, - "args": { - "type": "array", - "description": "Override default container args (useful when using custom images)", - "default": [], - "items": {} - }, - "extraEnvVars": { - "type": "array", - "description": "Array with extra environment variables to add to the WordPress container", - "default": [], - "items": {} - }, - "extraEnvVarsCM": { - "type": "string", - "description": "Name of existing ConfigMap containing extra env vars", - "default": "" - }, - "extraEnvVarsSecret": { - "type": "string", - "description": "Name of existing Secret containing extra env vars", - "default": "" - }, - "multisite": { - "type": "object", - "properties": { - "enable": { - "type": "boolean", - "description": "Whether to enable WordPress Multisite configuration.", - "default": false - }, - "host": { - "type": "string", - "description": "WordPress Multisite hostname/address. This value is mandatory when enabling Multisite mode.", - "default": "" - }, - "networkType": { - "type": "string", - "description": "WordPress Multisite network type to enable. Allowed values: `subfolder`, `subdirectory` or `subdomain`.", - "default": "subdomain" - }, - "enableNipIoRedirect": { - "type": "boolean", - "description": "Whether to enable IP address redirection to nip.io wildcard DNS. Useful when running on an IP address with subdomain network type.", - "default": false - } - } - }, - "replicaCount": { - "type": "number", - "description": "Number of WordPress replicas to deploy", - "default": 1 - }, - "updateStrategy": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "WordPress deployment strategy type", - "default": "RollingUpdate" - } - } - }, - "schedulerName": { - "type": "string", - "description": "Alternate scheduler", - "default": "" - }, - "terminationGracePeriodSeconds": { - "type": "string", - "description": "In seconds, time given to the WordPress pod to terminate gracefully", - "default": "" - }, - "topologySpreadConstraints": { - "type": "array", - "description": "Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template", - "default": [], - "items": {} - }, - "priorityClassName": { - "type": "string", - "description": "Name of the existing priority class to be used by WordPress pods, priority class needs to be created beforehand", - "default": "" - }, - "hostAliases": { - "type": "array", - "description": "", - "items": { - "type": "object", - "properties": { - "ip": { - "type": "string", - "description": "" - }, - "hostnames": { - "type": "array", - "description": "", - "items": { - "type": "string" - } - } - } - } - }, - "extraVolumes": { - "type": "array", - "description": "Optionally specify extra list of additional volumes for WordPress pods", - "default": [], - "items": {} - }, - "extraVolumeMounts": { - "type": "array", - "description": "Optionally specify extra list of additional volumeMounts for WordPress container(s)", - "default": [], - "items": {} - }, - "sidecars": { - "type": "array", - "description": "Add additional sidecar containers to the WordPress pod", - "default": [], - "items": {} - }, - "initContainers": { - "type": "array", - "description": "Add additional init containers to the WordPress pods", - "default": [], - "items": {} - }, - "podLabels": { - "type": "object", - "description": "Extra labels for WordPress pods", - "default": {} - }, - "podAnnotations": { - "type": "object", - "description": "Annotations for WordPress pods", - "default": {} - }, - "podAffinityPreset": { - "type": "string", - "description": "Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`", - "default": "" - }, - "podAntiAffinityPreset": { - "type": "string", - "description": "Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`", - "default": "soft" - }, - "nodeAffinityPreset": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`", - "default": "" - }, - "key": { - "type": "string", - "description": "Node label key to match. Ignored if `affinity` is set", - "default": "" - }, - "values": { - "type": "array", - "description": "Node label values to match. Ignored if `affinity` is set", - "default": [], - "items": {} - } - } - }, - "affinity": { - "type": "object", - "description": "Affinity for pod assignment", - "default": {} - }, - "nodeSelector": { - "type": "object", - "description": "Node labels for pod assignment", - "default": {} - }, - "tolerations": { - "type": "array", - "description": "Tolerations for pod assignment", - "default": [], - "items": {} - }, - "resources": { - "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the WordPress containers", - "default": {} - }, - "requests": { - "type": "object", - "properties": { - "memory": { - "type": "string", - "description": "The requested memory for the WordPress containers", - "default": "512Mi" - }, - "cpu": { - "type": "string", - "description": "The requested cpu for the WordPress containers", - "default": "300m" - } - } - } - } - }, - "containerPorts": { - "type": "object", - "properties": { - "http": { - "type": "number", - "description": "WordPress HTTP container port", - "default": 8080 - }, - "https": { - "type": "number", - "description": "WordPress HTTPS container port", - "default": 8443 - } - } - }, - "extraContainerPorts": { - "type": "array", - "description": "Optionally specify extra list of additional ports for WordPress container(s)", - "default": [], - "items": {} - }, - "podSecurityContext": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enabled WordPress pods' Security Context", - "default": true - }, - "fsGroup": { - "type": "number", - "description": "Set WordPress pod's Security Context fsGroup", - "default": 1001 - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Set WordPress container's Security Context seccomp profile", - "default": "RuntimeDefault" - } - } - } - } - }, - "containerSecurityContext": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enabled WordPress containers' Security Context", - "default": true - }, - "runAsUser": { - "type": "number", - "description": "Set WordPress container's Security Context runAsUser", - "default": 1001 - }, - "runAsNonRoot": { - "type": "boolean", - "description": "Set WordPress container's Security Context runAsNonRoot", - "default": true - }, - "allowPrivilegeEscalation": { - "type": "boolean", - "description": "Set WordPress container's privilege escalation", - "default": false - }, - "readOnlyRootFilesystem": { - "type": "boolean", - "description": "Set WordPress container's Security Context readOnlyRootFilesystem", - "default": false - }, - "capabilities": { - "type": "object", - "properties": { - "drop": { - "type": "array", - "description": "Set WordPress container's Security Context runAsNonRoot", - "default": [ - "ALL" - ], - "items": { - "type": "string" - } - } - } - } - } - }, - "livenessProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable livenessProbe on WordPress containers", - "default": true - }, - "httpGet": { - "type": "object", - "properties": { - "path": { - "type": "string", - "description": "", - "default": "/wp-admin/install.php" - }, - "port": { - "type": "string", - "description": "", - "default": "{{ .Values.wordpressScheme }}" - }, - "scheme": { - "type": "string", - "description": "", - "default": "{{ .Values.wordpressScheme | upper }}" - }, - "httpHeaders": { - "type": "array", - "description": "", - "default": [], - "items": {} - } - } - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for livenessProbe", - "default": 120 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for livenessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for livenessProbe", - "default": 5 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for livenessProbe", - "default": 6 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for livenessProbe", - "default": 1 - } - } - }, - "readinessProbe": { - "type": "object", - "properties": { - "httpGet": { - "type": "object", - "properties": { - "path": { - "type": "string", - "description": "", - "default": "/wp-login.php" - }, - "port": { - "type": "string", - "description": "", - "default": "{{ .Values.wordpressScheme }}" - }, - "scheme": { - "type": "string", - "description": "", - "default": "{{ .Values.wordpressScheme | upper }}" - }, - "httpHeaders": { - "type": "array", - "description": "", - "default": [], - "items": {} - } - } - }, - "enabled": { - "type": "boolean", - "description": "Enable readinessProbe on WordPress containers", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for readinessProbe", - "default": 30 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for readinessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for readinessProbe", - "default": 5 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for readinessProbe", - "default": 6 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for readinessProbe", - "default": 1 - } - } - }, - "startupProbe": { - "type": "object", - "properties": { - "httpGet": { - "type": "object", - "properties": { - "path": { - "type": "string", - "description": "", - "default": "/wp-login.php" - }, - "port": { - "type": "string", - "description": "", - "default": "{{ .Values.wordpressScheme }}" - }, - "scheme": { - "type": "string", - "description": "", - "default": "{{ .Values.wordpressScheme | upper }}" - }, - "httpHeaders": { - "type": "array", - "description": "", - "default": [], - "items": {} - } - } - }, - "enabled": { - "type": "boolean", - "description": "Enable startupProbe on WordPress containers", - "default": false - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for startupProbe", - "default": 30 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for startupProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for startupProbe", - "default": 5 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for startupProbe", - "default": 6 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for startupProbe", - "default": 1 - } - } - }, - "customLivenessProbe": { - "type": "object", - "description": "Custom livenessProbe that overrides the default one", - "default": {} - }, - "customReadinessProbe": { - "type": "object", - "description": "Custom readinessProbe that overrides the default one", - "default": {} - }, - "customStartupProbe": { - "type": "object", - "description": "Custom startupProbe that overrides the default one", - "default": {} - }, - "lifecycleHooks": { - "type": "object", - "description": "for the WordPress container(s) to automate configuration before or after startup", - "default": {} - }, - "service": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "WordPress service type", - "default": "LoadBalancer" - }, - "ports": { - "type": "object", - "properties": { - "http": { - "type": "number", - "description": "WordPress service HTTP port", - "default": 80 - }, - "https": { - "type": "number", - "description": "WordPress service HTTPS port", - "default": 443 - } - } - }, - "httpsTargetPort": { - "type": "string", - "description": "Target port for HTTPS", - "default": "https" - }, - "nodePorts": { - "type": "object", - "properties": { - "http": { - "type": "string", - "description": "Node port for HTTP", - "default": "" - }, - "https": { - "type": "string", - "description": "Node port for HTTPS", - "default": "" - } - } - }, - "sessionAffinity": { - "type": "string", - "description": "Control where client requests go, to the same pod or round-robin", - "default": "None" - }, - "sessionAffinityConfig": { - "type": "object", - "description": "Additional settings for the sessionAffinity", - "default": {} - }, - "clusterIP": { - "type": "string", - "description": "WordPress service Cluster IP", - "default": "" - }, - "loadBalancerIP": { - "type": "string", - "description": "WordPress service Load Balancer IP", - "default": "" - }, - "loadBalancerSourceRanges": { - "type": "array", - "description": "WordPress service Load Balancer sources", - "default": [], - "items": {} - }, - "externalTrafficPolicy": { - "type": "string", - "description": "WordPress service external traffic policy", - "default": "Cluster" - }, - "annotations": { - "type": "object", - "description": "Additional custom annotations for WordPress service", - "default": {} - }, - "extraPorts": { - "type": "array", - "description": "Extra port to expose on WordPress service", - "default": [], - "items": {} - } - } - }, - "ingress": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable ingress record generation for WordPress", - "default": false - }, - "pathType": { - "type": "string", - "description": "Ingress path type", - "default": "ImplementationSpecific" - }, - "apiVersion": { - "type": "string", - "description": "Force Ingress API version (automatically detected if not set)", - "default": "" - }, - "ingressClassName": { - "type": "string", - "description": "IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)", - "default": "" - }, - "hostname": { - "type": "string", - "description": "Default host for the ingress record. The hostname is templated and thus can contain other variable references.", - "default": "wordpress.local" - }, - "path": { - "type": "string", - "description": "Default path for the ingress record", - "default": "/" - }, - "annotations": { - "type": "object", - "description": "Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.", - "default": {} - }, - "tls": { - "type": "boolean", - "description": "Enable TLS configuration for the host defined at `ingress.hostname` parameter", - "default": false - }, - "tlsWwwPrefix": { - "type": "boolean", - "description": "Adds www subdomain to default cert", - "default": false - }, - "selfSigned": { - "type": "boolean", - "description": "Create a TLS secret for this ingress record using self-signed certificates generated by Helm", - "default": false - }, - "extraHosts": { - "type": "array", - "description": "An array with additional hostname(s) to be covered with the ingress record. The host names are templated and thus can contain other variable references.", - "default": [], - "items": {} - }, - "extraPaths": { - "type": "array", - "description": "An array with additional arbitrary paths that may need to be added to the ingress under the main host", - "default": [], - "items": {} - }, - "extraTls": { - "type": "array", - "description": "TLS configuration for additional hostname(s) to be covered with this ingress record", - "default": [], - "items": {} - }, - "secrets": { - "type": "array", - "description": "Custom TLS certificates as secrets", - "default": [], - "items": {} - }, - "extraRules": { - "type": "array", - "description": "Additional rules to be covered with this ingress record", - "default": [], - "items": {} - } - } - }, - "persistence": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable persistence using Persistent Volume Claims", - "default": true - }, - "storageClass": { - "type": "string", - "description": "Persistent Volume storage class", - "default": "" - }, - "accessModes": { - "type": "array", - "description": "Persistent Volume access modes", - "default": [ - "ReadWriteOnce" - ], - "items": { - "type": "string" - } - }, - "accessMode": { - "type": "string", - "description": "Persistent Volume access mode (DEPRECATED: use `persistence.accessModes` instead)", - "default": "ReadWriteOnce" - }, - "size": { - "type": "string", - "description": "Persistent Volume size", - "default": "10Gi" - }, - "dataSource": { - "type": "object", - "description": "Custom PVC data source", - "default": {} - }, - "existingClaim": { - "type": "string", - "description": "The name of an existing PVC to use for persistence", - "default": "" - }, - "selector": { - "type": "object", - "description": "Selector to match an existing Persistent Volume for WordPress data PVC", - "default": {} - }, - "annotations": { - "type": "object", - "description": "Persistent Volume Claim annotations", - "default": {} - } - } - }, - "volumePermissions": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup`", - "default": false - }, - "image": { - "type": "object", - "properties": { - "registry": { - "type": "string", - "description": "OS Shell + Utility image registry", - "default": "docker.io" - }, - "repository": { - "type": "string", - "description": "OS Shell + Utility image repository", - "default": "bitnami/os-shell" - }, - "tag": { - "type": "string", - "description": "OS Shell + Utility image tag (immutable tags are recommended)", - "default": "11-debian-11-r54" - }, - "digest": { - "type": "string", - "description": "OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", - "default": "" - }, - "pullPolicy": { - "type": "string", - "description": "OS Shell + Utility image pull policy", - "default": "IfNotPresent" - }, - "pullSecrets": { - "type": "array", - "description": "OS Shell + Utility image pull secrets", - "default": [], - "items": {} - } - } - }, - "resources": { - "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the init container", - "default": {} - }, - "requests": { - "type": "object", - "description": "The requested resources for the init container", - "default": {} - } - } - }, - "containerSecurityContext": { - "type": "object", - "properties": { - "runAsUser": { - "type": "number", - "description": "User ID for the init container", - "default": 0 - } - } - } - } - }, - "serviceAccount": { - "type": "object", - "properties": { - "create": { - "type": "boolean", - "description": "Enable creation of ServiceAccount for WordPress pod", - "default": false - }, - "name": { - "type": "string", - "description": "The name of the ServiceAccount to use.", - "default": "" - }, - "automountServiceAccountToken": { - "type": "boolean", - "description": "Allows auto mount of ServiceAccountToken on the serviceAccount created", - "default": true - }, - "annotations": { - "type": "object", - "description": "Additional custom annotations for the ServiceAccount", - "default": {} - } - } - }, - "pdb": { - "type": "object", - "properties": { - "create": { - "type": "boolean", - "description": "Enable a Pod Disruption Budget creation", - "default": false - }, - "minAvailable": { - "type": "number", - "description": "Minimum number/percentage of pods that should remain scheduled", - "default": 1 - }, - "maxUnavailable": { - "type": "string", - "description": "Maximum number/percentage of pods that may be made unavailable", - "default": "" - } - } - }, - "autoscaling": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable Horizontal POD autoscaling for WordPress", - "default": false - }, - "minReplicas": { - "type": "number", - "description": "Minimum number of WordPress replicas", - "default": 1 - }, - "maxReplicas": { - "type": "number", - "description": "Maximum number of WordPress replicas", - "default": 11 - }, - "targetCPU": { - "type": "number", - "description": "Target CPU utilization percentage", - "default": 50 - }, - "targetMemory": { - "type": "number", - "description": "Target Memory utilization percentage", - "default": 50 - } - } - }, - "metrics": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Start a sidecar prometheus exporter to expose metrics", - "default": false - }, - "image": { - "type": "object", - "properties": { - "registry": { - "type": "string", - "description": "Apache exporter image registry", - "default": "docker.io" - }, - "repository": { - "type": "string", - "description": "Apache exporter image repository", - "default": "bitnami/apache-exporter" - }, - "tag": { - "type": "string", - "description": "Apache exporter image tag (immutable tags are recommended)", - "default": "1.0.1-debian-11-r32" - }, - "digest": { - "type": "string", - "description": "Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", - "default": "" - }, - "pullPolicy": { - "type": "string", - "description": "Apache exporter image pull policy", - "default": "IfNotPresent" - }, - "pullSecrets": { - "type": "array", - "description": "Apache exporter image pull secrets", - "default": [], - "items": {} - } - } - }, - "containerPorts": { - "type": "object", - "properties": { - "metrics": { - "type": "number", - "description": "Prometheus exporter container port", - "default": 9117 - } - } - }, - "livenessProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable livenessProbe on Prometheus exporter containers", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for livenessProbe", - "default": 15 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for livenessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for livenessProbe", - "default": 5 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for livenessProbe", - "default": 3 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for livenessProbe", - "default": 1 - } - } - }, - "readinessProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable readinessProbe on Prometheus exporter containers", - "default": true - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for readinessProbe", - "default": 5 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for readinessProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for readinessProbe", - "default": 3 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for readinessProbe", - "default": 3 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for readinessProbe", - "default": 1 - } - } - }, - "startupProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable startupProbe on Prometheus exporter containers", - "default": false - }, - "initialDelaySeconds": { - "type": "number", - "description": "Initial delay seconds for startupProbe", - "default": 10 - }, - "periodSeconds": { - "type": "number", - "description": "Period seconds for startupProbe", - "default": 10 - }, - "timeoutSeconds": { - "type": "number", - "description": "Timeout seconds for startupProbe", - "default": 1 - }, - "failureThreshold": { - "type": "number", - "description": "Failure threshold for startupProbe", - "default": 15 - }, - "successThreshold": { - "type": "number", - "description": "Success threshold for startupProbe", - "default": 1 - } - } - }, - "customLivenessProbe": { - "type": "object", - "description": "Custom livenessProbe that overrides the default one", - "default": {} - }, - "customReadinessProbe": { - "type": "object", - "description": "Custom readinessProbe that overrides the default one", - "default": {} - }, - "customStartupProbe": { - "type": "object", - "description": "Custom startupProbe that overrides the default one", - "default": {} - }, - "service": { - "type": "object", - "properties": { - "annotations": { - "type": "object", - "properties": { - "prometheus": { - "type": "object", - "properties": { - "io/scrape": { - "type": "string", - "description": "", - "default": "true" - }, - "io/port": { - "type": "string", - "description": "", - "default": "{{ .Values.metrics.containerPorts.metrics }}" - } - } - } - } - }, - "ports": { - "type": "object", - "properties": { - "metrics": { - "type": "number", - "description": "Prometheus metrics service port", - "default": 9150 - } - } - } - } - }, - "resources": { - "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the Prometheus exporter container", - "default": {} - }, - "requests": { - "type": "object", - "description": "The requested resources for the Prometheus exporter container", - "default": {} - } - } - }, - "serviceMonitor": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Create ServiceMonitor Resource for scraping metrics using Prometheus Operator", - "default": false - }, - "namespace": { - "type": "string", - "description": "Namespace for the ServiceMonitor Resource (defaults to the Release Namespace)", - "default": "" - }, - "interval": { - "type": "string", - "description": "Interval at which metrics should be scraped.", - "default": "" - }, - "scrapeTimeout": { - "type": "string", - "description": "Timeout after which the scrape is ended", - "default": "" - }, - "labels": { - "type": "object", - "description": "Additional labels that can be used so ServiceMonitor will be discovered by Prometheus", - "default": {} - }, - "selector": { - "type": "object", - "description": "Prometheus instance selector labels", - "default": {} - }, - "relabelings": { - "type": "array", - "description": "RelabelConfigs to apply to samples before scraping", - "default": [], - "items": {} - }, - "metricRelabelings": { - "type": "array", - "description": "MetricRelabelConfigs to apply to samples before ingestion", - "default": [], - "items": {} - }, - "honorLabels": { - "type": "boolean", - "description": "Specify honorLabels parameter to add the scrape endpoint", - "default": false - }, - "jobLabel": { - "type": "string", - "description": "The name of the label on the target service to use as the job name in prometheus.", - "default": "" - } - } - } - } - }, - "networkPolicy": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable network policies", - "default": false - }, - "metrics": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable network policy for metrics (prometheus)", - "default": false - } - } - }, - "ingress": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable network policy for Ingress Proxies", - "default": false - } - } - }, - "ingressRules": { - "type": "object", - "properties": { - "backendOnlyAccessibleByFrontend": { - "type": "boolean", - "description": "Enable ingress rule that makes the backend (mariadb) only accessible by testlink's pods.", - "default": false - }, - "accessOnlyFrom": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable ingress rule that makes testlink only accessible from a particular origin", - "default": false - } - } - } - } - }, - "egressRules": { - "type": "object", - "properties": { - "denyConnectionsToExternal": { - "type": "boolean", - "description": "Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53).", - "default": false - } - } - } - } - }, - "mariadb": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Deploy a MariaDB server to satisfy the applications database requirements", - "default": true - }, - "architecture": { - "type": "string", - "description": "MariaDB architecture. Allowed values: `standalone` or `replication`", - "default": "standalone" - }, - "auth": { - "type": "object", - "properties": { - "rootPassword": { - "type": "string", - "description": "MariaDB root password", - "default": "" - }, - "database": { - "type": "string", - "description": "MariaDB custom database", - "default": "bitnami_wordpress" - }, - "username": { - "type": "string", - "description": "MariaDB custom user name", - "default": "bn_wordpress" - }, - "password": { - "type": "string", - "description": "MariaDB custom user password", - "default": "" - } - } - }, - "primary": { - "type": "object", - "properties": { - "persistence": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable persistence on MariaDB using PVC(s)", - "default": true - }, - "storageClass": { - "type": "string", - "description": "Persistent Volume storage class", - "default": "" - }, - "accessModes": { - "type": "array", - "description": "Persistent Volume access modes", - "default": [ - "ReadWriteOnce" - ], - "items": { - "type": "string" - } - }, - "size": { - "type": "string", - "description": "Persistent Volume size", - "default": "8Gi" - } - } - } - } - } - } - }, - "externalDatabase": { - "type": "object", - "properties": { - "host": { - "type": "string", - "description": "External Database server host", - "default": "localhost" - }, - "port": { - "type": "number", - "description": "External Database server port", - "default": 3306 - }, - "user": { - "type": "string", - "description": "External Database username", - "default": "bn_wordpress" - }, - "password": { - "type": "string", - "description": "External Database user password", - "default": "" - }, - "database": { - "type": "string", - "description": "External Database database name", - "default": "bitnami_wordpress" - }, - "existingSecret": { - "type": "string", - "description": "The name of an existing secret with database credentials. Evaluated as a template", - "default": "" - } - } - }, - "memcached": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Deploy a Memcached server for caching database queries", - "default": false - }, - "auth": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable Memcached authentication", - "default": false - }, - "username": { - "type": "string", - "description": "Memcached admin user", - "default": "" - }, - "password": { - "type": "string", - "description": "Memcached admin password", - "default": "" - } - } - }, - "service": { - "type": "object", - "properties": { - "port": { - "type": "number", - "description": "Memcached service port", - "default": 11211 - } - } - } - } - }, - "externalCache": { - "type": "object", - "properties": { - "host": { - "type": "string", - "description": "External cache server host", - "default": "localhost" - }, - "port": { - "type": "number", - "description": "External cache server port", - "default": 11211 - } - } + "$schema": "http://json-schema.org/schema#", + "type": "object", + "properties": { + "wordpressUsername": { + "type": "string", + "title": "Username", + "form": true + }, + "wordpressPassword": { + "type": "string", + "title": "Password", + "form": true, + "description": "Defaults to a random 10-character alphanumeric string if not set" + }, + "wordpressEmail": { + "type": "string", + "title": "Admin email", + "form": true + }, + "wordpressBlogName": { + "type": "string", + "title": "Blog Name", + "form": true + }, + "persistence": { + "type": "object", + "properties": { + "size": { + "type": "string", + "title": "Persistent Volume Size", + "form": true, + "render": "slider", + "sliderMin": 1, + "sliderMax": 100, + "sliderUnit": "Gi" } + } + }, + "mariadb": { + "type": "object", + "title": "MariaDB Details", + "form": true, + "properties": { + "enabled": { + "type": "boolean", + "title": "Use a new MariaDB database hosted in the cluster", + "form": true, + "description": "Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database switch this off and configure the external database details" + }, + "primary": { + "type": "object", + "properties": { + "persistence": { + "type": "object", + "properties": { + "size": { + "type": "string", + "title": "Volume Size", + "form": true, + "hidden": { + "value": false, + "path": "mariadb/enabled" + }, + "render": "slider", + "sliderMin": 1, + "sliderMax": 100, + "sliderUnit": "Gi" + } + } + } + } + } + } + }, + "externalDatabase": { + "type": "object", + "title": "External Database Details", + "description": "If MariaDB is disabled. Use this section to specify the external database details", + "form": true, + "properties": { + "host": { + "type": "string", + "form": true, + "title": "Database Host", + "hidden": "mariadb/enabled" + }, + "user": { + "type": "string", + "form": true, + "title": "Database Username", + "hidden": "mariadb/enabled" + }, + "password": { + "type": "string", + "form": true, + "title": "Database Password", + "hidden": "mariadb/enabled" + }, + "database": { + "type": "string", + "form": true, + "title": "Database Name", + "hidden": "mariadb/enabled" + }, + "port": { + "type": "integer", + "form": true, + "title": "Database Port", + "hidden": "mariadb/enabled" + } + } + }, + "ingress": { + "type": "object", + "form": true, + "title": "Ingress Configuration", + "properties": { + "enabled": { + "type": "boolean", + "form": true, + "title": "Use a custom hostname", + "description": "Enable the ingress resource that allows you to access the WordPress installation." + }, + "hostname": { + "type": "string", + "form": true, + "title": "Hostname", + "hidden": { + "value": false, + "path": "ingress/enabled" + } + }, + "tls": { + "type": "boolean", + "form": true, + "title": "Create a TLS secret", + "hidden": { + "value": false, + "path": "ingress/enabled" + } + } + } + }, + "service": { + "type": "object", + "form": true, + "title": "Service Configuration", + "properties": { + "type": { + "type": "string", + "form": true, + "title": "Service Type", + "description": "Allowed values: \"ClusterIP\", \"NodePort\" and \"LoadBalancer\"" + } + } + }, + "resources": { + "type": "object", + "title": "Required