From ea7937ffd8968be55d836de762813820dffa5f43 Mon Sep 17 00:00:00 2001 From: Gurgur Date: Thu, 9 Oct 2025 20:25:31 +0200 Subject: [PATCH 01/20] [mongodb] fix: newline between mongo labels and additional labels (#301) * fix: newline between mongo labels and additional labels * chore: bump version * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Update CHANGELOG.md Signed-off-by: github-actions[bot] --------- Signed-off-by: github-actions[bot] Co-authored-by: github-actions[bot] --- charts/common/CHANGELOG.md | 2 +- charts/ghost/CHANGELOG.md | 2 +- charts/keycloak/CHANGELOG.md | 2 +- charts/mariadb/CHANGELOG.md | 2 +- charts/memcached/CHANGELOG.md | 2 +- charts/minio/CHANGELOG.md | 4 +- charts/mongodb/CHANGELOG.md | 4 +- charts/mongodb/Chart.yaml | 2 +- charts/mongodb/templates/_helpers.tpl | 2 +- .../templates/metrics-servicemonitor.yaml | 1 - charts/nginx/CHANGELOG.md | 2 +- charts/postgres/CHANGELOG.md | 4 +- charts/rabbitmq/CHANGELOG.md | 115 +-------------- charts/redis/CHANGELOG.md | 134 +----------------- charts/timescaledb/CHANGELOG.md | 2 +- charts/valkey/CHANGELOG.md | 2 +- charts/zookeeper/CHANGELOG.md | 2 +- 17 files changed, 19 insertions(+), 265 deletions(-) diff --git a/charts/common/CHANGELOG.md b/charts/common/CHANGELOG.md index 53edbc01..02c2d6c5 100644 --- a/charts/common/CHANGELOG.md +++ b/charts/common/CHANGELOG.md @@ -2,4 +2,4 @@ ## 1.1.1 (2025-10-09) -* [mongodb] feat: add metrics exporter ([#243](https://github.com/CloudPirates-io/helm-charts/pull/243)) +* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) diff --git a/charts/ghost/CHANGELOG.md b/charts/ghost/CHANGELOG.md index f9d6b2b0..f76987b3 100644 --- a/charts/ghost/CHANGELOG.md +++ b/charts/ghost/CHANGELOG.md @@ -2,4 +2,4 @@ ## 0.2.5 (2025-10-09) -* [mongodb] feat: add metrics exporter ([#243](https://github.com/CloudPirates-io/helm-charts/pull/243)) +* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) diff --git a/charts/keycloak/CHANGELOG.md b/charts/keycloak/CHANGELOG.md index e3571349..fc4902d3 100644 --- a/charts/keycloak/CHANGELOG.md +++ b/charts/keycloak/CHANGELOG.md @@ -2,4 +2,4 @@ ## 0.3.2 (2025-10-09) -* [mongodb] feat: add metrics exporter ([#243](https://github.com/CloudPirates-io/helm-charts/pull/243)) +* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) diff --git a/charts/mariadb/CHANGELOG.md b/charts/mariadb/CHANGELOG.md index 6893a4ce..88ad46ce 100644 --- a/charts/mariadb/CHANGELOG.md +++ b/charts/mariadb/CHANGELOG.md @@ -2,4 +2,4 @@ ## 0.3.3 (2025-10-09) -* [mongodb] feat: add metrics exporter ([#243](https://github.com/CloudPirates-io/helm-charts/pull/243)) +* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) diff --git a/charts/memcached/CHANGELOG.md b/charts/memcached/CHANGELOG.md index 54e971e4..64c8ce6e 100644 --- a/charts/memcached/CHANGELOG.md +++ b/charts/memcached/CHANGELOG.md @@ -2,4 +2,4 @@ ## 0.2.1 (2025-10-09) -* [mongodb] feat: add metrics exporter ([#243](https://github.com/CloudPirates-io/helm-charts/pull/243)) +* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) diff --git a/charts/minio/CHANGELOG.md b/charts/minio/CHANGELOG.md index 9299a528..5006b76c 100644 --- a/charts/minio/CHANGELOG.md +++ b/charts/minio/CHANGELOG.md @@ -1,5 +1,5 @@ # Changelog -## 0.3.0 (2025-10-09) +## 0.4.0 (2025-10-09) -* [mongodb] feat: add metrics exporter ([#243](https://github.com/CloudPirates-io/helm-charts/pull/243)) \ No newline at end of file +* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) diff --git a/charts/mongodb/CHANGELOG.md b/charts/mongodb/CHANGELOG.md index 9dd7167d..fe8c8abb 100644 --- a/charts/mongodb/CHANGELOG.md +++ b/charts/mongodb/CHANGELOG.md @@ -1,5 +1,5 @@ # Changelog -## 0.4.0 (2025-10-09) +## 0.4.1 (2025-10-09) -* [mongodb] feat: add metrics exporter ([#243](https://github.com/CloudPirates-io/helm-charts/pull/243)) +* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) diff --git a/charts/mongodb/Chart.yaml b/charts/mongodb/Chart.yaml index 2dfde7f7..e4266c1e 100644 --- a/charts/mongodb/Chart.yaml +++ b/charts/mongodb/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: mongodb description: MongoDB a flexible NoSQL database for scalable, real-time data management type: application -version: 0.4.0 +version: 0.4.1 appVersion: "8.0.13" keywords: - mongodb diff --git a/charts/mongodb/templates/_helpers.tpl b/charts/mongodb/templates/_helpers.tpl index 507631f5..3ff2ad37 100644 --- a/charts/mongodb/templates/_helpers.tpl +++ b/charts/mongodb/templates/_helpers.tpl @@ -127,6 +127,6 @@ Return ServiceMonitor labels {{- define "mongodb.metrics.serviceMonitor.labels" -}} {{- include "mongodb.labels" . }} {{- with .Values.metrics.serviceMonitor.additionalLabels }} -{{- toYaml . }} +{{ toYaml . }} {{- end }} {{- end -}} diff --git a/charts/mongodb/templates/metrics-servicemonitor.yaml b/charts/mongodb/templates/metrics-servicemonitor.yaml index 1f0592e9..4494cc13 100644 --- a/charts/mongodb/templates/metrics-servicemonitor.yaml +++ b/charts/mongodb/templates/metrics-servicemonitor.yaml @@ -10,7 +10,6 @@ metadata: {{- end }} labels: {{- include "mongodb.metrics.serviceMonitor.labels" . | nindent 4 }} - release: {{ .Release.Name }} {{- with .Values.metrics.serviceMonitor.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/charts/nginx/CHANGELOG.md b/charts/nginx/CHANGELOG.md index 75d31268..36a0174a 100644 --- a/charts/nginx/CHANGELOG.md +++ b/charts/nginx/CHANGELOG.md @@ -2,4 +2,4 @@ ## 0.1.14 (2025-10-09) -* [mongodb] feat: add metrics exporter ([#243](https://github.com/CloudPirates-io/helm-charts/pull/243)) +* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) diff --git a/charts/postgres/CHANGELOG.md b/charts/postgres/CHANGELOG.md index 293dc579..649c5849 100644 --- a/charts/postgres/CHANGELOG.md +++ b/charts/postgres/CHANGELOG.md @@ -1,5 +1,5 @@ # Changelog -## 0.7.3 (2025-10-09) +## 0.8.0 (2025-10-09) -* [mongodb] feat: add metrics exporter ([#243](https://github.com/CloudPirates-io/helm-charts/pull/243)) +* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) diff --git a/charts/rabbitmq/CHANGELOG.md b/charts/rabbitmq/CHANGELOG.md index 3727b45d..8f2d0fee 100644 --- a/charts/rabbitmq/CHANGELOG.md +++ b/charts/rabbitmq/CHANGELOG.md @@ -2,117 +2,4 @@ ## 0.3.4 (2025-10-09) -* [redis , rabbitmq]: Add podAnnotations ([#294](https://github.com/CloudPirates-io/helm-charts/pull/294)) - -## 0.3.3 (2025-10-09) - -* [all] add tests for openshift (#226) ([c80c98a](https://github.com/CloudPirates-io/helm-charts/commit/c80c98a)), closes [#226](https://github.com/CloudPirates-io/helm-charts/issues/226) -* [mongodb] feat: add metrics exporter (#243) ([c931978](https://github.com/CloudPirates-io/helm-charts/commit/c931978)), closes [#243](https://github.com/CloudPirates-io/helm-charts/issues/243) -* [rabbitmq]: add option to handle definitions via chart (#286) ([5425131](https://github.com/CloudPirates-io/helm-charts/commit/5425131)), closes [#286](https://github.com/CloudPirates-io/helm-charts/issues/286) -* [rabbitmq]: Fix auth disable erlang cookie (#248) ([9abf547](https://github.com/CloudPirates-io/helm-charts/commit/9abf547)), closes [#248](https://github.com/CloudPirates-io/helm-charts/issues/248) - -## 0.3.2 (2025-10-09) - -* Feature/renovate fix (#256) ([0d364d0](https://github.com/CloudPirates-io/helm-charts/commit/0d364d0)), closes [#256](https://github.com/CloudPirates-io/helm-charts/issues/256) - -## 0.3.1 (2025-10-06) - -* [mariadb] use tpl to return existingConfigMap (#217) ([c7c2f4c](https://github.com/CloudPirates-io/helm-charts/commit/c7c2f4c)), closes [#217](https://github.com/CloudPirates-io/helm-charts/issues/217) -* chore(deps): update docker.io/rabbitmq:4.1.4-management Docker digest to 8c31e22 (#204) ([dd82ffe](https://github.com/CloudPirates-io/helm-charts/commit/dd82ffe)), closes [#204](https://github.com/CloudPirates-io/helm-charts/issues/204) - -## 0.3.0 (2025-10-06) - -* make rabbitmq run on openshift (#201) ([df4deeb](https://github.com/CloudPirates-io/helm-charts/commit/df4deeb)), closes [#201](https://github.com/CloudPirates-io/helm-charts/issues/201) - -## 0.2.13 (2025-10-02) - -* [busybox] chore(deps): update docker.io/busybox:1.37.0 Docker digest to d82f458 ([a6990a6](https://github.com/CloudPirates-io/helm-charts/commit/a6990a6)) -* Add automatically generated fields to volumeClaimTemplates (#210) ([2c31a43](https://github.com/CloudPirates-io/helm-charts/commit/2c31a43)), closes [#210](https://github.com/CloudPirates-io/helm-charts/issues/210) -* chore(deps): update docker.io/rabbitmq:4.1.4-management Docker digest to 0f83c90 ([554ccc0](https://github.com/CloudPirates-io/helm-charts/commit/554ccc0)) -* chore(deps): update docker.io/rabbitmq:4.1.4-management Docker digest to 2d92ad8 ([2afff89](https://github.com/CloudPirates-io/helm-charts/commit/2afff89)) -* chore(deps): update docker.io/rabbitmq:4.1.4-management Docker digest to 4788f7d ([1bdfe1c](https://github.com/CloudPirates-io/helm-charts/commit/1bdfe1c)) -* chore(deps): update docker.io/rabbitmq:4.1.4-management Docker digest to 85cb76f ([9d6e3c5](https://github.com/CloudPirates-io/helm-charts/commit/9d6e3c5)) -* chore(deps): update docker.io/rabbitmq:4.1.4-management Docker digest to ba622d4 ([daeed6a](https://github.com/CloudPirates-io/helm-charts/commit/daeed6a)) -* Update appVersion ([b7d28b0](https://github.com/CloudPirates-io/helm-charts/commit/b7d28b0)) -* Update version ([bb928b4](https://github.com/CloudPirates-io/helm-charts/commit/bb928b4)) -* Bump chart version ([d26f247](https://github.com/CloudPirates-io/helm-charts/commit/d26f247)) -* Bump chart version ([e697ed5](https://github.com/CloudPirates-io/helm-charts/commit/e697ed5)) -* Bump chart version ([9f722c5](https://github.com/CloudPirates-io/helm-charts/commit/9f722c5)) -* Bump chart version ([81827c8](https://github.com/CloudPirates-io/helm-charts/commit/81827c8)) -* Bump chart version ([8e9f211](https://github.com/CloudPirates-io/helm-charts/commit/8e9f211)) -* Bump chart version ([8637a3e](https://github.com/CloudPirates-io/helm-charts/commit/8637a3e)) -* Bump chart version ([2cae2fb](https://github.com/CloudPirates-io/helm-charts/commit/2cae2fb)) -* Bump Chart Version ([2be6653](https://github.com/CloudPirates-io/helm-charts/commit/2be6653)) -* Bump RabbitMQ to latests stable ([14d0222](https://github.com/CloudPirates-io/helm-charts/commit/14d0222)) -* Bump version ([9427e8d](https://github.com/CloudPirates-io/helm-charts/commit/9427e8d)) -* Bump version and sha ([0bf0925](https://github.com/CloudPirates-io/helm-charts/commit/0bf0925)) -* Fix copy rabbitmq plugins ([9d1b0ed](https://github.com/CloudPirates-io/helm-charts/commit/9d1b0ed)) -* Fix erlang cookie copy / access rights ([54c8ab8](https://github.com/CloudPirates-io/helm-charts/commit/54c8ab8)) -* fix unit test ([80eba48](https://github.com/CloudPirates-io/helm-charts/commit/80eba48)) -* Fix YAML syntax in statefulset.yaml ([ee88104](https://github.com/CloudPirates-io/helm-charts/commit/ee88104)) -* Implement fix ([33fecf8](https://github.com/CloudPirates-io/helm-charts/commit/33fecf8)) -* Lintin works? ([0938b7c](https://github.com/CloudPirates-io/helm-charts/commit/0938b7c)) -* Reimplement chown ([d68af5e](https://github.com/CloudPirates-io/helm-charts/commit/d68af5e)) -* Remove incorrectly pushed file ([b03c230](https://github.com/CloudPirates-io/helm-charts/commit/b03c230)) -* Remove ownership change for .erlang.cookie ([723a45c](https://github.com/CloudPirates-io/helm-charts/commit/723a45c)) -* Resolve merge conflicts ([6921f33](https://github.com/CloudPirates-io/helm-charts/commit/6921f33)) -* Update CHANGELOG.md ([b2893ca](https://github.com/CloudPirates-io/helm-charts/commit/b2893ca)) -* Update CHANGELOG.md ([6f9ff21](https://github.com/CloudPirates-io/helm-charts/commit/6f9ff21)) -* Update CHANGELOG.md ([9be9185](https://github.com/CloudPirates-io/helm-charts/commit/9be9185)) -* Update CHANGELOG.md ([61e7883](https://github.com/CloudPirates-io/helm-charts/commit/61e7883)) -* Update CHANGELOG.md ([cf7c15e](https://github.com/CloudPirates-io/helm-charts/commit/cf7c15e)) -* Update CHANGELOG.md ([88006d0](https://github.com/CloudPirates-io/helm-charts/commit/88006d0)) -* Update CHANGELOG.md ([1b168e6](https://github.com/CloudPirates-io/helm-charts/commit/1b168e6)) -* Update CHANGELOG.md ([5df0a6f](https://github.com/CloudPirates-io/helm-charts/commit/5df0a6f)) -* Update CHANGELOG.md ([9354db5](https://github.com/CloudPirates-io/helm-charts/commit/9354db5)) -* Update CHANGELOG.md ([cd341c8](https://github.com/CloudPirates-io/helm-charts/commit/cd341c8)) -* Update CHANGELOG.md ([6021756](https://github.com/CloudPirates-io/helm-charts/commit/6021756)) -* Update CHANGELOG.md ([622f5c5](https://github.com/CloudPirates-io/helm-charts/commit/622f5c5)) -* Update CHANGELOG.md ([7c4f20f](https://github.com/CloudPirates-io/helm-charts/commit/7c4f20f)) -* Update CHANGELOG.md ([b579d1b](https://github.com/CloudPirates-io/helm-charts/commit/b579d1b)) -* Update CHANGELOG.md ([7e42a1e](https://github.com/CloudPirates-io/helm-charts/commit/7e42a1e)) -* Update CHANGELOG.md ([0d009c0](https://github.com/CloudPirates-io/helm-charts/commit/0d009c0)) -* Update CHANGELOG.md ([ab4655e](https://github.com/CloudPirates-io/helm-charts/commit/ab4655e)) -* Update CHANGELOG.md ([be6bf34](https://github.com/CloudPirates-io/helm-charts/commit/be6bf34)) -* Update