Resources", + "description": "Configure resource requests", + "form": true, + "properties": { + "requests": { + "type": "object", + "properties": { + "memory": { + "type": "string", + "form": true, + "render": "slider", + "title": "Memory Request", + "sliderMin": 10, + "sliderMax": 2048, + "sliderUnit": "Mi" + }, + "cpu": { + "type": "string", + "form": true, + "render": "slider", + "title": "CPU Request", + "sliderMin": 10, + "sliderMax": 2000, + "sliderUnit": "m" + } + } + } + } + }, + "volumePermissions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "form": true, + "title": "Enable Init Containers", + "description": "Use an init container to set required folder permissions on the data volume before mounting it in the final destination" + } + } + }, + "metrics": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable Metrics", + "description": "Prometheus Exporter / Metrics", + "form": true + } + } } -} \ No newline at end of file + } +} diff --git a/charts/bitnami/wordpress/values.yaml b/charts/bitnami/wordpress/values.yaml index 408f93f03..264b42fa4 100644 --- a/charts/bitnami/wordpress/values.yaml +++ b/charts/bitnami/wordpress/values.yaml @@ -76,7 +76,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/wordpress - tag: 6.3.1-debian-11-r14 + tag: 6.3.1-debian-11-r19 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -766,7 +766,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 11-debian-11-r66 + tag: 11-debian-11-r72 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -860,7 +860,7 @@ metrics: image: registry: docker.io repository: bitnami/apache-exporter - tag: 1.0.1-debian-11-r44 + tag: 1.0.1-debian-11-r50 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/dell/csi-powermax/Chart.yaml b/charts/dell/csi-powermax/Chart.yaml index 563200b01..d60800f31 100644 --- a/charts/dell/csi-powermax/Chart.yaml +++ b/charts/dell/csi-powermax/Chart.yaml @@ -1,15 +1,15 @@ annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Dell CSI PowerMax - catalog.cattle.io/kube-version: '>= 1.23.0 < 1.28.0' + catalog.cattle.io/kube-version: '>= 1.23.0 < 1.29.0' catalog.cattle.io/release-name: csi-powermax apiVersion: v2 -appVersion: 2.7.0 +appVersion: 2.8.0 dependencies: - condition: required name: csireverseproxy repository: file://./charts/csireverseproxy - version: 2.6.0 + version: 2.7.0 description: 'PowerMax CSI (Container Storage Interface) driver Kubernetes integration. This chart includes everything required to provision via CSI as well as a PowerMax StorageClass. ' @@ -18,11 +18,11 @@ icon: https://partner-charts.rancher.io/assets/logos/dell.png keywords: - csi - storage -kubeVersion: '>= 1.23.0 < 1.28.0' +kubeVersion: '>= 1.23.0 < 1.29.0' maintainers: - name: DellEMC name: csi-powermax sources: - https://github.com/dell/csi-powermax type: application -version: 2.7.0 +version: 2.8.0 diff --git a/charts/dell/csi-powermax/charts/csireverseproxy/Chart.yaml b/charts/dell/csi-powermax/charts/csireverseproxy/Chart.yaml index d55833f8e..8604c0afb 100644 --- a/charts/dell/csi-powermax/charts/csireverseproxy/Chart.yaml +++ b/charts/dell/csi-powermax/charts/csireverseproxy/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 -appVersion: 2.6.0 +appVersion: 2.7.0 description: A Helm chart for CSI PowerMax ReverseProxy name: csireverseproxy type: application -version: 2.6.0 +version: 2.7.0 diff --git a/charts/dell/csi-powermax/charts/csireverseproxy/values.yaml b/charts/dell/csi-powermax/charts/csireverseproxy/values.yaml index 32b0106bb..fcd87e307 100644 --- a/charts/dell/csi-powermax/charts/csireverseproxy/values.yaml +++ b/charts/dell/csi-powermax/charts/csireverseproxy/values.yaml @@ -1,4 +1,4 @@ -image: dellemc/csipowermax-reverseproxy:v2.6.0 +image: dellemc/csipowermax-reverseproxy:v2.7.0 port: 2222 # TLS secret which is used for setting up the proxy HTTPS server diff --git a/charts/dell/csi-powermax/templates/_helpers.tpl b/charts/dell/csi-powermax/templates/_helpers.tpl index 0ad1b65d7..4cb67bdd4 100644 --- a/charts/dell/csi-powermax/templates/_helpers.tpl +++ b/charts/dell/csi-powermax/templates/_helpers.tpl @@ -3,48 +3,56 @@ Return the appropriate sidecar images based on k8s version */}} {{- define "csi-powermax.attacherImage" -}} {{- if eq .Capabilities.KubeVersion.Major "1" }} - {{- if and (ge (trimSuffix "+" .Capabilities.KubeVersion.Minor) "23") (le (trimSuffix "+" .Capabilities.KubeVersion.Minor) "27") -}} - {{- print "k8s.gcr.io/sig-storage/csi-attacher:v4.3.0" -}} + {{- if and (ge (trimSuffix "+" .Capabilities.KubeVersion.Minor) "23") (le (trimSuffix "+" .Capabilities.KubeVersion.Minor) "28") -}} + {{- print "registry.k8s.io/sig-storage/csi-attacher:v4.3.0" -}} {{- end -}} {{- end -}} {{- end -}} {{- define "csi-powermax.provisionerImage" -}} {{- if eq .Capabilities.KubeVersion.Major "1" }} - {{- if and (ge (trimSuffix "+" .Capabilities.KubeVersion.Minor) "23") (le (trimSuffix "+" .Capabilities.KubeVersion.Minor) "27") -}} - {{- print "k8s.gcr.io/sig-storage/csi-provisioner:v3.5.0" -}} + {{- if and (ge (trimSuffix "+" .Capabilities.KubeVersion.Minor) "23") (le (trimSuffix "+" .Capabilities.KubeVersion.Minor) "28") -}} + {{- print "registry.k8s.io/sig-storage/csi-provisioner:v3.5.0" -}} {{- end -}} {{- end -}} {{- end -}} {{- define "csi-powermax.snapshotterImage" -}} {{- if eq .Capabilities.KubeVersion.Major "1" }} - {{- if and (ge (trimSuffix "+" .Capabilities.KubeVersion.Minor) "23") (le (trimSuffix "+" .Capabilities.KubeVersion.Minor) "27") -}} - {{- print "k8s.gcr.io/sig-storage/csi-snapshotter:v6.2.2" -}} + {{- if and (ge (trimSuffix "+" .Capabilities.KubeVersion.Minor) "23") (le (trimSuffix "+" .Capabilities.KubeVersion.Minor) "28") -}} + {{- print "registry.k8s.io/sig-storage/csi-snapshotter:v6.2.2" -}} {{- end -}} {{- end -}} {{- end -}} {{- define "csi-powermax.resizerImage" -}} {{- if eq .Capabilities.KubeVersion.Major "1" }} - {{- if and (ge (trimSuffix "+" .Capabilities.KubeVersion.Minor) "23") (le (trimSuffix "+" .Capabilities.KubeVersion.Minor) "27") -}} - {{- print "k8s.gcr.io/sig-storage/csi-resizer:v1.8.0" -}} + {{- if and (ge (trimSuffix "+" .Capabilities.KubeVersion.Minor) "23") (le (trimSuffix "+" .Capabilities.KubeVersion.Minor) "28") -}} + {{- print "registry.k8s.io/sig-storage/csi-resizer:v1.8.0" -}} {{- end -}} {{- end -}} {{- end -}} {{- define "csi-powermax.registrarImage" -}} {{- if eq .Capabilities.KubeVersion.Major "1" }} - {{- if and (ge (trimSuffix "+" .Capabilities.KubeVersion.Minor) "23") (le (trimSuffix "+" .Capabilities.KubeVersion.Minor) "27") -}} - {{- print "k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.8.0" -}} + {{- if and (ge (trimSuffix "+" .Capabilities.KubeVersion.Minor) "23") (le (trimSuffix "+" .Capabilities.KubeVersion.Minor) "28") -}} + {{- print "registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0" -}} {{- end -}} {{- end -}} {{- end -}} {{- define "csi-powermax.healthmonitorImage" -}} {{- if eq .Capabilities.KubeVersion.Major "1" }} - {{- if and (ge (trimSuffix "+" .Capabilities.KubeVersion.Minor) "23") (le (trimSuffix "+" .Capabilities.KubeVersion.Minor) "27") -}} + {{- if and (ge (trimSuffix "+" .Capabilities.KubeVersion.Minor) "23") (le (trimSuffix "+" .Capabilities.KubeVersion.Minor) "28") -}} {{- print "registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.9.0" -}} {{- end -}} {{- end -}} {{- end -}} + +{{- define "csi-powermax.isStorageCapacitySupported" -}} +{{- if eq .Values.storageCapacity.enabled true -}} + {{- if and (eq .Capabilities.KubeVersion.Major "1") (ge (trimSuffix "+" .Capabilities.KubeVersion.Minor) "24") -}} + {{- true -}} + {{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/dell/csi-powermax/templates/controller.yaml b/charts/dell/csi-powermax/templates/controller.yaml index f5118102e..7785fbf04 100644 --- a/charts/dell/csi-powermax/templates/controller.yaml +++ b/charts/dell/csi-powermax/templates/controller.yaml @@ -91,7 +91,19 @@ rules: - apiGroups: [""] resources: ["configmaps"] verbs: ["create", "delete", "get", "list", "watch", "update", "patch"] - {{- end}} + {{- end}} + # Permissions for Storage Capacity + {{- if eq (include "csi-powermax.isStorageCapacitySupported" .) "true" }} + - apiGroups: ["storage.k8s.io"] + resources: ["csistoragecapacities"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["replicasets"] + verbs: ["get"] + {{- end }} --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 @@ -184,9 +196,20 @@ spec: - "--leader-election" - "--extra-create-metadata" - "--feature-gates=Topology=true" + - "--enable-capacity={{ (include "csi-powermax.isStorageCapacitySupported" .) | default false }}" + - "--capacity-ownerref-level=2" + - "--capacity-poll-interval={{ .Values.storageCapacity.pollInterval | default "5m" }}" env: - name: ADDRESS value: /var/run/csi/csi.sock + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name volumeMounts: - name: socket-dir mountPath: /var/run/csi @@ -487,4 +510,4 @@ spec: secret: secretName: proxy-server-root-certificate {{ end }} - {{ end }} \ No newline at end of file + {{ end }} diff --git a/charts/dell/csi-powermax/templates/csidriver.yaml b/charts/dell/csi-powermax/templates/csidriver.yaml index 52cc66945..2717b327b 100644 --- a/charts/dell/csi-powermax/templates/csidriver.yaml +++ b/charts/dell/csi-powermax/templates/csidriver.yaml @@ -7,5 +7,7 @@ metadata: name: csi-powermax {{- end }} spec: + podInfoOnMount: true attachRequired: true - fsGroupPolicy: {{ .Values.fsGroupPolicy }} \ No newline at end of file + storageCapacity: {{ (include "csi-powermax.isStorageCapacitySupported" .) | default false }} + fsGroupPolicy: {{ .Values.fsGroupPolicy }} diff --git a/charts/dell/csi-powermax/templates/node.yaml b/charts/dell/csi-powermax/templates/node.yaml index 0d0cdae8f..2d91c9b1f 100644 --- a/charts/dell/csi-powermax/templates/node.yaml +++ b/charts/dell/csi-powermax/templates/node.yaml @@ -1,4 +1,3 @@ -{{- if or (eq .Values.migration.enabled true) (eq .Values.openshift true) }} apiVersion: v1 kind: ServiceAccount metadata: @@ -14,6 +13,9 @@ metadata: name: {{ .Release.Name }}-node {{- end }} rules: + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch", "update", "patch"] {{- if eq .Values.openshift true }} - apiGroups: ["security.openshift.io"] resources: ["securitycontextconstraints"] @@ -60,7 +62,6 @@ roleRef: {{- end }} apiGroup: rbac.authorization.k8s.io --- -{{ end }} kind: DaemonSet apiVersion: apps/v1 metadata: @@ -81,9 +82,7 @@ spec: labels: app: {{ .Release.Name }}-node spec: - {{- if or (eq .Values.migration.enabled true) (eq .Values.openshift true) }} serviceAccountName: {{ .Release.Name }}-node - {{ end }} {{ if .Values.node.nodeSelector }} nodeSelector: {{- toYaml .Values.node.nodeSelector | nindent 8 }} @@ -121,6 +120,8 @@ spec: value: unix://{{ .Values.kubeletConfigDir }}/plugins/powermax.emc.dell.com/csi_sock - name: X_CSI_MODE value: node + - name: X_CSI_MAX_VOLUMES_PER_NODE + value: "{{ .Values.maxPowerMaxVolumesPerNode }}" - name: X_CSI_PRIVATE_MOUNT_DIR value: "{{ .Values.kubeletConfigDir }}/plugins/powermax.emc.dell.com/disks" - name: X_CSI_MANAGED_ARRAYS @@ -395,4 +396,4 @@ spec: secret: secretName: proxy-server-root-certificate {{ end }} - {{ end }} \ No newline at end of file + {{ end }} diff --git a/charts/dell/csi-powermax/values.yaml b/charts/dell/csi-powermax/values.yaml index 418b1c32f..885a8ba97 100644 --- a/charts/dell/csi-powermax/values.yaml +++ b/charts/dell/csi-powermax/values.yaml @@ -49,7 +49,7 @@ global: # Current version of the driver # Don't modify this value as this value will be used by the install script -version: "v2.7.0" +version: "v2.8.0" images: # "driver" defines the container image, used for the driver container. @@ -101,6 +101,13 @@ kubeletConfigDir: /var/lib/kubelet # Default value: ReadWriteOnceWithFSType fsGroupPolicy: ReadWriteOnceWithFSType +# maxPowermaxVolumesPerNode: Specify default value for maximum number of volumes that controller can publish to the node. +# If value is zero CO SHALL decide how many volumes of this type can be published by the controller to the node. +# This limit is applicable to all the nodes in the cluster for which node label 'max-Powermax-volumes-per-node' is not set. +# Allowed values: n, where n >= 0 +# Default value: 0 +maxPowerMaxVolumesPerNode: 0 + # controller: configure controller specific parameters controller: # controllerCount: Define the number of PowerMax controller nodes @@ -255,8 +262,8 @@ enableCHAP: false csireverseproxy: # image: Define the container images used for the reverse proxy # Default value: None - # Example: "csipowermax-reverseproxy:v2.6.0" - image: dellemc/csipowermax-reverseproxy:v2.6.0 + # Example: "csipowermax-reverseproxy:v2.7.0" + image: dellemc/csipowermax-reverseproxy:v2.7.0 # "tlsSecret" defines the TLS secret that is created with certificate # and its associated key # Default value: None @@ -375,7 +382,7 @@ replication: enabled: false # Change this to use any specific version of the dell-csi-replicator sidecar # Default value: None - image: dellemc/dell-csi-replicator:v1.5.0 + image: dellemc/dell-csi-replicator:v1.6.0 # replicationContextPrefix enables side cars to read # required information from the volume context # Default value: "powermax" @@ -396,10 +403,10 @@ migration: enabled: false # Change this to use any specific version of the dell-csi-migrator sidecar # Default value: None - image: dellemc/dell-csi-migrator:v1.1.1 + image: dellemc/dell-csi-migrator:v1.2.0 # Node rescan sidecar does a rescan on nodes for identifying new paths - # Default value: dellemc/dell-csi-node-rescanner:v1.0.1 - nodeRescanSidecarImage: dellemc/dell-csi-node-rescanner:v1.0.1 + # Default value: None + nodeRescanSidecarImage: dellemc/dell-csi-node-rescanner:v1.1.0 # migrationPrefix: Determine if migration is enabled # Default value: "migration.storage.dell.com" # Examples: "migration.storage.dell.com" @@ -415,8 +422,8 @@ migration: authorization: enabled: false # sidecarProxyImage: the container image used for the csm-authorization-sidecar. - # Default value: dellemc/csm-authorization-sidecar:v1.7.0 - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.7.0 + # Default value: dellemc/csm-authorization-sidecar:v1.8.0 + sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.8.0 # proxyHost: hostname of the csm-authorization server # Default value: None proxyHost: @@ -427,6 +434,20 @@ authorization: # Default value: "true" skipCertificateValidation: true +# Storage Capacity Tracking +# Note: Capacity tracking is supported in kubernetes v1.24 and above, this feature will be automatically disabled in older versions. +storageCapacity: + # enabled : Enable/Disable storage capacity tracking + # Allowed values: + # true: enable storage capacity tracking + # false: disable storage capacity tracking + # Default value: true + enabled: true + # pollInterval : Configure how often external-provisioner polls the driver to detect changed capacity + # Allowed values: 1m,2m,3m,...,10m,...,60m etc + # Default value: 5m + pollInterval: 5m + # VMware/vSphere virtualization support # set enable to true, if you to enable VMware virtualized environment support via RDM # Allowed Values: diff --git a/charts/prophetstor/federatorai/Chart.yaml b/charts/prophetstor/federatorai/Chart.yaml index a40d4b20c..7a7686ffa 100644 --- a/charts/prophetstor/federatorai/Chart.yaml +++ b/charts/prophetstor/federatorai/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>= 1.16.0-0' catalog.cattle.io/release-name: federatorai apiVersion: v2 -appVersion: 5.1.3-ga +appVersion: 5.1.4-b2262 description: Federator.ai helps enterprises optimize cloud resources, maximize application performance, and save significant cost without excessive over-provisioning or under-provisioning of resources, meeting the service-level requirements of their applications. @@ -24,4 +24,4 @@ maintainers: name: federatorai sources: - https://www.prophetstor.com -version: 5.1.3 +version: 5.1.4 diff --git a/charts/prophetstor/federatorai/questions.yaml b/charts/prophetstor/federatorai/questions.yaml index 1be3afac9..5feb36e00 100644 --- a/charts/prophetstor/federatorai/questions.yaml +++ b/charts/prophetstor/federatorai/questions.yaml @@ -15,7 +15,7 @@ questions: group: "Container Images" label: Federator.ai Image Registry - variable: global.imageTag - default: "v5.1.3-ga" + default: "v5.1.4-b2262" description: "Federator.ai image tag" type: string group: "Container Images" diff --git a/charts/prophetstor/federatorai/templates/alameda-ai/deployments.yaml b/charts/prophetstor/federatorai/templates/alameda-ai/deployments.yaml index 93a72f722..5c2b6674c 100644 --- a/charts/prophetstor/federatorai/templates/alameda-ai/deployments.yaml +++ b/charts/prophetstor/federatorai/templates/alameda-ai/deployments.yaml @@ -54,6 +54,8 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.name + - name: LOG_LEVEL + value: warning - name: DATAHUB_ADDRESS value: alameda-datahub.