CHANGELOG.md ([9112d4b](https://github.com/CloudPirates-io/helm-charts/commit/9112d4b)) -* Update CHANGELOG.md ([ac217ce](https://github.com/CloudPirates-io/helm-charts/commit/ac217ce)) -* Update CHANGELOG.md ([5794798](https://github.com/CloudPirates-io/helm-charts/commit/5794798)) -* Update CHANGELOG.md ([bcde9db](https://github.com/CloudPirates-io/helm-charts/commit/bcde9db)) -* Update CHANGELOG.md ([a0217a1](https://github.com/CloudPirates-io/helm-charts/commit/a0217a1)) -* Update CHANGELOG.md ([59ea4e5](https://github.com/CloudPirates-io/helm-charts/commit/59ea4e5)) -* working ([0c29e1e](https://github.com/CloudPirates-io/helm-charts/commit/0c29e1e)) -* docs(rabbitmq): update readme ([3006a9e](https://github.com/CloudPirates-io/helm-charts/commit/3006a9e)) -* feat: add securityContext spec for the initContainer ([3c6ca13](https://github.com/CloudPirates-io/helm-charts/commit/3c6ca13)) -* feat: add support to automatically download and enable 3rd party plugins ([c677de3](https://github.com/CloudPirates-io/helm-charts/commit/c677de3)) -* feat(rabbit): add podLabels ([0bbb86c](https://github.com/CloudPirates-io/helm-charts/commit/0bbb86c)) -* feat(rabbitmq): add new values for PDB, RBAC, ServiceAccount and STS ([b1506ca](https://github.com/CloudPirates-io/helm-charts/commit/b1506ca)) -* feat(rabbitmq): add sts podManagementPolicy in value ([4ec745d](https://github.com/CloudPirates-io/helm-charts/commit/4ec745d)) -* feat(rabbitmq): add support for extraPorts in Service and StatefulSet ([0545898](https://github.com/CloudPirates-io/helm-charts/commit/0545898)) -* feat(rabbitmq): add support for extraPorts in Service and StatefulSet ([94ff4bd](https://github.com/CloudPirates-io/helm-charts/commit/94ff4bd)) -* feat(rabbitmq): add support for extraPorts in Service and StatefulSet ([bfbc729](https://github.com/CloudPirates-io/helm-charts/commit/bfbc729)) -* feat(rabbitmq): add support for extraPorts in Service and StatefulSet ([ed381e0](https://github.com/CloudPirates-io/helm-charts/commit/ed381e0)) -* feat(rabbitmq): fix podLabels ([e5af639](https://github.com/CloudPirates-io/helm-charts/commit/e5af639)) -* feat(rabbitmq): fix podLabels duplication ([ad3a30b](https://github.com/CloudPirates-io/helm-charts/commit/ad3a30b)) -* chore: fix no new line character at the end of file ([0c4d018](https://github.com/CloudPirates-io/helm-charts/commit/0c4d018)) -* chore: fix no new line character at the end of file ([917d39a](https://github.com/CloudPirates-io/helm-charts/commit/917d39a)) -* chore: fix spaces ([a0a3394](https://github.com/CloudPirates-io/helm-charts/commit/a0a3394)) -* chore: remove commonAnnotation ([2a9c666](https://github.com/CloudPirates-io/helm-charts/commit/2a9c666)) -* fix: add missing @ for sha image reference ([7abe06a](https://github.com/CloudPirates-io/helm-charts/commit/7abe06a)) -* fix: allow setting a clusterdomain different than the default ([963a8c5](https://github.com/CloudPirates-io/helm-charts/commit/963a8c5)) - -## 0.1.1 (2025-09-08) - -* Fix erlang.cookie creation ([640e725](https://github.com/CloudPirates-io/helm-charts/commit/640e725)) -* Update CHANGELOG.md ([63b1299](https://github.com/CloudPirates-io/helm-charts/commit/63b1299)) - -## 0.1.0 (2025-09-02) - -* Fix clustering and metrics configurations ([f571ab3](https://github.com/CloudPirates-io/helm-charts/commit/f571ab3)) -* Fix ingress port and added test ([67ae961](https://github.com/CloudPirates-io/helm-charts/commit/67ae961)) -* Release 0.0.2 ([3f33f07](https://github.com/CloudPirates-io/helm-charts/commit/3f33f07)) -* add extraObject array to all charts ([34772b7](https://github.com/CloudPirates-io/helm-charts/commit/34772b7)) -* Add initial Changelogs to all Charts ([68f10ca](https://github.com/CloudPirates-io/helm-charts/commit/68f10ca)) -* bump all chart versions for new extraObjects feature ([aaa57f9](https://github.com/CloudPirates-io/helm-charts/commit/aaa57f9)) -* Fix missing t in tag ([3ba5c21](https://github.com/CloudPirates-io/helm-charts/commit/3ba5c21)) -* Fix values.yaml / Chart.yaml linting issues ([043c7e0](https://github.com/CloudPirates-io/helm-charts/commit/043c7e0)) -* initial implementation ([549034c](https://github.com/CloudPirates-io/helm-charts/commit/549034c)) +* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) diff --git a/charts/redis/CHANGELOG.md b/charts/redis/CHANGELOG.md index a8792409..55c6e5d6 100644 --- a/charts/redis/CHANGELOG.md +++ b/charts/redis/CHANGELOG.md @@ -2,136 +2,4 @@ ## 0.6.1 (2025-10-09) -* [redis , rabbitmq]: Add podAnnotations ([#294](https://github.com/CloudPirates-io/helm-charts/pull/294)) - -## 0.6.0 (2025-10-09) - -* Include podLabels in redis statefulset (#274) ([024da55](https://github.com/CloudPirates-io/helm-charts/commit/024da55)), closes [#274](https://github.com/CloudPirates-io/helm-charts/issues/274) - -## 0.5.7 (2025-10-09) - -* Update charts/redis/values.yaml redis to v8.2.2 (patch) (#264) ([f699d00](https://github.com/CloudPirates-io/helm-charts/commit/f699d00)), closes [#264](https://github.com/CloudPirates-io/helm-charts/issues/264) - -## 0.5.6 (2025-10-08) - -* [oliver006/redis_exporter] Update oliver006/redis_exporter to v1.78.0 (#235) ([508fd61](https://github.com/CloudPirates-io/helm-charts/commit/508fd61)), closes [#235](https://github.com/CloudPirates-io/helm-charts/issues/235) - -## 0.5.5 (2025-10-08) - -* Update redis to v8.2.2 (#233) ([363468b](https://github.com/CloudPirates-io/helm-charts/commit/363468b)), closes [#233](https://github.com/CloudPirates-io/helm-charts/issues/233) - -## 0.5.4 (2025-10-08) - -* [redis]: fix dual stack networking issues (#227) ([381bd76](https://github.com/CloudPirates-io/helm-charts/commit/381bd76)), closes [#227](https://github.com/CloudPirates-io/helm-charts/issues/227) - -## 0.5.3 (2025-10-06) - -* Add automatically generated fields to volumeClaimTemplates (#218) ([5f4142b](https://github.com/CloudPirates-io/helm-charts/commit/5f4142b)), closes [#218](https://github.com/CloudPirates-io/helm-charts/issues/218) - -## 0.5.2 (2025-10-06) - -* chore(deps): update redis:8.2.1 Docker digest to 5fa2edb (#188) ([6a72e00](https://github.com/CloudPirates-io/helm-charts/commit/6a72e00)), closes [#188](https://github.com/CloudPirates-io/helm-charts/issues/188) - -## 0.5.1 (2025-10-06) - -* chore(deps): update docker.io/redis:8.2.1 Docker digest to 5fa2edb (#187) ([fe21dc2](https://github.com/CloudPirates-io/helm-charts/commit/fe21dc2)), closes [#187](https://github.com/CloudPirates-io/helm-charts/issues/187) - -## 0.5.0 (2025-10-01) - -* make redis run on openshift (#193) ([cc4d3c3](https://github.com/CloudPirates-io/helm-charts/commit/cc4d3c3)), closes [#193](https://github.com/CloudPirates-io/helm-charts/issues/193) - -## 0.4.6 (2025-09-25) - -* Add metrics section to the README ([14a37bc](https://github.com/CloudPirates-io/helm-charts/commit/14a37bc)) -* Add topologySpreadConstraints option to the chart ([9c9eeeb](https://github.com/CloudPirates-io/helm-charts/commit/9c9eeeb)) -* add volumeMounts option for sentinel container ([8499307](https://github.com/CloudPirates-io/helm-charts/commit/8499307)) -* bump up chart patch version ([c436c6d](https://github.com/CloudPirates-io/helm-charts/commit/c436c6d)) -* bump up chart patch version ([a5c9dfb](https://github.com/CloudPirates-io/helm-charts/commit/a5c9dfb)) -* fix sentinel conditions. set default to standalone ([bf935fa](https://github.com/CloudPirates-io/helm-charts/commit/bf935fa)) -* Implement redis service monitoring ([3aec93d](https://github.com/CloudPirates-io/helm-charts/commit/3aec93d)) -* requirepass for sentinel cli operations when password is set ([60d1b5c](https://github.com/CloudPirates-io/helm-charts/commit/60d1b5c)) -* return fqdn for sentinel master lookup (#156) ([00b9882](https://github.com/CloudPirates-io/helm-charts/commit/00b9882)), closes [#156](https://github.com/CloudPirates-io/helm-charts/issues/156) -* [redis]: Persistent volume claim retentionpolicy ([1f708a5](https://github.com/CloudPirates-io/helm-charts/commit/1f708a5)) -* Bitnami style fail over script ([9b9a395](https://github.com/CloudPirates-io/helm-charts/commit/9b9a395)) -* Bump chart version ([a892492](https://github.com/CloudPirates-io/helm-charts/commit/a892492)) -* Bump chart version ([a6ac908](https://github.com/CloudPirates-io/helm-charts/commit/a6ac908)) -* Bump version ([43dceb2](https://github.com/CloudPirates-io/helm-charts/commit/43dceb2)) -* Configurable recheck values ([cf31961](https://github.com/CloudPirates-io/helm-charts/commit/cf31961)) -* Decrease defaults ([572cba9](https://github.com/CloudPirates-io/helm-charts/commit/572cba9)) -* Fix invalid master detection ([f1545d9](https://github.com/CloudPirates-io/helm-charts/commit/f1545d9)) -* fix lint ([c9a0e4f](https://github.com/CloudPirates-io/helm-charts/commit/c9a0e4f)) -* Fix lint ([9943a66](https://github.com/CloudPirates-io/helm-charts/commit/9943a66)) -* Fix pod not restarting after configmap change ([8181649](https://github.com/CloudPirates-io/helm-charts/commit/8181649)) -* Fix reviews ([87c780c](https://github.com/CloudPirates-io/helm-charts/commit/87c780c)) -* Fix roles ([9f6cd01](https://github.com/CloudPirates-io/helm-charts/commit/9f6cd01)) -* Full rework ([a8f4e56](https://github.com/CloudPirates-io/helm-charts/commit/a8f4e56)) -* Implement redis sentinal functionality ([70d64d5](https://github.com/CloudPirates-io/helm-charts/commit/70d64d5)) -* Implement suggested improvements ([aeac191](https://github.com/CloudPirates-io/helm-charts/commit/aeac191)) -* Improve defaults ([b964825](https://github.com/CloudPirates-io/helm-charts/commit/b964825)) -* Minor improvements ([016dee2](https://github.com/CloudPirates-io/helm-charts/commit/016dee2)) -* Sync on restart if sentinel available ([628128e](https://github.com/CloudPirates-io/helm-charts/commit/628128e)) -* Unhardcode ips ([b6e0a4e](https://github.com/CloudPirates-io/helm-charts/commit/b6e0a4e)) -* Update CHANGELOG.md ([7691aa0](https://github.com/CloudPirates-io/helm-charts/commit/7691aa0)) -* Update CHANGELOG.md ([fcf698f](https://github.com/CloudPirates-io/helm-charts/commit/fcf698f)) -* Update CHANGELOG.md ([1afe498](https://github.com/CloudPirates-io/helm-charts/commit/1afe498)) -* Update CHANGELOG.md ([0da41aa](https://github.com/CloudPirates-io/helm-charts/commit/0da41aa)) -* Update CHANGELOG.md ([8425f12](https://github.com/CloudPirates-io/helm-charts/commit/8425f12)) -* Update CHANGELOG.md ([2753a1e](https://github.com/CloudPirates-io/helm-charts/commit/2753a1e)) -* Update CHANGELOG.md ([f6ea97b](https://github.com/CloudPirates-io/helm-charts/commit/f6ea97b)) -* Update CHANGELOG.md ([9bd42ad](https://github.com/CloudPirates-io/helm-charts/commit/9bd42ad)) -* Update CHANGELOG.md ([497514f](https://github.com/CloudPirates-io/helm-charts/commit/497514f)) -* Update CHANGELOG.md ([18008d2](https://github.com/CloudPirates-io/helm-charts/commit/18008d2)) -* Update CHANGELOG.md ([dfaff03](https://github.com/CloudPirates-io/helm-charts/commit/dfaff03)) -* Update CHANGELOG.md ([e60664c](https://github.com/CloudPirates-io/helm-charts/commit/e60664c)) -* Update CHANGELOG.md ([025e4b2](https://github.com/CloudPirates-io/helm-charts/commit/025e4b2)) -* Update CHANGELOG.md ([a4c0fd0](https://github.com/CloudPirates-io/helm-charts/commit/a4c0fd0)) -* Update CHANGELOG.md ([103dbd5](https://github.com/CloudPirates-io/helm-charts/commit/103dbd5)) -* Update CHANGELOG.md ([4657370](https://github.com/CloudPirates-io/helm-charts/commit/4657370)) -* Update CHANGELOG.md ([e572ff3](https://github.com/CloudPirates-io/helm-charts/commit/e572ff3)) -* Update CHANGELOG.md ([507c187](https://github.com/CloudPirates-io/helm-charts/commit/507c187)) -* Update docker.io/redis:8.2.1 Docker digest to acb90ce ([eb469b0](https://github.com/CloudPirates-io/helm-charts/commit/eb469b0)) -* chore: bump chart version ([b8bec46](https://github.com/CloudPirates-io/helm-charts/commit/b8bec46)) -* feat: add init container resources configurable values ([852ac34](https://github.com/CloudPirates-io/helm-charts/commit/852ac34)) -* feat: bind resource to init-container resources from values ([014db83](https://github.com/CloudPirates-io/helm-charts/commit/014db83)) - -## 0.2.0 (2025-09-02) - -* add extraObject array to all charts ([34772b7](https://github.com/CloudPirates-io/helm-charts/commit/34772b7)) -* bump all chart versions for new extraObjects feature ([aaa57f9](https://github.com/CloudPirates-io/helm-charts/commit/aaa57f9)) - -## 0.1.8 (2025-08-31) - -* Add support for statefulset priorityclassname ([b5847dd](https://github.com/CloudPirates-io/helm-charts/commit/b5847dd)) -* Update CHANGELOG.md ([d1c5ba2](https://github.com/CloudPirates-io/helm-charts/commit/d1c5ba2)) - -## 0.1.7 (2025-08-28) - -* add readme and values.schema.json ([873286c](https://github.com/CloudPirates-io/helm-charts/commit/873286c)) -* Fix typo in readme ([cce0ea8](https://github.com/CloudPirates-io/helm-charts/commit/cce0ea8)) -* fix version ([2701959](https://github.com/CloudPirates-io/helm-charts/commit/2701959)) -* Refactor chart ([33323aa](https://github.com/CloudPirates-io/helm-charts/commit/33323aa)) -* Update chart to 0.1.1 ([5fa15b9](https://github.com/CloudPirates-io/helm-charts/commit/5fa15b9)) -* Update version to 8.2.1 / Fix readme ([5266eaf](https://github.com/CloudPirates-io/helm-charts/commit/5266eaf)) -* Add ArtifactHub Badges to all Charts ([08b855b](https://github.com/CloudPirates-io/helm-charts/commit/08b855b)) -* Add ArtifactHub repo config ([15180a8](https://github.com/CloudPirates-io/helm-charts/commit/15180a8)) -* Add cosign signature READMEs ([5f82e7f](https://github.com/CloudPirates-io/helm-charts/commit/5f82e7f)) -* Add extensive chart testing ([a46efac](https://github.com/CloudPirates-io/helm-charts/commit/a46efac)) -* Add generated values.schema.json files from values.yaml ([aa79ac3](https://github.com/CloudPirates-io/helm-charts/commit/aa79ac3)) -* Add initial Changelogs to all Charts ([68f10ca](https://github.com/CloudPirates-io/helm-charts/commit/68f10ca)) -* Add LICENSE ([fdbf1ab](https://github.com/CloudPirates-io/helm-charts/commit/fdbf1ab)) -* add logos to helm-charts ([fc70cdc](https://github.com/CloudPirates-io/helm-charts/commit/fc70cdc)) -* Bump chart version ([395c7d5](https://github.com/CloudPirates-io/helm-charts/commit/395c7d5)) -* Fix image tag/digest handling ([a5c982b](https://github.com/CloudPirates-io/helm-charts/commit/a5c982b)) -* Fix imagePullSecrets format and pull always ([ce0d301](https://github.com/CloudPirates-io/helm-charts/commit/ce0d301)) -* fix readme.md install text, update chart.yaml home-website ([3511582](https://github.com/CloudPirates-io/helm-charts/commit/3511582)) -* Fix values.yaml / Chart.yaml linting issues ([043c7e0](https://github.com/CloudPirates-io/helm-charts/commit/043c7e0)) -* Format README files ([04aacab](https://github.com/CloudPirates-io/helm-charts/commit/04aacab)) -* init, add mariadb, mongodb and redis chart ([8e44c83](https://github.com/CloudPirates-io/helm-charts/commit/8e44c83)) -* Release new chart versions / update sources ([dbb0e45](https://github.com/CloudPirates-io/helm-charts/commit/dbb0e45)) -* Remove leading $ from code blocks ([836b2e3](https://github.com/CloudPirates-io/helm-charts/commit/836b2e3)) -* remove serviceaccounts from all charts ([be8f43a](https://github.com/CloudPirates-io/helm-charts/commit/be8f43a)) -* Update CHANGELOG.md ([26bf940](https://github.com/CloudPirates-io/helm-charts/commit/26bf940)) -* Update docker.io/redis Docker tag to v8.2.1 ([53db488](https://github.com/CloudPirates-io/helm-charts/commit/53db488)) -* update readme, chart.yaml texts and descriptions ([0179046](https://github.com/CloudPirates-io/helm-charts/commit/0179046)) -* Use lookup function for password where applicable ([dfb9a0e](https://github.com/CloudPirates-io/helm-charts/commit/dfb9a0e)) -* fix: chart icon urls ([cc38c0d](https://github.com/CloudPirates-io/helm-charts/commit/cc38c0d)) +* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) diff --git a/charts/timescaledb/CHANGELOG.md b/charts/timescaledb/CHANGELOG.md index c0e88257..49ed11ed 100644 --- a/charts/timescaledb/CHANGELOG.md +++ b/charts/timescaledb/CHANGELOG.md @@ -2,4 +2,4 @@ ## 0.3.1 (2025-10-09) -* [mongodb] feat: add metrics exporter ([#243](https://github.com/CloudPirates-io/helm-charts/pull/243)) +* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) diff --git a/charts/valkey/CHANGELOG.md b/charts/valkey/CHANGELOG.md index 93649a44..fe8c8abb 100644 --- a/charts/valkey/CHANGELOG.md +++ b/charts/valkey/CHANGELOG.md @@ -2,4 +2,4 @@ ## 0.4.1 (2025-10-09) -* [mongodb] feat: add metrics exporter ([#243](https://github.com/CloudPirates-io/helm-charts/pull/243)) +* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) diff --git a/charts/zookeeper/CHANGELOG.md b/charts/zookeeper/CHANGELOG.md index 2db31a16..6c433552 100644 --- a/charts/zookeeper/CHANGELOG.md +++ b/charts/zookeeper/CHANGELOG.md @@ -2,4 +2,4 @@ ## 0.1.6 (2025-10-09) -* [mongodb] feat: add metrics exporter ([#243](https://github.com/CloudPirates-io/helm-charts/pull/243)) +* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) From 1d3543c716ca4304276c464e954228339bbdb304 Mon Sep 17 00:00:00 2001 From: dcoppa Date: Thu, 9 Oct 2025 20:27:23 +0200 Subject: [PATCH 02/20] [redis] fix: better IPv6 compatibility (#296) * [redis] fix: better IPv6 compatibility * [redis] bump version of the chart * [redis] bump version of the chart --- charts/redis/Chart.yaml | 2 +- charts/redis/templates/prestop-configmap.yaml | 9 ++- charts/redis/templates/statefulset.yaml | 74 +++++++++++++------ charts/redis/test-production-values.yaml | 2 +- .../redis/tests/common-parameters_test.yaml | 2 +- charts/redis/values.yaml | 2 +- 6 files changed, 64 insertions(+), 27 deletions(-) diff --git a/charts/redis/Chart.yaml b/charts/redis/Chart.yaml index 5be29e05..bc776f35 100644 --- a/charts/redis/Chart.yaml +++ b/charts/redis/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: redis description: An open source, in-memory data structure store used as a database, cache, and message broker. type: application -version: 0.6.1 +version: 0.6.2 appVersion: "8.2.1" keywords: - redis diff --git a/charts/redis/templates/prestop-configmap.yaml b/charts/redis/templates/prestop-configmap.yaml index b4e5b48f..1cbd1a18 100644 --- a/charts/redis/templates/prestop-configmap.yaml +++ b/charts/redis/templates/prestop-configmap.yaml @@ -27,9 +27,16 @@ data: export REDISCLI_AUTH="${REDIS_PASSWORD}" {{- end }} + # Set loopback address based on ipFamily configuration + {{- if eq .Values.ipFamily "ipv6" }} + REDIS_LOOPBACK="::1" + {{- else }} + REDIS_LOOPBACK="127.0.0.1" + {{- end }} + # Function to run Redis commands run_redis_command() { - local args=("-h" "127.0.0.1" "-p" "$REDIS_PORT") + local args=("-h" "$REDIS_LOOPBACK" "-p" "$REDIS_PORT") redis-cli "${args[@]}" "$@" } diff --git a/charts/redis/templates/statefulset.yaml b/charts/redis/templates/statefulset.yaml index d29987a0..2beb0a41 100644 --- a/charts/redis/templates/statefulset.yaml +++ b/charts/redis/templates/statefulset.yaml @@ -60,7 +60,7 @@ spec: else # Create minimal config if no config exists cat > /tmp/redis.conf << EOF - bind 0.0.0.0 + bind * -::* port 6379 EOF fi @@ -209,9 +209,17 @@ spec: - /bin/sh - -c {{- if .Values.auth.enabled }} - - redis-cli -a ${REDIS_PASSWORD} ping + {{- if eq .Values.ipFamily "ipv6" }} + - redis-cli -h "::1" -a ${REDIS_PASSWORD} ping {{- else }} - - redis-cli ping + - redis-cli -h "127.0.0.1" -a ${REDIS_PASSWORD} ping + {{- end }} + {{- else }} + {{- if eq .Values.ipFamily "ipv6" }} + - redis-cli -h "::1" ping + {{- else }} + - redis-cli -h "127.0.0.1" ping + {{- end }} {{- end }} initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} @@ -225,20 +233,35 @@ spec: command: - /bin/sh - -c - - | - {{- if and .Values.sentinel.enabled (eq .Values.architecture "replication") }} - {{- if .Values.auth.enabled }} - redis-cli -a ${REDIS_PASSWORD} ping | grep -q PONG - {{- else }} - redis-cli ping | grep -q PONG - {{- end }} - {{- else }} - {{- if .Values.auth.enabled }} - redis-cli -a ${REDIS_PASSWORD} ping - {{- else }} - redis-cli ping - {{- end }} - {{- end }} + {{- if and .Values.sentinel.enabled (eq .Values.architecture "replication") }} + {{- if .Values.auth.enabled }} + {{- if eq .Values.ipFamily "ipv6" }} + - redis-cli -h "::1" -a ${REDIS_PASSWORD} ping | grep -q PONG + {{- else }} + - redis-cli -h "127.0.0.1" -a ${REDIS_PASSWORD} ping | grep -q PONG + {{- end }} + {{- else }} + {{- if eq .Values.ipFamily "ipv6" }} + - redis-cli -h "::1" ping | grep -q PONG + {{- else }} + - redis-cli -h "127.0.0.1" ping | grep -q PONG + {{- end }} + {{- end }} + {{- else }} + {{- if .Values.auth.enabled }} + {{- if eq .Values.ipFamily "ipv6" }} + - redis-cli -h "::1" -a ${REDIS_PASSWORD} ping + {{- else }} + - redis-cli -h "127.0.0.1" -a ${REDIS_PASSWORD} ping + {{- end }} + {{- else }} + {{- if eq .Values.ipFamily "ipv6" }} + - redis-cli -h "::1" ping + {{- else }} + - redis-cli -h "127.0.0.1" ping + {{- end }} + {{- end }} + {{- end }} initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} @@ -288,7 +311,12 @@ spec: # Wait for Redis to be ready echo "Waiting for Redis to start..." - while ! redis-cli {{- if .Values.auth.enabled }} -a "${REDIS_PASSWORD}"{{- end }} -h 127.0.0.1 -p {{ .Values.service.port }} ping >/dev/null 2>&1; do + {{- if eq .Values.ipFamily "ipv6" }} + REDIS_HOST="::1" + {{- else }} + REDIS_HOST="127.0.0.1" + {{- end }} + while ! redis-cli {{- if .Values.auth.enabled }} -a "${REDIS_PASSWORD}"{{- end }} -h "${REDIS_HOST}" -p {{ .Values.service.port }} ping >/dev/null 2>&1; do sleep 1 done echo "Redis is ready" @@ -355,7 +383,7 @@ spec: # Create Sentinel config cat > /tmp/sentinel.conf << EOF port {{ .Values.sentinel.port }} - bind 0.0.0.0 + bind * -::* # Enable hostname resolution for Redis Sentinel sentinel resolve-hostnames yes sentinel announce-hostnames yes @@ -407,9 +435,11 @@ spec: command: - /bin/sh - -c - - | - # Check if sentinel is responding - redis-cli -h 127.0.0.1 -p {{ .Values.sentinel.port }} {{- if .Values.auth.enabled }} -a "${REDIS_PASSWORD}"{{- end }} ping | grep -q PONG + {{- if eq .Values.ipFamily "ipv6" }} + - redis-cli -h "::1" -p {{ .Values.sentinel.port }} {{- if .Values.auth.enabled }} -a "${REDIS_PASSWORD}"{{- end }} ping | grep -q PONG + {{- else }} + - redis-cli -h "127.0.0.1" -p {{ .Values.sentinel.port }} {{- if .Values.auth.enabled }} -a "${REDIS_PASSWORD}"{{- end }} ping | grep -q PONG + {{- end }} initialDelaySeconds: 5 periodSeconds: 10 timeoutSeconds: 5 diff --git a/charts/redis/test-production-values.yaml b/charts/redis/test-production-values.yaml index 13af75ad..4f895734 100644 --- a/charts/redis/test-production-values.yaml +++ b/charts/redis/test-production-values.yaml @@ -97,7 +97,7 @@ readinessProbe: config: content: | # Redis production configuration - bind 0.0.0.0 + bind * -::* port 6379 # Memory management diff --git a/charts/redis/tests/common-parameters_test.yaml b/charts/redis/tests/common-parameters_test.yaml index 58450b9d..bd7eccca 100644 --- a/charts/redis/tests/common-parameters_test.yaml +++ b/charts/redis/tests/common-parameters_test.yaml @@ -7,7 +7,7 @@ set: config: content: | # Redis configuration - bind 0.0.0.0 + bind * -::* port 6379 tests: - it: should use default values when nothing is overridden diff --git a/charts/redis/values.yaml b/charts/redis/values.yaml index de0dd37e..8d8275dd 100644 --- a/charts/redis/values.yaml +++ b/charts/redis/values.yaml @@ -70,7 +70,7 @@ config: ## @param config.content Include your custom Redis configurations here as string content: | # Redis configuration - bind 0.0.0.0 + bind * -::* port 6379 ## param config.existingConfigmap Name of an existing Configmap to use instead of creating one existingConfigmap: "" From 07101fe83a57861d4396df656847f4abbc5326de Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 07:53:54 +0200 Subject: [PATCH 03/20] [mariadb] Update charts/mariadb/values.yaml mariadb (#315) * [mariadb] Update charts/mariadb/values.yaml mariadb * Bump chart version * Update CHANGELOG.md Signed-off-by: github-actions[bot] --------- Signed-off-by: github-actions[bot] Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Finn Rades Co-authored-by: github-actions[bot] --- charts/mariadb/CHANGELOG.md | 80 ++++++++++++++++++++++++++++++++++++- charts/mariadb/Chart.yaml | 2 +- charts/mariadb/values.yaml | 2 +- 3 files changed, 80 insertions(+), 4 deletions(-) diff --git a/charts/mariadb/CHANGELOG.md b/charts/mariadb/CHANGELOG.md index 88ad46ce..616e0f67 100644 --- a/charts/mariadb/CHANGELOG.md +++ b/charts/mariadb/CHANGELOG.md @@ -1,5 +1,81 @@ # Changelog -## 0.3.3 (2025-10-09) +## 0.3.4 (2025-10-10) -* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) +* [mariadb] Update charts/mariadb/values.yaml mariadb ([#315](https://github.com/CloudPirates-io/helm-charts/pull/315)) + +## 0.3.3 (2025-10-08) + +* Add support for readOnlyRootFilesystem (#228) ([cdb58b2](https://github.com/CloudPirates-io/helm-charts/commit/cdb58b2)), closes [#228](https://github.com/CloudPirates-io/helm-charts/issues/228) + +## 0.3.2 (2025-10-06) + +* chore(deps): update docker.io/mariadb:12.0.2 Docker digest to 03a03a6 (#207) ([e51e995](https://github.com/CloudPirates-io/helm-charts/commit/e51e995)), closes [#207](https://github.com/CloudPirates-io/helm-charts/issues/207) + +## 0.3.1 (2025-10-06) + +* use tpl to return existingConfigMap (#217) ([c7c2f4c](https://github.com/CloudPirates-io/helm-charts/commit/c7c2f4c)), closes [#217](https://github.com/CloudPirates-io/helm-charts/issues/217) + +## 0.3.0 (2025-09-29) + +* bump version to 0.2.6 ([51bcd26](https://github.com/CloudPirates-io/helm-charts/commit/51bcd26)) +* change statefulset pvc-template labels to not use common.labels ([780386b](https://github.com/CloudPirates-io/helm-charts/commit/780386b)) +* chore(deps): update docker.io/mariadb:12.0.2 Docker digest to 8a061ef ([ba48f7a](https://github.com/CloudPirates-io/helm-charts/commit/ba48f7a)) +* fix pvc-labels ([aaf1b20](https://github.com/CloudPirates-io/helm-charts/commit/aaf1b20)) +* fix statefulset pvc template ([b600627](https://github.com/CloudPirates-io/helm-charts/commit/b600627)) +* make mariadb run on openshift (#176) ([e2c3afb](https://github.com/CloudPirates-io/helm-charts/commit/e2c3afb)), closes [#176](https://github.com/CloudPirates-io/helm-charts/issues/176) +* add empty linting rule ([8be9283](https://github.com/CloudPirates-io/helm-charts/commit/8be9283)) +* Bump chart version ([ea85028](https://github.com/CloudPirates-io/helm-charts/commit/ea85028)) +* Bump