{{ .Release.Namespace }}.svc:50050 - name: PREDICT_QUEUE_URL diff --git a/charts/prophetstor/federatorai/templates/federatorai-data-adapter/configmaps-historical.yaml b/charts/prophetstor/federatorai/templates/federatorai-data-adapter/configmaps-historical.yaml index d104a0d02..bb4fd4089 100644 --- a/charts/prophetstor/federatorai/templates/federatorai-data-adapter/configmaps-historical.yaml +++ b/charts/prophetstor/federatorai/templates/federatorai-data-adapter/configmaps-historical.yaml @@ -516,6 +516,7 @@ data: group_names = [] historical_data_restart_limit = $HISTORICAL_DATA_RESTART_LIMIT handle_missing_data_times = $HANDLE_MISSING_DATA_TIMES + stop_when_no_data = $STOP_WHEN_NO_DATA ## Rancher Prometheus integration: inputs.data_collector ## [[inputs.data_collector]] @@ -548,6 +549,7 @@ data: group_names = [] historical_data_restart_limit = $HISTORICAL_DATA_RESTART_LIMIT handle_missing_data_times = $HANDLE_MISSING_DATA_TIMES + stop_when_no_data = $STOP_WHEN_NO_DATA ## Prometheus integration: inputs.data_collector ## [[inputs.data_collector]] @@ -580,6 +582,7 @@ data: group_names = [] historical_data_restart_limit = $HISTORICAL_DATA_RESTART_LIMIT handle_missing_data_times = $HANDLE_MISSING_DATA_TIMES + stop_when_no_data = $STOP_WHEN_NO_DATA ## Datadog integration: inputs.data_collector [[inputs.data_collector]] @@ -609,6 +612,7 @@ data: cluster_name = "default" historical_data_restart_limit = $HISTORICAL_DATA_RESTART_LIMIT handle_missing_data_times = $HANDLE_MISSING_DATA_TIMES + stop_when_no_data = $STOP_WHEN_NO_DATA ## Sysdig integration: inputs.data_collector ## [[inputs.data_collector]] @@ -641,6 +645,7 @@ data: group_names = [] historical_data_restart_limit = $HISTORICAL_DATA_RESTART_LIMIT handle_missing_data_times = $HANDLE_MISSING_DATA_TIMES + stop_when_no_data = $STOP_WHEN_NO_DATA ## VMware integration: inputs.data_collector ## #[[inputs.data_collector]] @@ -706,38 +711,40 @@ data: group_names = [] historical_data_restart_limit = $HISTORICAL_DATA_RESTART_LIMIT handle_missing_data_times = $HANDLE_MISSING_DATA_TIMES + stop_when_no_data = $STOP_WHEN_NO_DATA ## Azure integration: inputs.data_collector - #[[inputs.data_collector]] - # alias = "azure_metrics_collector" - # #interval = "5m" - # query_start_time_offset = "-10m" - # query_end_time_offset = "0m" #Support s(second),m(minute),h(hour) - # retry_interval = "$DATASOURCE_METRICS_RETRY_INTERVAL" - # max_retry_times = $DATASOURCE_METRICS_MAX_RETRY_TIMES - # ## data source type from which to query data - # ## accept values: vmware - # source = "azure" - # ## which collector to handle the data collection - # collector = "azure" - # ## account name - # account = "" - # ## authenticated token path - # token= "" - # ## TLS Insecure skip verify - # insecure_skip_verify = true - # ## one URL from which to read formatted metrics - # url = "" - # ## metrics schema path - # metric_path = ["/etc/telegraf/schema/azure_historical_metrics.json"] - # config_file = "/etc/telegraf/schema/collector_azure_config.json" - # cluster_name = "${CLUSTER_NAME}" - # discover_path = "" - # controller_name = [] - # node_uids = [] - # group_names = [] - # historical_data_restart_limit = $HISTORICAL_DATA_RESTART_LIMIT - # handle_missing_data_times = $HANDLE_MISSING_DATA_TIMES + [[inputs.data_collector]] + alias = "azure_metrics_collector" + #interval = "5m" + query_start_time_offset = "-10m" + query_end_time_offset = "0m" #Support s(second),m(minute),h(hour) + retry_interval = "$DATASOURCE_METRICS_RETRY_INTERVAL" + max_retry_times = $DATASOURCE_METRICS_MAX_RETRY_TIMES + ## data source type from which to query data + ## accept values: vmware + source = "azure" + ## which collector to handle the data collection + collector = "azure" + ## account name + account = "" + ## authenticated token path + token= "" + ## TLS Insecure skip verify + insecure_skip_verify = true + ## one URL from which to read formatted metrics + url = "" + ## metrics schema path + metric_path = ["/etc/telegraf/schema/azure_historical_metrics.json"] + config_file = "/etc/telegraf/schema/collector_azure_config.json" + cluster_name = "${CLUSTER_NAME}" + discover_path = "" + controller_name = [] + node_uids = [] + group_names = [] + historical_data_restart_limit = $HISTORICAL_DATA_RESTART_LIMIT + handle_missing_data_times = $HANDLE_MISSING_DATA_TIMES + stop_when_no_data = $STOP_WHEN_NO_DATA ## GCP integration: inputs.data_collector [[inputs.data_collector]] @@ -770,6 +777,7 @@ data: group_names = [] historical_data_restart_limit = $HISTORICAL_DATA_RESTART_LIMIT handle_missing_data_times = $HANDLE_MISSING_DATA_TIMES + stop_when_no_data = $STOP_WHEN_NO_DATA ## Federation Prometheus/Prometheus integration: outputs.alameda_datahub ## [[outputs.alameda_datahub]] diff --git a/charts/prophetstor/federatorai/templates/federatorai-data-adapter/configmaps.yaml b/charts/prophetstor/federatorai/templates/federatorai-data-adapter/configmaps.yaml index 10a61a5e3..7de59db86 100644 --- a/charts/prophetstor/federatorai/templates/federatorai-data-adapter/configmaps.yaml +++ b/charts/prophetstor/federatorai/templates/federatorai-data-adapter/configmaps.yaml @@ -939,34 +939,34 @@ data: # group_names = [] ## Azure integration: inputs.data_collector - #[[inputs.data_collector]] - # alias = "azure_metrics_collector" - # interval = "5m" - # query_start_time_offset = "-10m" - # query_end_time_offset = "0m" #Support s(second),m(minute),h(hour) - # retry_interval = "$DATASOURCE_METRICS_RETRY_INTERVAL" - # max_retry_times = $DATASOURCE_METRICS_MAX_RETRY_TIMES - # ## data source type from which to query data - # ## accept values: vmware - # source = "azure" - # ## which collector to handle the data collection - # collector = "azure" - # ## account name - # account = "" - # ## authenticated token path - # token= "" - # ## TLS Insecure skip verify - # insecure_skip_verify = true - # ## one URL from which to read formatted metrics - # url = "" - # ## metrics schema path - # metric_path = ["/etc/telegraf/schema/azure_metrics.json"] - # config_file = "/etc/telegraf/schema/collector_azure_config.json" - # cluster_name = "${CLUSTER_NAME}" - # discover_path = "" - # controller_name = [] - # node_uids = [] - # group_names = [] + [[inputs.data_collector]] + alias = "azure_metrics_collector" + interval = "5m" + query_start_time_offset = "-10m" + query_end_time_offset = "0m" #Support s(second),m(minute),h(hour) + retry_interval = "$DATASOURCE_METRICS_RETRY_INTERVAL" + max_retry_times = $DATASOURCE_METRICS_MAX_RETRY_TIMES + ## data source type from which to query data + ## accept values: vmware + source = "azure" + ## which collector to handle the data collection + collector = "azure" + ## account name + account = "" + ## authenticated token path + token= "" + ## TLS Insecure skip verify + insecure_skip_verify = true + ## one URL from which to read formatted metrics + url = "" + ## metrics schema path + metric_path = ["/etc/telegraf/schema/azure_metrics.json"] + config_file = "/etc/telegraf/schema/collector_azure_config.json" + cluster_name = "${CLUSTER_NAME}" + discover_path = "" + controller_name = [] + node_uids = [] + group_names = [] ## GCP integration: inputs.data_collector #[[inputs.data_collector]] @@ -2056,3 +2056,22 @@ data: path = "/test-metrics" metric_prefix = "federatorai_sysdig_" expiration_interval = "5m" + + ## Export DA's metrics for health status check and performance analysis + [[inputs.data_adapter_statistics]] + datahub_enable = true + aws_enable = true + prometheus_enable = true + sysdig_enable = true + vmware_enable = true + datadog_enable = true + [[outputs.prometheus_client]] + namepass = ["federatorai_data_adapter_datasource_*"] + collectors_exclude = ["gocollector", "process"] + default_value = -1 + export_all_metrics = true + ## Address to listen on + listen = ":8084" + ## Path to publish the metrics on. + path = "/test-metrics" + expiration_interval = "5m" diff --git a/charts/prophetstor/federatorai/templates/federatorai-data-adapter/deployments.yaml b/charts/prophetstor/federatorai/templates/federatorai-data-adapter/deployments.yaml index 4ad723eab..bee7a5597 100644 --- a/charts/prophetstor/federatorai/templates/federatorai-data-adapter/deployments.yaml +++ b/charts/prophetstor/federatorai/templates/federatorai-data-adapter/deployments.yaml @@ -162,6 +162,8 @@ spec: value: "1" - name: AWS_METRIC_LIST value: "CPUUtilization,mem_used_percent,Memory % Committed Bytes In Use,NetworkIn,NetworkOut,DiskReadBytes,EBSReadBytes,DiskWriteBytes,EBSWriteBytes,GroupMinSize,GroupMaxSize,GroupDesiredCapacity,GroupInServiceInstances,GroupPendingInstances,GroupStandbyInstances,GroupTerminatingInstances,GroupTotalInstances" + - name: STOP_WHEN_NO_DATA + value: "true" {{- if .Values.federatoraiDataAdapter.image }} image: {{ .Values.federatoraiDataAdapter.image }} {{- else }} diff --git a/charts/prophetstor/federatorai/templates/federatorai-rest/configmaps-auto-provision-template.yaml b/charts/prophetstor/federatorai/templates/federatorai-rest/configmaps-auto-provision-template.yaml index 9dd846b63..43b32b575 100644 --- a/charts/prophetstor/federatorai/templates/federatorai-rest/configmaps-auto-provision-template.yaml +++ b/charts/prophetstor/federatorai/templates/federatorai-rest/configmaps-auto-provision-template.yaml @@ -2384,9 +2384,9 @@ data: exit $err_code fi # Still use kubectl version to verify server connection - $verify_cmd version|grep -q "^Server" + $verify_cmd version -o yaml | grep -q "^serverVersion:" else - $kube_cmd version|grep -q "^Server" + $kube_cmd version -o yaml | grep -q "^serverVersion:" fi if [ "$?" != "0" ];then diff --git a/charts/prophetstor/federatorai/templates/federatorai-rest/roles.yaml b/charts/prophetstor/federatorai/templates/federatorai-rest/roles.yaml index e4e738543..4a626fb5b 100644 --- a/charts/prophetstor/federatorai/templates/federatorai-rest/roles.yaml +++ b/charts/prophetstor/federatorai/templates/federatorai-rest/roles.yaml @@ -25,6 +25,7 @@ rules: - "" resources: - pods + - services verbs: - get - list diff --git a/charts/prophetstor/federatorai/values.yaml b/charts/prophetstor/federatorai/values.yaml index 37f226bbf..a6f01d37f 100644 --- a/charts/prophetstor/federatorai/values.yaml +++ b/charts/prophetstor/federatorai/values.yaml @@ -8,7 +8,7 @@ global: ## @param global.imageTag Image tag of Federator.ai ## For example: ## imageTag: "v5.1.2-ga" - imageTag: "v5.1.3-ga" + imageTag: "v5.1.4-b2262" ## @param global.imagePullPolicy Specify a imagePullPolicy ## For example: ## imagePullPolicy: "IfNotPresent" diff --git a/charts/redpanda/redpanda/Chart.lock b/charts/redpanda/redpanda/Chart.lock index 08afe8647..79feb465f 100644 --- a/charts/redpanda/redpanda/Chart.lock +++ b/charts/redpanda/redpanda/Chart.lock @@ -6,4 +6,4 @@ dependencies: repository: https://charts.redpanda.com version: 0.1.5 digest: sha256:1c770fac6e8dee7fb5731db478dd04350e310e5cf1dccf2a74ae5d6e6ee85dc8 -generated: "2023-09-15T11:53:46.309229737Z" +generated: "2023-09-20T15:34:49.205852605Z" diff --git a/charts/redpanda/redpanda/Chart.yaml b/charts/redpanda/redpanda/Chart.yaml index 695f25058..8ecbe87cf 100644 --- a/charts/redpanda/redpanda/Chart.yaml +++ b/charts/redpanda/redpanda/Chart.yaml @@ -37,4 +37,4 @@ name: redpanda sources: - https://github.com/redpanda-data/helm-charts type: application -version: 5.4.2 +version: 5.4.6 diff --git a/charts/redpanda/redpanda/ci/21-eks-tiered-storage-with-creds-values.yaml.tpl b/charts/redpanda/redpanda/ci/21-eks-tiered-storage-with-creds-values.yaml.tpl index 47236d333..c5f9490fb 100644 --- a/charts/redpanda/redpanda/ci/21-eks-tiered-storage-with-creds-values.yaml.tpl +++ b/charts/redpanda/redpanda/ci/21-eks-tiered-storage-with-creds-values.yaml.tpl @@ -22,4 +22,5 @@ storage: cloud_storage_region: "${AWS_REGION}" cloud_storage_bucket: "${TEST_BUCKET}" cloud_storage_segment_max_upload_interval_sec: 1 -license_key: "${REDPANDA_SAMPLE_LICENSE}" \ No newline at end of file +enterprise: + license: "${REDPANDA_SAMPLE_LICENSE}" \ No newline at end of file diff --git a/charts/redpanda/redpanda/ci/22-gke-tiered-storage-with-creds-values.yaml.tpl b/charts/redpanda/redpanda/ci/22-gke-tiered-storage-with-creds-values.yaml.tpl index fb4e854fc..1fcc1413a 100644 --- a/charts/redpanda/redpanda/ci/22-gke-tiered-storage-with-creds-values.yaml.tpl +++ b/charts/redpanda/redpanda/ci/22-gke-tiered-storage-with-creds-values.yaml.tpl @@ -23,7 +23,8 @@ storage: cloud_storage_segment_max_upload_interval_sec: 1 cloud_storage_access_key: "${GCP_ACCESS_KEY_ID}" cloud_storage_secret_key: "${GCP_SECRET_ACCESS_KEY}" -license_key: "${REDPANDA_SAMPLE_LICENSE}" +enterprise: + license: "${REDPANDA_SAMPLE_LICENSE}" resources: diff --git a/charts/redpanda/redpanda/ci/23-aks-tiered-storage-with-creds-values.yaml.tpl b/charts/redpanda/redpanda/ci/23-aks-tiered-storage-with-creds-values.yaml.tpl index 01d47422a..f45186e23 100644 --- a/charts/redpanda/redpanda/ci/23-aks-tiered-storage-with-creds-values.yaml.tpl +++ b/charts/redpanda/redpanda/ci/23-aks-tiered-storage-with-creds-values.yaml.tpl @@ -23,7 +23,8 @@ storage: cloud_storage_azure_storage_account: ${TEST_STORAGE_ACCOUNT} cloud_storage_azure_container: ${TEST_STORAGE_CONTAINER} cloud_storage_azure_shared_key: ${TEST_AZURE_SHARED_KEY} -license_key: "${REDPANDA_SAMPLE_LICENSE}" +enterprise: + license: "${REDPANDA_SAMPLE_LICENSE}" resources: cpu: diff --git a/charts/redpanda/redpanda/ci/99-none-existent-config-options-with-empty-values.yaml b/charts/redpanda/redpanda/ci/99-none-existent-config-options-with-empty-values.yaml index cd9622148..671d1ea25 100644 --- a/charts/redpanda/redpanda/ci/99-none-existent-config-options-with-empty-values.yaml +++ b/charts/redpanda/redpanda/ci/99-none-existent-config-options-with-empty-values.yaml @@ -13,9 +13,10 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -license_secret_ref: - secret_name: redpanda-license - secret_key: license-key +enterprise: + licenseSecretRef: + name: redpanda-license + key: license-key storage: tieredConfig: diff --git a/charts/redpanda/redpanda/templates/_helpers.tpl b/charts/redpanda/redpanda/templates/_helpers.tpl index 1bce40e67..b04ff6cd6 100644 --- a/charts/redpanda/redpanda/templates/_helpers.tpl +++ b/charts/redpanda/redpanda/templates/_helpers.tpl @@ -625,7 +625,7 @@ advertised-host returns a json string with the data needed for configuring the a {{- end -}} {{- define "is-licensed" -}} -{{- toJson (dict "bool" (or (not (empty .Values.license_key)) (not (empty .Values.license_secret_ref)))) -}} +{{- toJson (dict "bool" (or (not (empty (include "enterprise-license" . ))) (not (empty (include "enterprise-secret" . ))))) -}} {{- end -}} {{/* @@ -682,7 +682,99 @@ return correct secretName to use based if secretRef exists {{- define "cert-secret-name" -}} {{- if .tempCert.cert.secretRef -}} {{- .tempCert.cert.secretRef.name -}} - {{- else }} + {{- else -}} {{- include "redpanda.fullname" . }}-{{ .tempCert.name }}-cert + {{- end -}} +{{- end -}} + +{{/* +return license checks deprecated values if current values is empty +*/}} +{{- define "enterprise-license" -}} +{{- if dig "license" dict .Values.enterprise -}} + {{- .Values.enterprise.license -}} +{{- else -}} + {{- .Values.license_key -}} +{{- end -}} +{{- end -}} + +{{/* +return