chart version ([d2863aa](https://github.com/CloudPirates-io/helm-charts/commit/d2863aa)) +* Bump MariaDB chart version to 0.2.3 ([10b1b7d](https://github.com/CloudPirates-io/helm-charts/commit/10b1b7d)) +* Fix helpers.tpl ([201ecc7](https://github.com/CloudPirates-io/helm-charts/commit/201ecc7)) +* Implement default password ([c858a6b](https://github.com/CloudPirates-io/helm-charts/commit/c858a6b)) +* Implement init script ([4b6ee98](https://github.com/CloudPirates-io/helm-charts/commit/4b6ee98)) +* mariadb now respects full custom container security context settings ([770ea69](https://github.com/CloudPirates-io/helm-charts/commit/770ea69)) +* Reverse version bump ([379dbfe](https://github.com/CloudPirates-io/helm-charts/commit/379dbfe)) +* Update CHANGELOG.md ([bb96d54](https://github.com/CloudPirates-io/helm-charts/commit/bb96d54)) +* Update CHANGELOG.md ([858838d](https://github.com/CloudPirates-io/helm-charts/commit/858838d)) +* Update CHANGELOG.md ([e5c8efd](https://github.com/CloudPirates-io/helm-charts/commit/e5c8efd)) +* Update CHANGELOG.md ([79570ff](https://github.com/CloudPirates-io/helm-charts/commit/79570ff)) +* Update CHANGELOG.md ([7517a21](https://github.com/CloudPirates-io/helm-charts/commit/7517a21)) +* Update CHANGELOG.md ([bcd1d8a](https://github.com/CloudPirates-io/helm-charts/commit/bcd1d8a)) +* Update CHANGELOG.md ([9af2905](https://github.com/CloudPirates-io/helm-charts/commit/9af2905)) +* Update docker.io/mariadb:12.0.2 Docker digest to a5af517 ([6322f06](https://github.com/CloudPirates-io/helm-charts/commit/6322f06)) +* updated chart version ([f7b6496](https://github.com/CloudPirates-io/helm-charts/commit/f7b6496)) + +## 0.2.0 (2025-09-02) + +* add extraObject array to all charts ([34772b7](https://github.com/CloudPirates-io/helm-charts/commit/34772b7)) +* bump all chart versions for new extraObjects feature ([aaa57f9](https://github.com/CloudPirates-io/helm-charts/commit/aaa57f9)) + +## 0.1.6 (2025-08-27) + +* [documentation] update readme files ([16944cd](https://github.com/CloudPirates-io/helm-charts/commit/16944cd)) +* bump version to 0.1.4 ([d4f2478](https://github.com/CloudPirates-io/helm-charts/commit/d4f2478)) +* fix annotations, imagePullsecret, update tests ([31a1a87](https://github.com/CloudPirates-io/helm-charts/commit/31a1a87)) +* update appversion to 12.0.2, release 0.1.5 ([cf67ba0](https://github.com/CloudPirates-io/helm-charts/commit/cf67ba0)) +* update container image definition-function, remove default value ([3ad9f82](https://github.com/CloudPirates-io/helm-charts/commit/3ad9f82)) +* update statefulset auth, fix image helper and imagePullSecret ([085f5bb](https://github.com/CloudPirates-io/helm-charts/commit/085f5bb)) +* Add ArtifactHub Badges to all Charts ([08b855b](https://github.com/CloudPirates-io/helm-charts/commit/08b855b)) +* Add ArtifactHub repo config ([15180a8](https://github.com/CloudPirates-io/helm-charts/commit/15180a8)) +* Add cosign signature READMEs ([5f82e7f](https://github.com/CloudPirates-io/helm-charts/commit/5f82e7f)) +* Add extensive chart testing ([a46efac](https://github.com/CloudPirates-io/helm-charts/commit/a46efac)) +* Add generated values.schema.json files from values.yaml ([aa79ac3](https://github.com/CloudPirates-io/helm-charts/commit/aa79ac3)) +* Add initial Changelogs to all Charts ([68f10ca](https://github.com/CloudPirates-io/helm-charts/commit/68f10ca)) +* Add LICENSE ([fdbf1ab](https://github.com/CloudPirates-io/helm-charts/commit/fdbf1ab)) +* add logos to helm-charts ([fc70cdc](https://github.com/CloudPirates-io/helm-charts/commit/fc70cdc)) +* Add release pipeline ([ebd7277](https://github.com/CloudPirates-io/helm-charts/commit/ebd7277)) +* Fix image tag/digest handling ([a5c982b](https://github.com/CloudPirates-io/helm-charts/commit/a5c982b)) +* Fix imagePullSecrets format and pull always ([ce0d301](https://github.com/CloudPirates-io/helm-charts/commit/ce0d301)) +* Fix linting for values.yaml ([504ac61](https://github.com/CloudPirates-io/helm-charts/commit/504ac61)) +* fix readme.md install text, update chart.yaml home-website ([3511582](https://github.com/CloudPirates-io/helm-charts/commit/3511582)) +* Fix values.yaml / Chart.yaml linting issues ([043c7e0](https://github.com/CloudPirates-io/helm-charts/commit/043c7e0)) +* Format README files ([04aacab](https://github.com/CloudPirates-io/helm-charts/commit/04aacab)) +* init, add mariadb, mongodb and redis chart ([8e44c83](https://github.com/CloudPirates-io/helm-charts/commit/8e44c83)) +* Relase withoud double chart name ([b0ec54d](https://github.com/CloudPirates-io/helm-charts/commit/b0ec54d)) +* Release new chart versions / update sources ([dbb0e45](https://github.com/CloudPirates-io/helm-charts/commit/dbb0e45)) +* Remove dot ([f7d300b](https://github.com/CloudPirates-io/helm-charts/commit/f7d300b)) +* remove serviceaccounts from all charts ([be8f43a](https://github.com/CloudPirates-io/helm-charts/commit/be8f43a)) +* Test release ([33db75e](https://github.com/CloudPirates-io/helm-charts/commit/33db75e)) +* Update mariadb ([37fb54f](https://github.com/CloudPirates-io/helm-charts/commit/37fb54f)) +* update readme, chart.yaml texts and descriptions ([0179046](https://github.com/CloudPirates-io/helm-charts/commit/0179046)) diff --git a/charts/mariadb/Chart.yaml b/charts/mariadb/Chart.yaml index c1344435..331a148d 100644 --- a/charts/mariadb/Chart.yaml +++ b/charts/mariadb/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: mariadb description: MariaDB is a high-performance, open-source relational database server that is a drop-in replacement for MySQL type: application -version: 0.3.3 +version: 0.3.4 appVersion: "12.0.2" keywords: - mariadb diff --git a/charts/mariadb/values.yaml b/charts/mariadb/values.yaml index c2bcf586..8e80958f 100644 --- a/charts/mariadb/values.yaml +++ b/charts/mariadb/values.yaml @@ -22,7 +22,7 @@ image: ## @param image.repository MariaDB image repository repository: mariadb ## @param image.tag MariaDB image tag (immutable tags are recommended) - tag: "12.0.2@sha256:03a03a6817bb9eaa21e5aed1b734d432ec3f80021f5a2de1795475f158217545" + tag: "12.0.2@sha256:5b6a1eac15b85b981a61afb89aea2a22bf76b5f58809d05f0bcc13ab6ec44cb8" ## @param image.pullPolicy MariaDB image pull policy imagePullPolicy: Always From 6554cc95ffc08ceffc3f5ce7a216f829dacfd139 Mon Sep 17 00:00:00 2001 From: Janis Hahn <84630677+Wurstkatze@users.noreply.github.com> Date: Fri, 10 Oct 2025 07:59:20 +0200 Subject: [PATCH 04/20] [auto-label, documentation] Automatically add labels parsed from PR titles & Add commit signing section to 'Development Setup' in CONTRIBUTING.md (#307) [documentation, auto-label] Add commit