licenseSecretRef checks deprecated values entry if current values empty +*/}} +{{- define "enterprise-secret" -}} +{{- if ( dig "licenseSecretRef" dict .Values.enterprise ) -}} + {{- .Values.enterprise.licenseSecretRef -}} +{{- else if not (empty .Values.license_secret_ref ) -}} + {{- .Values.license_secret_ref -}} +{{- end -}} +{{- end -}} + +{{/* +return licenseSecretRef.name checks deprecated values entry if current values empty +*/}} +{{- define "enterprise-secret-name" -}} +{{- if ( dig "licenseSecretRef" dict .Values.enterprise ) -}} + {{- dig "name" "" .Values.enterprise.licenseSecretRef -}} +{{- else if not (empty .Values.license_secret_ref ) -}} + {{- dig "secret_name" "" .Values.license_secret_ref -}} +{{- end -}} +{{- end -}} + +{{/* +return licenseSecretRef.key checks deprecated values entry if current values empty +*/}} +{{- define "enterprise-secret-key" -}} +{{- if ( dig "licenseSecretRef" dict .Values.enterprise ) -}} + {{- dig "key" "" .Values.enterprise.licenseSecretRef -}} +{{- else if not (empty .Values.license_secret_ref ) -}} + {{- dig "secret_key" "" .Values.license_secret_ref -}} +{{- end -}} +{{- end -}} + +{{/* mounts that are common to all containers */}} +{{- define "common-mounts" -}} + {{- if and .Values.auth.sasl.enabled (not (empty .Values.auth.sasl.secretRef )) }} +- name: users + mountPath: /etc/secrets/users + readOnly: true + {{- end }} + {{- if (include "tls-enabled" . | fromJson).bool }} + {{- range $name, $cert := .Values.tls.certs }} +- name: redpanda-{{ $name }}-cert + mountPath: {{ printf "/etc/tls/certs/%s" $name }} + {{- end }} {{- end }} {{- end -}} + +{{/* mounts that are common to most containers */}} +{{- define "default-mounts" -}} +- name: config + mountPath: /etc/redpanda +{{- include "common-mounts" . }} +{{- end -}} + +{{/* volumes that are common to all pods */}} +{{- define "common-volumes" -}} + {{- if (include "tls-enabled" . | fromJson).bool -}} + {{- range $name, $cert := .Values.tls.certs }} + {{- $r := set $ "tempCert" ( dict "name" $name "cert" $cert ) }} +- name: redpanda-{{ $name }}-cert + secret: + secretName: {{ template "cert-secret-name" $r }} + defaultMode: 0o440 + {{- end }} + {{- end -}} + {{- if and .Values.auth.sasl.enabled (not (empty .Values.auth.sasl.secretRef )) }} +- name: users + secret: + secretName: {{ .Values.auth.sasl.secretRef }} + {{- end }} +{{- end -}} + +{{/* the default set of volumes for most pods, except the sts pod */}} +{{- define "default-volumes" -}} +- name: config + configMap: + name: {{ include "redpanda.fullname" . }} +{{- include "common-volumes" . }} +{{- end -}} \ No newline at end of file diff --git a/charts/redpanda/redpanda/templates/console/configmap-and-deployment.yaml b/charts/redpanda/redpanda/templates/console/configmap-and-deployment.yaml index e2d9486dc..4a4bd946e 100644 --- a/charts/redpanda/redpanda/templates/console/configmap-and-deployment.yaml +++ b/charts/redpanda/redpanda/templates/console/configmap-and-deployment.yaml @@ -15,6 +15,28 @@ See the License for the specific language governing permissions and limitations under the License. */}} {{ $values := .Values }} + +{{/* Secret */}} +{{ $secretConfig := dict }} +{{ if and .Values.console.enabled (not .Values.console.secret.create) }} +{{ $licenseKey := ( include "enterprise-license" . ) }} +{{ $secretConfig = ( dict + "create" true + "enterprise" ( dict "license" $licenseKey) + ) +}} + +{{ $config := dict + "Values" (dict + "secret" $secretConfig + )}} + +{{ $console := deepCopy .Subcharts.console }} +{{ $console = merge $config $console }} +--- +{{ include (print .Subcharts.console.Template.BasePath "/secret.yaml") $console }} +{{ end }} + {{ $configmap := dict }} {{/* if the console chart has the creation of the configmap disabled, create it here instead */}} {{ if and .Values.console.enabled (not .Values.console.configmap.create) }} @@ -93,19 +115,22 @@ limitations under the License. "kafka" $consoleConfigKafka "connect" $connectConfig }} + {{ $config := dict "Values" (dict "console" (dict "config" $consoleConfig) "configmap" $consoleConfigmap + "secret" $secretConfig ) }} {{ $console := deepCopy .Subcharts.console }} {{ $console = merge $config $console }} - +--- {{ include (print .Subcharts.console.Template.BasePath "/configmap.yaml") $console }} {{ $configmap = include (print .Subcharts.console.Template.BasePath "/configmap.yaml") $console }} {{ end }} + {{/* Deployment */}} {{ if and .Values.console.enabled (not .Values.console.deployment.create) }} @@ -229,12 +254,26 @@ limitations under the License. "value" (print (include "admin-http-protocol" .) "://" (include "admin-api-service-url" .)) )}} +{{ $enterprise := dict }} +{{ if ( include "enterprise-secret" .) }} + {{ $enterprise = dict + "licenseSecretRef" ( dict + "name" ( include "enterprise-secret-name" . ) + "key" ( include "enterprise-secret-key" . ) + ) + }} +{{ end }} + {{ $extraEnv := concat $kafkaTLS $schemaRegistryTLS $adminAPI}} -{{ $consoleValues := dict "Values" (dict +{{ $consoleValues := dict + "Values" (dict "extraVolumes" $extraVolumes "extraVolumeMounts" $extraVolumeMounts "extraEnv" $extraEnv + "secret" $secretConfig + "enterprise" $enterprise )}} + {{ if not (empty $command) }} {{ $consoleValues := merge $consoleValues (dict "Values" (dict "deployment" (dict "command" $command))) }} {{ end }} @@ -246,6 +285,7 @@ limitations under the License. {{ $helmVars := deepCopy .Subcharts.console }} {{ $helmVars := merge $consoleValues $helmVars }} + --- {{ include (print .Subcharts.console.Template.BasePath "/deployment.yaml") $helmVars }} {{ end }} diff --git a/charts/redpanda/redpanda/templates/post-install-upgrade-job.yaml b/charts/redpanda/redpanda/templates/post-install-upgrade-job.yaml index ebf418d1d..208365080 100644 --- a/charts/redpanda/redpanda/templates/post-install-upgrade-job.yaml +++ b/charts/redpanda/redpanda/templates/post-install-upgrade-job.yaml @@ -70,23 +70,23 @@ spec: containers: - name: {{ template "redpanda.name" . }}-post-install image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} - {{- if not (empty .Values.license_secret_ref) }} + {{- if not ( empty (include "enterprise-secret" . ) ) }} env: - name: REDPANDA_LICENSE valueFrom: secretKeyRef: - name: {{ .Values.license_secret_ref.secret_name }} - key: {{ .Values.license_secret_ref.secret_key }} + name: {{ include "enterprise-secret-name" . }} + key: {{ include "enterprise-secret-key" . }} {{- end }} command: ["bash","-c"] args: - | set -e {{- if (include "redpanda-atleast-22-2-0" . | fromJson).bool }} - {{- if not (empty .Values.license_secret_ref) }} + {{- if not (empty (include "enterprise-secret" . ) ) }} rpk cluster license set "$REDPANDA_LICENSE" {{ template "rpk-acl-user-flags" $ }} - {{- else if not (empty .Values.license_key) }} - rpk cluster license set {{ .Values.license_key | quote }} {{ template "rpk-acl-user-flags" $ }} + {{- else if not ( empty (include "enterprise-license" . ) ) }} + rpk cluster license set {{ include "enterprise-license" . | quote }} {{ template "rpk-acl-user-flags" $ }} {{- end }} {{- end }} {{- with .Values.post_install_job.resources }} @@ -94,51 +94,7 @@ spec: {{- toYaml . | nindent 10 }} {{- end }} securityContext: {{ include "container-security-context" . | nindent 10 }} - volumeMounts: - - name: {{ template "redpanda.fullname" . }} - mountPath: /tmp/base-config - - name: config - mountPath: /etc/redpanda - {{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - {{- end }} - {{- end }} - {{- if and $sasl.enabled (not (empty $sasl.secretRef )) }} - - name: {{ $sasl.secretRef }} - mountPath: "/etc/secrets/users" - readOnly: true - {{- end}} - volumes: - - name: {{ template "redpanda.fullname" . }} - configMap: - name: {{ template "redpanda.fullname" . }} - - name: config - emptyDir: {} -{{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 420 - items: - - key: tls.key - path: tls.key - - key: tls.crt - path: tls.crt - {{- if $cert.caEnabled }} - - key: ca.crt - path: ca.crt - {{- end }} - secretName: {{ template "cert-secret-name" $r }} - {{- end }} -{{- end -}} - {{- if and $sasl.enabled (not (empty $sasl.secretRef )) }} - - name: {{ $sasl.secretRef }} - secret: - secretName: {{ $sasl.secretRef }} - optional: false - {{- end }} + volumeMounts: {{- include "default-mounts" . | nindent 10 }} + volumes: {{ include "default-volumes" . | nindent 8 }} serviceAccountName: {{ include "redpanda.serviceAccountName" . }} {{- end -}} diff --git a/charts/redpanda/redpanda/templates/post-upgrade.yaml b/charts/redpanda/redpanda/templates/post-upgrade.yaml index 4a6de88a6..74ca032d7 100644 --- a/charts/redpanda/redpanda/templates/post-upgrade.yaml +++ b/charts/redpanda/redpanda/templates/post-upgrade.yaml @@ -91,50 +91,6 @@ spec: envFrom: {{- include "common.tplvalues.render" (dict "value" .Values.post_upgrade_job.extraEnvFrom "context" $) | nindent 10 }} {{- end }} - volumeMounts: - - name: {{ template "redpanda.fullname" . }} - mountPath: /tmp/base-config - - name: config - mountPath: /etc/redpanda -{{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - {{- end }} -{{- end }} - {{- if and $sasl.enabled (not (empty $sasl.secretRef )) }} - - name: {{ $sasl.secretRef }} - mountPath: "/etc/secrets/users" - readOnly: true - {{- end}} - volumes: - - name: {{ template "redpanda.fullname" . }} - configMap: - name: {{ template "redpanda.fullname" . }} - - name: config - emptyDir: {} -{{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 420 - items: - - key: tls.key - path: tls.key - - key: tls.crt - path: tls.crt - {{- if $cert.caEnabled }} - - key: ca.crt - path: ca.crt - {{- end }} - secretName: {{ template "cert-secret-name" $r }} - {{- end }} -{{- end -}} - {{- if and $sasl.enabled (not (empty $sasl.secretRef )) }} - - name: {{ $sasl.secretRef }} - secret: - secretName: {{ $sasl.secretRef }} - optional: false - {{- end }} + volumeMounts: {{- include "default-mounts" . | nindent 10 }} + volumes: {{ include "default-volumes" . | nindent 8 }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/statefulset.yaml b/charts/redpanda/redpanda/templates/statefulset.yaml index 1e988df8f..b2ddd1ede 100644 --- a/charts/redpanda/redpanda/templates/statefulset.yaml +++ b/charts/redpanda/redpanda/templates/statefulset.yaml @@ -78,43 +78,43 @@ spec: privileged: true runAsUser: 0 runAsGroup: 0 - volumeMounts: -{{- if dig "initContainers" "tuning" "extraVolumeMounts" false .Values.statefulset -}} -{{ tpl .Values.statefulset.initContainers.tuning.extraVolumeMounts . | nindent 12 }} -{{- end }} + volumeMounts: {{ include "common-mounts" . | nindent 12 }} + {{- if dig "initContainers" "tuning" "extraVolumeMounts" false .Values.statefulset -}} + {{ tpl .Values.statefulset.initContainers.tuning.extraVolumeMounts . | nindent 12 }} + {{- end }} - name: {{ template "redpanda.fullname" . }} mountPath: /etc/redpanda - {{- if get .Values.statefulset.initContainers.tuning "resources" }} + {{- if get .Values.statefulset.initContainers.tuning "resources" }} resources: {{- toYaml .Values.statefulset.initContainers.tuning.resources | nindent 12 }} - {{- end }} + {{- end }} {{- end }} {{- if .Values.statefulset.initContainers.setDataDirOwnership.enabled }} - name: set-datadir-ownership image: {{ .Values.statefulset.initContainerImage.repository }}:{{ .Values.statefulset.initContainerImage.tag }} command: ["/bin/sh", "-c", "chown {{ $uid }}:{{ $gid }} -R /var/lib/redpanda/data"] - volumeMounts: -{{- if dig "initContainers" "setDataDirOwnership" "extraVolumeMounts" false .Values.statefulset -}} -{{ tpl .Values.statefulset.initContainers.setDataDirOwnership.extraVolumeMounts . | nindent 12 }} -{{- end }} + volumeMounts: {{ include "common-mounts" . | nindent 12 }} + {{- if dig "initContainers" "setDataDirOwnership" "extraVolumeMounts" false .Values.statefulset -}} + {{ tpl .Values.statefulset.initContainers.setDataDirOwnership.extraVolumeMounts . | nindent 12 }} + {{- end }} - name: datadir mountPath: /var/lib/redpanda/data - {{- if .Values.statefulset.initContainers.setDataDirOwnership.resources }} + {{- if .Values.statefulset.initContainers.setDataDirOwnership.resources }} resources: {{- toYaml .Values.statefulset.initContainers.setDataDirOwnership.resources | nindent 12 }} - {{- end }} + {{- end }} {{- end }} {{- if and (include "is-licensed" . | fromJson).bool .Values.storage.tieredConfig.cloud_storage_enabled }} - name: set-tiered-storage-cache-dir-ownership image: {{ .Values.statefulset.initContainerImage.repository }}:{{ .Values.statefulset.initContainerImage.tag }} command: ["/bin/sh", "-c", 'chown {{ $uid }}:{{ $gid }} -R {{ template "tieredStorage.cacheDirectory" . }}'] - volumeMounts: -{{- if dig "initContainers" "setTieredStorageCacheDirOwnership" "extraVolumeMounts" false .Values.statefulset -}} -{{ tpl .Values.statefulset.initContainers.setTieredStorageCacheDirOwnership.extraVolumeMounts . | nindent 12 }} -{{- end }} + volumeMounts: {{ include "common-mounts" . | nindent 12 }} + {{- if dig "initContainers" "setTieredStorageCacheDirOwnership" "extraVolumeMounts" false .Values.statefulset -}} + {{ tpl .Values.statefulset.initContainers.setTieredStorageCacheDirOwnership.extraVolumeMounts . | nindent 12 }} + {{- end }} - name: tiered-storage-dir mountPath: {{ template "tieredStorage.cacheDirectory" . }} - {{- if get .Values.statefulset.initContainers.setTieredStorageCacheDirOwnership "resources" }} + {{- if get .Values.statefulset.initContainers.setTieredStorageCacheDirOwnership "resources" }} resources: {{- toYaml .Values.statefulset.initContainers.setTieredStorageCacheDirOwnership.resources | nindent 12 }} - {{- end }} + {{- end }} {{- end }} - name: {{ (include "redpanda.name" .) | trunc 51 }}-configurator image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} @@ -134,21 +134,21 @@ spec: fieldRef: fieldPath: spec.nodeName securityContext: {{ include "container-security-context" . | nindent 12 }} - volumeMounts: + volumeMounts: {{ include "common-mounts" . | nindent 12 }} {{- if dig "initContainers" "configurator" "extraVolumeMounts" false .Values.statefulset -}} -{{ tpl .Values.statefulset.initContainers.configurator.extraVolumeMounts . | nindent 12 }} + {{ tpl .Values.statefulset.initContainers.configurator.extraVolumeMounts . | nindent 12 }} {{- end }} - - name: {{ template "redpanda.fullname" . }} - mountPath: /tmp/base-config - name: config mountPath: /etc/redpanda + - name: {{ template "redpanda.fullname" . }} + mountPath: /tmp/base-config - name: {{ (include "redpanda.name" .) | trunc 51 }}-configurator mountPath: /etc/secrets/configurator/scripts/ - {{- if get .Values.statefulset.initContainers.configurator "resources" }} +{{- if get .Values.statefulset.initContainers.configurator "resources" }} resources: {{- toYaml .Values.statefulset.initContainers.configurator.resources | nindent 12 }} - {{- end }} +{{- end }} {{- if dig "initContainers" "extraInitContainers" false .Values.statefulset -}} -{{ tpl .Values.statefulset.initContainers.extraInitContainers . | nindent 8 }} + {{ tpl .Values.statefulset.initContainers.extraInitContainers . | nindent 8 }} {{- end }} containers: - name: {{ template "redpanda.name" . }} @@ -250,10 +250,14 @@ spec: {{- end }} {{- end }} securityContext: {{ include "container-security-context" . | nindent 12 }} - volumeMounts: + volumeMounts: {{ include "common-mounts" . | nindent 12 }} {{- if dig "extraVolumeMounts" false .Values.statefulset -}} -{{ tpl .Values.statefulset.extraVolumeMounts . | nindent 12 }} + {{ tpl .Values.statefulset.extraVolumeMounts . | nindent 12 }} {{- end }} + - name: config + mountPath: /etc/redpanda + - name: {{ template "redpanda.fullname" . }} + mountPath: /tmp/base-config - name: lifecycle-scripts mountPath: /var/lifecycle - name: datadir @@ -262,19 +266,6 @@ spec: - name: tiered-storage-dir mountPath: {{ template "tieredStorage.cacheDirectory" . }} {{- end }} - - name: config - mountPath: /etc/redpanda -{{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - {{- end }} -{{- end }} -{{- if and .Values.auth.sasl.enabled (not (empty .Values.auth.sasl.secretRef )) }} - - name: {{ .Values.auth.sasl.secretRef }} - mountPath: /etc/secrets/users - readOnly: true -{{- end}} resources: {{- if hasKey .Values.resources.memory "min" }} requests: @@ -284,7 +275,7 @@ spec: limits: cpu: {{ .Values.resources.cpu.cores }} memory: {{ .Values.resources.memory.container.max }} - {{- if .Values.statefulset.sideCars.configWatcher.enabled }} +{{- if .Values.statefulset.sideCars.configWatcher.enabled }} - name: config-watcher image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} command: @@ -292,32 +283,20 @@ spec: args: - -c - 'trap "exit 0" TERM; exec /etc/secrets/config-watcher/scripts/sasl-user.sh & wait $!' - {{- if get .Values.statefulset.sideCars.configWatcher "resources" }} + {{- if get .Values.statefulset.sideCars.configWatcher "resources" }} resources: {{- toYaml .Values.statefulset.sideCars.configWatcher.resources | nindent 12 }} - {{- end }} - {{- if get .Values.statefulset.sideCars.configWatcher "securityContext" }} + {{- end }} + {{- if get .Values.statefulset.sideCars.configWatcher "securityContext" }} securityContext: {{- toYaml .Values.statefulset.sideCars.configWatcher.securityContext | nindent 12 }} - {{- end }} - volumeMounts: -{{- if dig "sideCars" "configWatcher" "extraVolumeMounts" false .Values.statefulset -}} -{{ tpl .Values.statefulset.sideCars.configWatcher.extraVolumeMounts . | nindent 12 }} -{{- end }} + {{- end }} + volumeMounts: {{ include "common-mounts" . | nindent 12 }} + {{- if dig "sideCars" "configWatcher" "extraVolumeMounts" false .Values.statefulset -}} + {{ tpl .Values.statefulset.sideCars.configWatcher.extraVolumeMounts . | nindent 12 }} + {{- end }} - name: {{ template "redpanda.fullname" . }}-config-watcher mountPath: /etc/secrets/config-watcher/scripts readOnly: true - {{- if and .Values.auth.sasl.enabled (not (empty .Values.auth.sasl.secretRef )) }} - - name: {{ .Values.auth.sasl.secretRef }} - mountPath: /etc/secrets/users - readOnly: true - {{- end }} - {{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - readOnly: true - {{- end }} - {{- end }} - {{- end }} +{{- end }} {{- if and .Values.rbac.enabled .Values.statefulset.sideCars.controllers.enabled }} - name: redpanda-controllers image: {{ .Values.statefulset.sideCars.controllers.image.repository }}:{{ .Values.statefulset.sideCars.controllers.image.tag }} @@ -339,66 +318,42 @@ spec: securityContext: {{- toYaml .Values.statefulset.sideCars.controllers.securityContext | nindent 12 }} {{- end }} {{- end }} - volumes: -{{- if dig "extraVolumes" false .Values.statefulset -}} -{{ tpl .Values.statefulset.extraVolumes . | nindent 8 }} -{{- end }} + volumes: {{ include "common-volumes" . | nindent 8 }} + {{- if dig "extraVolumes" false .Values.statefulset -}} + {{ tpl .Values.statefulset.extraVolumes . | nindent 8 }} + {{- end }} - name: lifecycle-scripts secret: secretName: {{ (include "redpanda.fullname" . | trunc 50 ) }}-sts-lifecycle defaultMode: 0o775 - name: datadir -{{- if .Values.storage.persistentVolume.enabled }} + {{- if .Values.storage.persistentVolume.enabled }} persistentVolumeClaim: claimName: datadir -{{- else if .Values.storage.hostPath }} + {{- else if .Values.storage.hostPath }} hostPath: path: {{ .Values.storage.hostPath | quote }} -{{- else }} + {{- else }} emptyDir: {} -{{- end }} -{{- if and (include "is-licensed" . | fromJson).bool .Values.storage.tieredConfig.cloud_storage_enabled }} + {{- end }} + {{- if and (include "is-licensed" . | fromJson).bool .Values.storage.tieredConfig.cloud_storage_enabled }} - name: tiered-storage-dir -{{- if .Values.storage.tieredStoragePersistentVolume.enabled }} + {{- if .Values.storage.tieredStoragePersistentVolume.enabled }} persistentVolumeClaim: claimName: tiered-storage-dir -{{- else if .Values.storage.tieredStorageHostPath }} + {{- else if .Values.storage.tieredStorageHostPath }} hostPath: path: {{ .Values.storage.tieredStorageHostPath | quote }} -{{- else }} + {{- else }} emptyDir: sizeLimit: {{ .Values.storage.tieredConfig.cloud_storage_cache_size }} -{{- end }} -{{- end }} + {{- end }} + {{- end }} - name: {{ template "redpanda.fullname" . }} configMap: name: {{ template "redpanda.fullname" . }} - name: config emptyDir: {} -{{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 420 - items: - - key: tls.key - path: tls.key - - key: tls.crt - path: tls.crt - {{- if $cert.caEnabled }} - - key: ca.crt - path: ca.crt - {{- end }} - secretName: {{ template "cert-secret-name" $r }} - {{- end }} -{{- end }} - {{- if and .Values.auth.sasl.enabled (not (empty .Values.auth.sasl.secretRef )) }} - - name: {{ .Values.auth.sasl.secretRef }} - secret: - secretName: {{ .Values.auth.sasl.secretRef }} - optional: false - {{- end }} - name: {{ (include "redpanda.name" .) | trunc 51 }}-configurator secret: secretName: {{ (include "redpanda.name" .) | trunc 51 }}-configurator diff --git a/charts/redpanda/redpanda/templates/tests/test-api-status.yaml b/charts/redpanda/redpanda/templates/tests/test-api-status.yaml index e4681abf3..5acf4e4a4 100644 --- a/charts/redpanda/redpanda/templates/tests/test-api-status.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-api-status.yaml @@ -29,9 +29,7 @@ metadata: "helm.sh/hook-delete-policy": before-hook-creation spec: restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -48,13 +46,7 @@ spec: --brokers {{ include "redpanda.fullname" . }}-0.{{ include "redpanda.internal.domain" . }}:{{ .Values.listeners.kafka.port }} do sleep 2 done - volumeMounts: - - name: {{ template "redpanda.fullname" . }} - mountPath: /tmp/base-config - volumes: - - name: {{ template "redpanda.fullname" . }} - configMap: - name: {{ template "redpanda.fullname" . }} - - name: config - emptyDir: {} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/tests/test-connector-via-console.yaml b/charts/redpanda/redpanda/templates/tests/test-connector-via-console.yaml index edf6112cb..dd1404a9a 100644 --- a/charts/redpanda/redpanda/templates/tests/test-connector-via-console.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-connector-via-console.yaml @@ -41,9 +41,7 @@ metadata: "helm.sh/hook-delete-policy": before-hook-creation spec: restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -179,32 +177,7 @@ spec: rpk topic list {{ include "rpk-topic-flags" . }} rpk topic delete {{ $testTopic }} source.{{ $testTopic }} mm2-offset-syncs.test-only-redpanda.internal {{ include "rpk-topic-flags" . }} - volumeMounts: -{{- if (include "tls-enabled" . | fromJson).bool -}} - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - {{- end }} -{{- end }} -{{- if $sasl.enabled }} - - name: {{ $sasl.secretRef }} - mountPath: "/etc/secrets/users" - readOnly: true -{{- end}} - volumes: -{{- if $sasl.enabled }} - - name: {{ $sasl.secretRef }} - secret: - secretName: {{ $sasl.secretRef }} - optional: false -{{- end }} -{{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 0644 - secretName: {{ template "cert-secret-name" $r }} - {{- end }} -{{- end -}} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/tests/test-console.yaml b/charts/redpanda/redpanda/templates/tests/test-console.yaml index b2a449f70..5b96eb198 100644 --- a/charts/redpanda/redpanda/templates/tests/test-console.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-console.yaml @@ -29,9 +29,7 @@ metadata: "helm.sh/hook-delete-policy": before-hook-creation spec: restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -45,13 +43,7 @@ spec: - -c - | curl -svm3 --fail --retry 120 --retry-max-time 120 --retry-all-errors http://{{ include "redpanda.fullname" . }}-console.{{ .Release.Namespace }}.svc:{{ include "console.containerPort" (dict "Values" .Values.console) }}/api/cluster - volumeMounts: - - name: {{ template "redpanda.fullname" . }} - mountPath: /tmp/base-config - volumes: - - name: {{ template "redpanda.fullname" . }} - configMap: - name: {{ template "redpanda.fullname" . }} - - name: config - emptyDir: {} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/tests/test-internal-external-tls-secrets.yaml b/charts/redpanda/redpanda/templates/tests/test-internal-external-tls-secrets.yaml index 647bf41ae..4d0f671b4 100644 --- a/charts/redpanda/redpanda/templates/tests/test-internal-external-tls-secrets.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-internal-external-tls-secrets.yaml @@ -31,9 +31,7 @@ metadata: "helm.sh/hook-delete-policy": before-hook-creation spec: restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -119,26 +117,7 @@ spec: {{- end }} {{- end }} - volumeMounts: - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - {{- end }} - volumes: - {{- range $name, $cert := .Values.tls.certs }} - {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 420 - items: - - key: tls.key - path: tls.key - - key: tls.crt - path: tls.crt - {{- if $cert.caEnabled }} - - key: ca.crt - path: ca.crt - {{- end }} - secretName: {{ template "cert-secret-name" $r }} - {{- end }} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/tests/test-kafka-internal-tls-status.yaml b/charts/redpanda/redpanda/templates/tests/test-kafka-internal-tls-status.yaml index f6bc0a047..9f5731f4b 100644 --- a/charts/redpanda/redpanda/templates/tests/test-kafka-internal-tls-status.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-kafka-internal-tls-status.yaml @@ -32,9 +32,8 @@ metadata: "helm.sh/hook-delete-policy": before-hook-creation spec: restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} + fsGroup: 65535 {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -59,26 +58,7 @@ spec: do sleep 2 done resources: {{ toYaml .Values.statefulset.resources | nindent 12 }} - volumeMounts: - - name: {{ template "redpanda.fullname" . }} - mountPath: /tmp/base-config - - name: config - mountPath: /etc/redpanda - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - {{- end }} - volumes: - - name: {{ template "redpanda.fullname" . }} - configMap: - name: {{ template "redpanda.fullname" . }} - - name: config - emptyDir: {} - {{- range $name, $cert := .Values.tls.certs }} - {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 0644 - secretName: {{ template "cert-secret-name" $r }} - {{- end }} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml b/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml index d5b871a1e..b497f58f4 100644 --- a/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml @@ -31,9 +31,7 @@ metadata: "helm.sh/hook-delete-policy": before-hook-creation spec: restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -69,39 +67,7 @@ spec: rpk topic consume produce.consume.test.$POD_NAME -n 1 {{ include "rpk-topic-flags" . }} | grep "Pandas are awesome!" rpk topic delete produce.consume.test.$POD_NAME {{ include "rpk-topic-flags" . }} {{- end }} - volumeMounts: - - name: config - mountPath: /etc/redpanda -{{- if (include "tls-enabled" . | fromJson).bool -}} - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - {{- end }} -{{- end }} -{{- if $sasl.enabled }} - - name: {{ $sasl.secretRef }} - mountPath: "/etc/secrets/users" - readOnly: true -{{- end}} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} resources: {{ toYaml .Values.statefulset.resources | nindent 12 }} - volumes: - - name: {{ template "redpanda.fullname" . }} - configMap: - name: {{ template "redpanda.fullname" . }} - - name: config - emptyDir: {} -{{- if $sasl.enabled }} - - name: {{ $sasl.secretRef }} - secret: - secretName: {{ $sasl.secretRef }} - optional: false -{{- end }} -{{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 0644 - secretName: {{ template "cert-secret-name" $r }} - {{- end }} -{{- end -}} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} diff --git a/charts/redpanda/redpanda/templates/tests/test-kafka-sasl-status.yaml b/charts/redpanda/redpanda/templates/tests/test-kafka-sasl-status.yaml index c36e37fb4..6c88c0eec 100644 --- a/charts/redpanda/redpanda/templates/tests/test-kafka-sasl-status.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-kafka-sasl-status.yaml @@ -35,9 +35,7 @@ metadata: "helm.sh/hook-delete-policy": before-hook-creation spec: restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -64,40 +62,9 @@ spec: {{ include "rpk-topic-describe" $rpk }} {{ include "rpk-topic-delete" $rpk }} rpk acl user delete myuser {{ include "rpk-acl-user-flags" . }} - volumeMounts: - - name: config - mountPath: /etc/redpanda -{{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - {{- end }} -{{- end }} - {{- if (not (empty $sasl.secretRef )) }} - - name: {{ $sasl.secretRef }} - mountPath: "/etc/secrets/users" - readOnly: true - {{- end}} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} resources: {{- toYaml .Values.statefulset.resources | nindent 12 }} - volumes: - - name: {{ template "redpanda.fullname" . }} - configMap: - name: {{ template "redpanda.fullname" . }} - - name: config - emptyDir: {} - {{- if (not (empty $sasl.secretRef )) }} - - name: {{ $sasl.secretRef }} - secret: - secretName: {{ $sasl.secretRef }} - optional: false - {{- end }} -{{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 0644 - secretName: {{ template "redpanda.fullname" $ }}-{{ $name }}-cert - {{- end }} -{{- end -}} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/tests/test-lifecycle-scripts.yaml b/charts/redpanda/redpanda/templates/tests/test-lifecycle-scripts.yaml index d87204ee8..ef521d09d 100644 --- a/charts/redpanda/redpanda/templates/tests/test-lifecycle-scripts.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-lifecycle-scripts.yaml @@ -28,9 +28,7 @@ metadata: helm.sh/hook-delete-policy: before-hook-creation spec: restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -42,7 +40,7 @@ spec: value: {{ include "redpanda.fullname" . }}-0 command: - /bin/timeout - - "{{ mul .Values.statefulset.terminationGracePeriodSecond 2 }}" + - "{{ mul .Values.statefulset.terminationGracePeriodSeconds 2 }}" - bash - -xec - | @@ -55,36 +53,12 @@ spec: ls -l /tmp/postStart* test -f /tmp/postStartHookStarted test -f /tmp/postStartHookFinished - volumeMounts: + volumeMounts: {{ include "default-mounts" . | nindent 8 }} - name: lifecycle-scripts mountPath: /var/lifecycle -{{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - readOnly: true - {{- end }} -{{- end }} - volumes: + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} - name: lifecycle-scripts secret: secretName: {{ (include "redpanda.fullname" . | trunc 50 ) }}-sts-lifecycle defaultMode: 0o775 -{{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - {{- $r := set $ "tempCert" ( dict "name" $name "cert" $cert ) }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 420 - items: - - key: tls.key - path: tls.key - - key: tls.crt - path: tls.crt - {{- if $cert.caEnabled }} - - key: ca.crt - path: ca.crt - {{- end }} - secretName: {{ template "cert-secret-name" $r }} - {{- end }} -{{- end }} diff --git a/charts/redpanda/redpanda/templates/tests/test-loadbalancer-tls.yaml b/charts/redpanda/redpanda/templates/tests/test-loadbalancer-tls.yaml index 8b5d43bd6..d1cde8df0 100644 --- a/charts/redpanda/redpanda/templates/tests/test-loadbalancer-tls.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-loadbalancer-tls.yaml @@ -32,9 +32,7 @@ metadata: spec: serviceAccountName: test-loadbalancer-tls-redpanda restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -126,29 +124,9 @@ spec: {{- end }} {{- end }} {{- end }} - volumeMounts: - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - {{- end }} - volumes: - {{- range $name, $cert := .Values.tls.certs }} - {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 420 - items: - - key: tls.key - path: tls.key - - key: tls.crt - path: tls.crt - {{- if $cert.caEnabled }} - - key: ca.crt - path: ca.crt - {{- end }} - secretName: {{ template "cert-secret-name" $r }} - {{- end }} - + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} --- apiVersion: v1 kind: ServiceAccount diff --git a/charts/redpanda/redpanda/templates/tests/test-nodeport-tls.yaml b/charts/redpanda/redpanda/templates/tests/test-nodeport-tls.yaml index 3b837b942..21ce0bb97 100644 --- a/charts/redpanda/redpanda/templates/tests/test-nodeport-tls.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-nodeport-tls.yaml @@ -32,9 +32,7 @@ metadata: spec: serviceAccountName: test-nodeport-tls-redpanda-no-a-test restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -127,29 +125,9 @@ spec: {{- end }} {{- end }} {{- end }} - volumeMounts: - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - {{- end }} - volumes: - {{- range $name, $cert := .Values.tls.certs }} - {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 420 - items: - - key: tls.key - path: tls.key - - key: tls.crt - path: tls.crt - {{- if $cert.caEnabled }} - - key: ca.crt - path: ca.crt - {{- end }} - secretName: {{ template "cert-secret-name" $r }} - {{- end }} - + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} --- apiVersion: v1 kind: ServiceAccount diff --git a/charts/redpanda/redpanda/templates/tests/test-pandaproxy-internal-tls-status.yaml b/charts/redpanda/redpanda/templates/tests/test-pandaproxy-internal-tls-status.yaml index 38da9dd07..0329753b9 100644 --- a/charts/redpanda/redpanda/templates/tests/test-pandaproxy-internal-tls-status.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-pandaproxy-internal-tls-status.yaml @@ -33,9 +33,7 @@ metadata: "helm.sh/hook-delete-policy": before-hook-creation spec: restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -67,31 +65,8 @@ spec: --cacert /etc/tls/certs/{{ $service.tls.cert }}/ca.crt \ {{- end }} https://{{ include "redpanda.internal.domain" . }}:{{ .Values.listeners.http.port }}/topics - volumeMounts: - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - {{- end }} - {{- if $sasl.enabled }} - - name: {{ $sasl.secretRef }} - mountPath: "/etc/secrets/users" - readOnly: true - {{- end}} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} resources: {{ toYaml .Values.statefulset.resources | nindent 12 }} - volumes: - {{- if $sasl.enabled }} - - name: {{ $sasl.secretRef }} - secret: - secretName: {{ $sasl.secretRef }} - optional: false - {{- end }} - {{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 0644 - secretName: {{ template "cert-secret-name" $r }} - {{- end }} - {{- end }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} {{- end -}} diff --git a/charts/redpanda/redpanda/templates/tests/test-pandaproxy-status.yaml b/charts/redpanda/redpanda/templates/tests/test-pandaproxy-status.yaml index 705a64bd4..de75cc29a 100644 --- a/charts/redpanda/redpanda/templates/tests/test-pandaproxy-status.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-pandaproxy-status.yaml @@ -30,9 +30,7 @@ metadata: "helm.sh/hook-delete-policy": before-hook-creation spec: restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -58,17 +56,7 @@ spec: -u $USERNAME:$PASSWORD \ {{- end }} http://{{ include "redpanda.servicename" . }}:{{ .Values.listeners.http.port }}/topics - volumeMounts: - {{- if $sasl.enabled }} - - name: {{ $sasl.secretRef }} - mountPath: "/etc/secrets/users" - readOnly: true - {{- end}} - volumes: - {{- if $sasl.enabled }} - - name: {{ $sasl.secretRef }} - secret: - secretName: {{ $sasl.secretRef }} - optional: false - {{- end }} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/tests/test-prometheus-targets.yaml b/charts/redpanda/redpanda/templates/tests/test-prometheus-targets.yaml index bb8aeb8ae..08f9e7e2b 100644 --- a/charts/redpanda/redpanda/templates/tests/test-prometheus-targets.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-prometheus-targets.yaml @@ -33,9 +33,7 @@ metadata: "helm.sh/hook-delete-policy": before-hook-creation spec: restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/tests/test-rack-awareness.yaml b/charts/redpanda/redpanda/templates/tests/test-rack-awareness.yaml index 5855027ea..4b6c56f0d 100644 --- a/charts/redpanda/redpanda/templates/tests/test-rack-awareness.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-rack-awareness.yaml @@ -29,9 +29,7 @@ metadata: "helm.sh/hook-delete-policy": before-hook-creation spec: restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -70,25 +68,6 @@ spec: --host {{ include "redpanda.internal.domain" . }}:{{ .Values.listeners.admin.port }} | grep '"enable_rack_awareness": {{ .Values.rackAwareness.enabled }}' rpk cluster config get enable_rack_awareness {{ template "rpk-acl-user-flags" $ }} | grep '{{ .Values.rackAwareness.enabled }}' -{{- if (include "tls-enabled" . | fromJson).bool }} - volumeMounts: - {{- range $name, $cert := .Values.tls.certs }} - {{- if and $cert.caEnabled (eq $name "default") }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - {{- end }} - {{- end }} - volumes: - {{- range $name, $cert := .Values.tls.certs }} - {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - {{- if and $cert.caEnabled (eq $name "default") }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 420 - items: - - key: ca.crt - path: ca.crt - secretName: {{ template "cert-secret-name" $r }} - {{- end }} - {{- end }} -{{- end }} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} diff --git a/charts/redpanda/redpanda/templates/tests/test-rpk-debug-bundle.yaml b/charts/redpanda/redpanda/templates/tests/test-rpk-debug-bundle.yaml index 0580d4def..e1a5eb6ec 100644 --- a/charts/redpanda/redpanda/templates/tests/test-rpk-debug-bundle.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-rpk-debug-bundle.yaml @@ -40,7 +40,7 @@ metadata: "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded spec: restartPolicy: Never - securityContext: + securityContext: {{ include "pod-security-context" . | nindent 4 }} fsGroup: 101 affinity: podAffinity: @@ -55,24 +55,11 @@ spec: initContainers: - name: {{ template "redpanda.name" . }} image: {{ .Values.image.repository}}:{{ template "redpanda.tag" . }} - volumeMounts: + volumeMounts: {{ include "default-mounts" . | nindent 8 }} - name: shared-data mountPath: /usr/share/redpanda/test - - name: config - mountPath: /etc/redpanda - name: datadir mountPath: /var/lib/redpanda/data -{{- if (include "tls-enabled" . | fromJson).bool -}} - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - {{- end }} -{{- end }} -{{- if $useSaslSecret }} - - name: {{ $sasl.secretRef }} - mountPath: "/etc/secrets/users" - readOnly: true -{{- end}} command: - /bin/bash - -c @@ -82,7 +69,7 @@ spec: containers: - name: {{ template "redpanda.name" . }}-tester image: busybox:latest - volumeMounts: + volumeMounts: {{ include "default-mounts" . | nindent 8 }} - name: shared-data mountPath: /test command: @@ -95,36 +82,12 @@ spec: test -f /tmp/bundle/logs/{{ .Release.Namespace }}-0.txt test -f /tmp/bundle/logs/{{ .Release.Namespace }}-1.txt test -f /tmp/bundle/logs/{{ .Release.Namespace }}-2.txt - + test -d /tmp/bundle/controller test -f /tmp/bundle/k8s/pods.json test -f /tmp/bundle/k8s/configmaps.json - volumes: - - name: shared-data - emptyDir: {} - - name: config - emptyDir: {} - - name: {{ template "redpanda.fullname" . }} - configMap: - name: {{ template "redpanda.fullname" . }} - - name: datadir - persistentVolumeClaim: - claimName: datadir-{{ include "redpanda.fullname" . }}-0 -{{- if $useSaslSecret }} - - name: {{ $sasl.secretRef }} - secret: - secretName: {{ $sasl.secretRef }} - optional: false -{{- end }} -{{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 0644 - secretName: {{ template "redpanda.fullname" $ }}-{{ $name }}-cert - {{- end }} -{{- end -}} - + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} {{- end -}} */}} \ No newline at end of file diff --git a/charts/redpanda/redpanda/templates/tests/test-sasl-updated.yaml b/charts/redpanda/redpanda/templates/tests/test-sasl-updated.yaml index 8eedec246..c691f9187 100644 --- a/charts/redpanda/redpanda/templates/tests/test-sasl-updated.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-sasl-updated.yaml @@ -34,9 +34,7 @@ metadata: "helm.sh/hook-delete-policy": before-hook-creation spec: restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -56,43 +54,12 @@ spec: ready_result=$(rpk acl user list {{ include "rpk-acl-user-flags" . }} | grep anotheranotherme 2>&1) && ready_result_exit_code=$? sleep 2 done - + # check that sasl is not broken {{ include "rpk-cluster-info" $rpk }} - volumeMounts: - - name: config - mountPath: /etc/redpanda -{{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - {{- end }} -{{- end }} - {{- if (not (empty $sasl.secretRef )) }} - - name: {{ $sasl.secretRef }} - mountPath: "/etc/secrets/users" - readOnly: true - {{- end}} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} resources: {{- toYaml .Values.statefulset.resources | nindent 12 }} - volumes: - - name: {{ template "redpanda.fullname" . }} - configMap: - name: {{ template "redpanda.fullname" . }} - - name: config - emptyDir: {} - {{- if (not (empty $sasl.secretRef )) }} - - name: {{ $sasl.secretRef }} - secret: - secretName: {{ $sasl.secretRef }} - optional: false - {{- end }} -{{- if (include "tls-enabled" . | fromJson).bool }} - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 0644 - secretName: {{ template "redpanda.fullname" $ }}-{{ $name }}-cert - {{- end }} -{{- end -}} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/tests/test-schemaregistry-internal-tls-status.yaml b/charts/redpanda/redpanda/templates/tests/test-schemaregistry-internal-tls-status.yaml index 831157ce2..9eb192485 100644 --- a/charts/redpanda/redpanda/templates/tests/test-schemaregistry-internal-tls-status.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-schemaregistry-internal-tls-status.yaml @@ -33,9 +33,7 @@ metadata: "helm.sh/hook-delete-policy": before-hook-creation spec: restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -132,29 +130,8 @@ spec: echo "All of the trials failed to permanently delete schema!!!" exit 1 fi - volumeMounts: - {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} - {{- end }} - {{- if $sasl.enabled }} - - name: {{ $sasl.secretRef }} - mountPath: "/etc/secrets/users" - readOnly: true - {{- end}} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} resources: {{ toYaml .Values.statefulset.resources | nindent 12 }} - volumes: - {{- range $name, $cert := .Values.tls.certs }} - {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 0644 - secretName: {{ template "cert-secret-name" $r }} - {{- end }} - {{- if $sasl.enabled }} - - name: {{ $sasl.secretRef }} - secret: - secretName: {{ $sasl.secretRef }} - optional: false - {{- end }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} {{- end -}} diff --git a/charts/redpanda/redpanda/templates/tests/test-schemaregistry-status.yaml b/charts/redpanda/redpanda/templates/tests/test-schemaregistry-status.yaml index d35690218..7f98cb4ed 100644 --- a/charts/redpanda/redpanda/templates/tests/test-schemaregistry-status.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-schemaregistry-status.yaml @@ -30,9 +30,7 @@ metadata: "helm.sh/hook-delete-policy": before-hook-creation spec: restartPolicy: Never - securityContext: - runAsUser: 65535 - runAsGroup: 65535 + securityContext: {{ include "pod-security-context" . | nindent 4 }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 4 }} {{- end }} @@ -117,17 +115,7 @@ spec: echo "All of the trials failed to permanently delete schema!!!" exit 1 fi - volumeMounts: - {{- if $sasl.enabled }} - - name: {{ $sasl.secretRef }} - mountPath: "/etc/secrets/users" - readOnly: true - {{- end}} - volumes: - {{- if $sasl.enabled }} - - name: {{ $sasl.secretRef }} - secret: - secretName: {{ $sasl.secretRef }} - optional: false - {{- end }} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} {{- end }} diff --git a/charts/redpanda/redpanda/values.schema.json b/charts/redpanda/redpanda/values.schema.json index 2b8b4dc50..751e48732 100644 --- a/charts/redpanda/redpanda/values.schema.json +++ b/charts/redpanda/redpanda/values.schema.json @@ -73,6 +73,7 @@ }, "license_secret_ref": { "type": "object", + "deprecated": true, "properties": { "secret_name": { "type": "string" @@ -82,6 +83,25 @@ } } }, + "enterprise": { + "type": "object", + "properties": { + "license": { + "type": "string" + }, + "licenseSecretRef": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "key": { + "type": "string" + } + } + } + } + }, "rackAwareness": { "type": "object", "required": [ diff --git a/charts/redpanda/redpanda/values.yaml b/charts/redpanda/redpanda/values.yaml index e48fd8dd4..9164589e0 100644 --- a/charts/redpanda/redpanda/values.yaml +++ b/charts/redpanda/redpanda/values.yaml @@ -74,15 +74,26 @@ image: # See https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ imagePullSecrets: [] -# -- Enterprise license key (optional). +# -- DEPRECATED Enterprise license key (optional). # For details, # see the [License documentation](https://docs.redpanda.com/docs/get-started/licenses/?platform=kubernetes#redpanda-enterprise-edition). license_key: "" -# -- Secret name and secret key where the license key is stored. +# -- DEPRECATED Secret name and secret key where the license key is stored. license_secret_ref: {} # secret_name: my-secret # secret_key: key-where-license-is-stored +# -- Enterprise (optional) +# For details, +# see the [License documentation](https://docs.redpanda.com/docs/get-started/licenses/?platform=kubernetes#redpanda-enterprise-edition). +enterprise: + # -- license (optional). + license: "" + # -- Secret name and key where the license key is stored. + licenseSecretRef: {} + # name: my-secret + # key: key-where-license-is-stored + # -- Rack Awareness settings. # For details, # see the [Rack Awareness documentation](https://docs.redpanda.com/docs/manage/kubernetes/kubernetes-rack-awareness/). @@ -400,7 +411,7 @@ storage: annotations: {} # # -- Tiered Storage settings - # Requires `license_key` or `license_secret_ref` + # Requires `enterprise.licenseKey` or `enterprised.licenseSecretRef` # For details, # see the [Tiered Storage documentation](https://docs.redpanda.com/docs/manage/kubernetes/tiered-storage/). tieredConfig: @@ -640,6 +651,19 @@ statefulset: # -- Additional flags to pass to redpanda, additionalRedpandaCmdFlags: [] # - --unsafe-bypass-fsync + # -- Termination grace period in seconds is time required to execute preStop hook + # which puts particular Redpanda Pod (process/container) into maintenance mode. + # Before settle down on particular value please put Redpanda under load and perform + # rolling upgrade or rolling restart. That value needs to accommodate two processes: + # * preStop hook needs to put Redpanda into maintenance mode + # * after preStop hook Redpanda needs to handle gracefully SIGTERM signal + # + # Both processes are executed sequentially where preStop hook has hard deadline in the + # middle of terminationGracePeriodSeconds. + # + # REF: + # https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#hook-handler-execution + # https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-termination terminationGracePeriodSeconds: 90 ## Additional Volumes that you mount extraVolumes: |- diff --git a/charts/speedscale/speedscale-operator/Chart.yaml b/charts/speedscale/speedscale-operator/Chart.yaml index 73b648e5e..7cb592184 100644 --- a/charts/speedscale/speedscale-operator/Chart.yaml +++ b/charts/speedscale/speedscale-operator/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>= 1.17.0-0' catalog.cattle.io/release-name: speedscale-operator apiVersion: v1 -appVersion: 1.3.400 +appVersion: 1.3.405 description: Stress test your APIs with real world scenarios. Collect and replay traffic without scripting. home: https://speedscale.com @@ -24,4 +24,4 @@ maintainers: - email: support@speedscale.com name: Speedscale Support name: speedscale-operator -version: 1.3.33 +version: 1.3.34 diff --git a/charts/speedscale/speedscale-operator/README.md b/charts/speedscale/speedscale-operator/README.md index 1ab61f364..0f57830fd 100644 --- a/charts/speedscale/speedscale-operator/README.md +++ b/charts/speedscale/speedscale-operator/README.md @@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. -### Upgrade to 1.3.33 +### Upgrade to 1.3.34 ```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.33/templates/crds/trafficreplays.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.34/templates/crds/trafficreplays.yaml ``` ### Upgrade to 1.1.0 diff --git a/charts/speedscale/speedscale-operator/app-readme.md b/charts/speedscale/speedscale-operator/app-readme.md index 1ab61f364..0f57830fd 100644 --- a/charts/speedscale/speedscale-operator/app-readme.md +++ b/charts/speedscale/speedscale-operator/app-readme.md @@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. -### Upgrade to 1.3.33 +### Upgrade to 1.3.34 ```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.33/templates/crds/trafficreplays.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.34/templates/crds/trafficreplays.yaml ``` ### Upgrade to 1.1.0 diff --git a/charts/speedscale/speedscale-operator/values.yaml b/charts/speedscale/speedscale-operator/values.yaml index 1679e4307..1d437cdab 100644 --- a/charts/speedscale/speedscale-operator/values.yaml +++ b/charts/speedscale/speedscale-operator/values.yaml @@ -20,7 +20,7 @@ clusterName: "my-cluster" # Speedscale components image settings. image: registry: gcr.io/speedscale - tag: v1.3.400 + tag: v1.3.405 pullPolicy: Always # Log level for Speedscale components. diff --git a/index.yaml b/index.yaml index 0731f7e4e..dcf567106 100644 --- a/index.yaml +++ b/index.yaml @@ -80,6 +80,63 @@ entries: - assets/datawiza/access-broker-0.1.1.tgz version: 0.1.1 airflow: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Apache Airflow + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: airflow + category: WorkFlow + images: | + - name: airflow-exporter + image: docker.io/bitnami/airflow-exporter:0.20220314.0-debian-11-r413 + - name: airflow-scheduler + image: docker.io/bitnami/airflow-scheduler:2.7.1-debian-11-r2 + - name: airflow-worker + image: docker.io/bitnami/airflow-worker:2.7.1-debian-11-r2 + - name: airflow + image: docker.io/bitnami/airflow:2.7.1-debian-11-r5 + - name: git + image: docker.io/bitnami/git:2.42.0-debian-11-r20 + - name: os-shell + image: docker.io/bitnami/os-shell:11-debian-11-r63 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 2.7.1 + created: "2023-09-20T15:57:37.261776767Z" + dependencies: + - condition: redis.enabled + name: redis + repository: file://./charts/redis + version: 18.x.x + - condition: postgresql.enabled + name: postgresql + repository: file://./charts/postgresql + version: 12.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Apache Airflow is a tool to express and execute workflows as directed + acyclic graphs (DAGs). It includes utilities to schedule tasks, monitor task + progress and handle task dependencies. + digest: 7adf6f9aa6f214960f2f20c8deb43fe3a110c040033eb2629e65ebdb6b432c34 + home: https://bitnami.com + icon: https://svn.apache.org/repos/asf/comdev/project-logos/originals/airflow-1.svg + keywords: + - apache + - airflow + - workflow + - dag + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: airflow + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/airflow + urls: + - assets/bitnami/airflow-15.0.6.tgz + version: 15.0.6 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Apache Airflow @@ -1723,7 +1780,7 @@ entries: - annotations: artifacthub.io/changes: | - kind: fixed - description: fixed issue with argocd-server servicemonitor annotation attribute being added even when no annotations where defined + description: fixed repo-server deployment not restarting when a cmp configmap is modified artifacthub.io/signKey: | fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc @@ -1734,7 +1791,7 @@ entries: catalog.cattle.io/release-name: argo-cd apiVersion: v2 appVersion: v2.8.4 - created: "2023-09-18T16:56:35.467857805Z" + created: "2023-09-20T15:57:35.868133112Z" dependencies: - condition: redis-ha.enabled name: redis-ha @@ -1742,7 +1799,46 @@ entries: version: 4.23.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. - digest: 334ee7534490c371ccf0cde1322131b0388468022306b679c8313a8f2d0322c9 + digest: eb490e0ab6567b2db0d5a084b4207097129ece58411f76ccfd28a362dd4f8692 + home: https://github.com/argoproj/argo-helm + icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png + keywords: + - argoproj + - argocd + - gitops + kubeVersion: '>=1.23.0-0' + maintainers: + - name: argoproj + url: https://argoproj.github.io/ + name: argo-cd + sources: + - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd + - https://github.com/argoproj/argo-cd + urls: + - assets/argo/argo-cd-5.46.6.tgz + version: 5.46.6 + - annotations: + artifacthub.io/changes: | + - kind: fixed + description: fixed issue with argocd-server servicemonitor annotation attribute being added even when no annotations where defined + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Argo CD + catalog.cattle.io/kube-version: '>=1.23.0-0' + catalog.cattle.io/release-name: argo-cd + apiVersion: v2 + appVersion: v2.8.4 + created: "2023-09-20T15:57:19.476259277Z" + dependencies: + - condition: redis-ha.enabled + name: redis-ha + repository: file://./charts/redis-ha + version: 4.23.0 + description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery + tool for Kubernetes. + digest: cd4fd806a8aa1f6b3f9da98a5882c310d03824c66b10a73563c8c9bc3e27bd93 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14918,6 +15014,38 @@ entries: - assets/dell/csi-isilon-2.6.1.tgz version: 2.6.1 csi-powermax: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Dell CSI PowerMax + catalog.cattle.io/kube-version: '>= 1.23.0 < 1.29.0' + catalog.cattle.io/release-name: csi-powermax + apiVersion: v2 + appVersion: 2.8.0 + created: "2023-09-20T15:57:40.904703176Z" + dependencies: + - condition: required + name: csireverseproxy + repository: file://./charts/csireverseproxy + version: 2.7.0 + description: 'PowerMax CSI (Container Storage Interface) driver Kubernetes integration. + This chart includes everything required to provision via CSI as well as a PowerMax + StorageClass. ' + digest: 0a91a7f76015365f4d4f2d263e3e17590bb6f496dbe2b76f80a845fc8d7b7d5b + home: https://github.com/dell/csi-powermax + icon: https://partner-charts.rancher.io/assets/logos/dell.png + keywords: + - csi + - storage + kubeVersion: '>= 1.23.0 < 1.29.0' + maintainers: + - name: DellEMC + name: csi-powermax + sources: + - https://github.com/dell/csi-powermax + type: application + urls: + - assets/dell/csi-powermax-2.8.0.tgz + version: 2.8.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Dell CSI PowerMax @@ -20219,6 +20347,38 @@ entries: - assets/crowdstrike/falcon-sensor-0.9.300.tgz version: 0.9.300 federatorai: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Federator.ai + catalog.cattle.io/kube-version: '>= 1.16.0-0' + catalog.cattle.io/release-name: federatorai + apiVersion: v2 + appVersion: 5.1.4-b2262 + created: "2023-09-20T15:57:45.07744733Z" + description: Federator.ai helps enterprises optimize cloud resources, maximize + application performance, and save significant cost without excessive over-provisioning + or under-provisioning of resources, meeting the service-level requirements of + their applications. + digest: d943f4b3c5867b06dd580117f1b5b3e5eb1c60077514d6cd426c56edfde3fe8f + home: https://www.prophetstor.com + icon: https://raw.githubusercontent.com/prophetstor-ai/public/master/images/logo.png + keywords: + - AI + - Resource Orchestration + - NoOps + - AIOps + - Intelligent Workload Management + - Cost Optimization + kubeVersion: '>= 1.16.0-0' + maintainers: + - email: support@prophetstor.com + name: ProphetStor Data Services, Inc. + name: federatorai + sources: + - https://www.prophetstor.com + urls: + - assets/prophetstor/federatorai-5.1.4.tgz + version: 5.1.4 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Federator.ai @@ -27944,6 +28104,58 @@ entries: - assets/kasten/k10-4.5.900.tgz version: 4.5.900 kafka: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Apache Kafka + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: kafka + category: Infrastructure + images: | + - name: jmx-exporter + image: docker.io/bitnami/jmx-exporter:0.19.0-debian-11-r66 + - name: kafka-exporter + image: docker.io/bitnami/kafka-exporter:1.7.0-debian-11-r102 + - name: kafka + image: docker.io/bitnami/kafka:3.5.1-debian-11-r44 + - name: kubectl + image: docker.io/bitnami/kubectl:1.25.13-debian-11-r11 + - name: os-shell + image: docker.io/bitnami/os-shell:11-debian-11-r60 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 3.5.1 + created: "2023-09-20T15:57:37.790374949Z" + dependencies: + - condition: zookeeper.enabled + name: zookeeper + repository: file://./charts/zookeeper + version: 12.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Apache Kafka is a distributed streaming platform designed to build + real-time pipelines and can be used as a message broker or as a replacement + for a log aggregation solution for big data applications. + digest: d67d5fe737d1687724b057069ee68a981c409fe21c39d18cf48689065b9843de + home: https://bitnami.com + icon: https://svn.apache.org/repos/asf/comdev/project-logos/originals/kafka.svg + keywords: + - kafka + - zookeeper + - streaming + - producer + - consumer + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: kafka + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/kafka + urls: + - assets/bitnami/kafka-25.1.11.tgz + version: 25.1.11 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Apache Kafka @@ -35005,6 +35217,50 @@ entries: - assets/minio/minio-operator-4.4.1700.tgz version: 4.4.1700 mysql: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: MySQL + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: mysql + category: Database + images: | + - name: mysql + image: docker.io/bitnami/mysql:8.0.34-debian-11-r56 + - name: mysqld-exporter + image: docker.io/bitnami/mysqld-exporter:0.15.0-debian-11-r50 + - name: os-shell + image: docker.io/bitnami/os-shell:11-debian-11-r72 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 8.0.34 + created: "2023-09-20T15:57:38.052607388Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: MySQL is a fast, reliable, scalable, and easy to use open source + relational database system. Designed to handle mission-critical, heavy-load + production applications. + digest: 566751ab514845a17088a3ef60217e1114ed666d880a2d3812e921df3b90ec75 + home: https://bitnami.com + icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png + keywords: + - mysql + - database + - sql + - cluster + - high availability + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: mysql + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/mysql + urls: + - assets/bitnami/mysql-9.12.3.tgz + version: 9.12.3 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: MySQL @@ -41374,6 +41630,51 @@ entries: - assets/portworx/portworx-essentials-2.9.100.tgz version: 2.9.100 postgresql: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: PostgreSQL + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: postgresql + category: Database + images: | + - name: os-shell + image: docker.io/bitnami/os-shell:11-debian-11-r72 + - name: postgres-exporter + image: docker.io/bitnami/postgres-exporter:0.14.0-debian-11-r0 + - name: postgresql + image: docker.io/bitnami/postgresql:15.4.0-debian-11-r39 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 15.4.0 + created: "2023-09-20T15:57:38.220325872Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: PostgreSQL (Postgres) is an open source object-relational database + known for reliability and data integrity. ACID-compliant, it supports foreign + keys, joins, views, triggers and stored procedures. + digest: 5dc93daf82dfa1bc856690113c3b67b233df5593e9f2eef21384c91f712fcc57 + home: https://bitnami.com + icon: https://wiki.postgresql.org/images/a/a4/PostgreSQL_logo.3colors.svg + keywords: + - postgresql + - postgres + - database + - sql + - replication + - cluster + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: postgresql + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/postgresql + urls: + - assets/bitnami/postgresql-12.12.4.tgz + version: 12.12.4 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: PostgreSQL @@ -45961,6 +46262,50 @@ entries: - assets/bitnami/redis-17.3.7.tgz version: 17.3.7 redpanda: + - annotations: + artifacthub.io/images: | + - name: redpanda + image: docker.redpanda.com/redpandadata/redpanda:v23.2.7 + - name: busybox + image: busybox:latest + - name: mintel/docker-alpine-bash-curl-jq + image: mintel/docker-alpine-bash-curl-jq:latest + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://docs.redpanda.com + - name: "Helm (>= 3.6.0)" + url: https://helm.sh/docs/intro/install/ + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redpanda + catalog.cattle.io/kube-version: '>=1.21-0' + catalog.cattle.io/release-name: redpanda + apiVersion: v2 + appVersion: v23.2.8 + created: "2023-09-20T15:57:45.419528869Z" + dependencies: + - condition: console.enabled + name: console + repository: file://./charts/console + version: '>=0.5 <1.0' + - condition: connectors.enabled + name: connectors + repository: file://./charts/connectors + version: '>=0.1.2 <1.0' + description: Redpanda is the real-time engine for modern apps. + digest: bcc4eefa4e13fa10656a7e0f4c02cbacc4f35f9e4017bdbdbfdf4affeb0f08a6 + icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg + kubeVersion: '>=1.21-0' + maintainers: + - name: redpanda-data + url: https://github.com/orgs/redpanda-data/people + name: redpanda + sources: + - https://github.com/redpanda-data/helm-charts + type: application + urls: + - assets/redpanda/redpanda-5.4.6.tgz + version: 5.4.6 - annotations: artifacthub.io/images: | - name: redpanda @@ -50889,6 +51234,37 @@ entries: - assets/bitnami/spark-6.3.8.tgz version: 6.3.8 speedscale-operator: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Speedscale Operator + catalog.cattle.io/kube-version: '>= 1.17.0-0' + catalog.cattle.io/release-name: speedscale-operator + apiVersion: v1 + appVersion: 1.3.405 + created: "2023-09-20T15:57:45.524860598Z" + description: Stress test your APIs with real world scenarios. Collect and replay + traffic without scripting. + digest: 5008218b9e92bf7da13d0015267b6139df95ae64d3aae5c8ec0baa691e576893 + home: https://speedscale.com + icon: https://raw.githubusercontent.com/speedscale/assets/main/logo/gold_logo_only.png + keywords: + - speedscale + - test + - testing + - regression + - reliability + - load + - replay + - network + - traffic + kubeVersion: '>= 1.17.0-0' + maintainers: + - email: support@speedscale.com + name: Speedscale Support + name: speedscale-operator + urls: + - assets/speedscale/speedscale-operator-1.3.34.tgz + version: 1.3.34 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Speedscale Operator @@ -57628,6 +58004,60 @@ entries: - assets/hashicorp/vault-0.22.0.tgz version: 0.22.0 wordpress: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: WordPress + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: wordpress + category: CMS + images: | + - name: apache-exporter + image: docker.io/bitnami/apache-exporter:1.0.1-debian-11-r50 + - name: os-shell + image: docker.io/bitnami/os-shell:11-debian-11-r72 + - name: wordpress + image: docker.io/bitnami/wordpress:6.3.1-debian-11-r19 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 6.3.1 + created: "2023-09-20T15:57:39.792298109Z" + dependencies: + - condition: memcached.enabled + name: memcached + repository: file://./charts/memcached + version: 6.x.x + - condition: mariadb.enabled + name: mariadb + repository: file://./charts/mariadb + version: 13.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: WordPress is the world's most popular blogging and content management + platform. Powerful yet simple, everyone from students to global corporations + use it to build beautiful, functional websites. + digest: f43c2b3f7e1f5bc4c34e828a56cc186f8643384aa5d47121c8961ce18d7bc8dd + home: https://bitnami.com + icon: https://s.w.org/style/images/about/WordPress-logotype-simplified.png + keywords: + - application + - blog + - cms + - http + - php + - web + - wordpress + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: wordpress + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/wordpress + urls: + - assets/bitnami/wordpress-17.1.9.tgz + version: 17.1.9 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: WordPress