signing section to 'Development Setup' in CONTRIBUTING.md & Automatically add labels contained in PR titles --- .github/ISSUE_TEMPLATE/bug_report.yml | 2 + .github/ISSUE_TEMPLATE/feature_request.yml | 2 + .github/PULL_REQUEST_TEMPLATE.md | 6 ++- .github/workflows/auto-label.yaml | 20 +++++++- CONTRIBUTING.md | 59 ++++++++++++++++++---- 5 files changed, 75 insertions(+), 14 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml index a3123570..0880ff69 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -56,6 +56,7 @@ body: - universal - clusterpirate - common + - etcd - ghost - keycloak - mariadb @@ -68,6 +69,7 @@ body: - redis - timescaledb - valkey + - wordpress - zookeeper validations: required: true diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml index d9447e43..41db4486 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.yml +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -45,6 +45,7 @@ body: - universal - clusterpirate - common + - etcd - ghost - keycloak - mariadb @@ -57,4 +58,5 @@ body: - redis - timescaledb - valkey + - wordpress - zookeeper diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 1821d8e9..ce3d8b29 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -4,6 +4,9 @@ - Describe the scope of your change - i.e. what the change does. - Describe any known limitations with your change. - Please run any tests or examples that can exercise your modified code. + - Labels are automatically applied when they are inside the square brackets of your PR title on opening. Examples: + - [redis]: adds `redis` label + - [redis, valkey] Adds `redis` and `valkey` labels Thank you for contributing! We will try to test and integrate the change as soon as we can. --> @@ -23,6 +26,7 @@ ### Applicable issues + - fixes # ### Additional information @@ -33,6 +37,6 @@ -- [ ] Chart version bumped in `Chart.yaml` according to [semver](http://semver.org/). This is *not necessary* when the changes only affect README.md files. +- [ ] Chart version bumped in `Chart.yaml` according to [semver](http://semver.org/). This is _not necessary_ when the changes only affect README.md files. - [ ] Variables are documented in the values.yaml and added to the `README.md` - [ ] Title of the pull request follows this pattern [] Descriptive title diff --git a/.github/workflows/auto-label.yaml b/.github/workflows/auto-label.yaml index 9530d41f..0be436a7 100644 --- a/.github/workflows/auto-label.yaml +++ b/.github/workflows/auto-label.yaml @@ -2,23 +2,39 @@ name: Auto-label issues on: issues: types: [opened] + pull_request: + types: [opened] jobs: label: runs-on: ubuntu-latest permissions: issues: write + pull-requests: write steps: - name: Apply labels uses: actions/github-script@v7 with: script: | - const labels = (context.payload.issue.body.split(/### Affected Helm charts/)[1] || "") + let content = ""; + if (context.payload.pull_request) { + const parsedTitle = context.payload.pull_request.title.match(/^\[([a-z_-]+(?:, [a-z_-]+)*)\].+$/); + content = parsedTitle ? parsedTitle[1] : ""; + } else { + content = context.payload.issue.body.split(/### Affected Helm charts/)[1] || ""; + } + const { data } = await github.rest.issues.listLabelsForRepo({ + ...context.repo, + per_page: 100, + }); + const existingLabels = new Set(data.map((label) => label.name)); + const labels = content .trim() .split(",") .map((s) => s.trim()) - .filter((s) => s && s !== "_No response_"); + .filter((s) => s && existingLabels.has(s)); if (labels.length) { + console.log(`Adding ${labels.length} labels: ${labels.join(', ')}`) await github.rest.issues.addLabels({ ...context.repo, issue_number: context.issue.number, diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index df6176ef..653e571c 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -6,11 +6,23 @@ Hi there! We are thrilled that you'd like to contribute to this project. It's pe - [Code of Conduct](#code-of-conduct) - [How Can I Contribute?](#how-can-i-contribute) + - [Reporting Bugs](#reporting-bugs) + - [Suggesting Enhancements](#suggesting-enhancements) + - [Types of Contributions We're Looking For](#types-of-contributions-were-looking-for) - [Development Setup](#development-setup) + - [Prerequisites](#prerequisites) + - [Setting Up Your Development Environment](#setting-up-your-development-environment) - [Contributing Guidelines](#contributing-guidelines) -- [Chart Development Standards](#chart-development-standards) + - [Chart Development Standards](#chart-development-standards) + - [Chart Structure](#chart-structure) + - [Documentation Requirements](#documentation-requirements) + - [Versioning](#versioning) - [Testing](#testing) + - [Running Tests](#running-tests) + - [Test Requirements](#test-requirements) + - [Manual Testing](#manual-testing) - [Pull Request Process](#pull-request-process) + - [Pull Request Checklist](#pull-request-checklist) ## Code of Conduct @@ -22,21 +34,21 @@ This project and everyone participating in it is governed by our [Code of Conduc Before creating bug reports, please check the existing issues as you might find out that you don't need to create one. When you are creating a bug report, please include as many details as possible: -- **Use a clear and descriptive title** -- **Describe the exact steps to reproduce the problem** -- **Provide specific examples to demonstrate the steps** -- **Describe the behavior you observed and what behavior you expected** -- **Include details about your configuration and environment** +- Use a **clear and descriptive title** +- Describe the **exact steps to reproduce** the problem +- Provide **specific examples** to demonstrate the steps +- Describe the **behavior you observed** and what **behavior you expected** +- Include details about **your configuration and environment** ### Suggesting Enhancements Enhancement suggestions are tracked as GitHub issues. When creating an enhancement suggestion, please include: -- **Use a clear and descriptive title** -- **Provide a step-by-step description of the suggested enhancement** -- **Provide specific examples to demonstrate the steps** -- **Describe the current behavior and explain which behavior you expected to see** -- **Explain why this enhancement would be useful** +- Use a **clear and descriptive title** +- Provide a **step-by-step description** of the suggested enhancement +- Provide **specific examples** to demonstrate the steps +- Describe the **current behavior** and explain which **behavior you expected** to see +- Explain **why this enhancement would be useful** ### Types of Contributions We're Looking For @@ -52,21 +64,39 @@ Enhancement suggestions are tracked as GitHub issues. When creating an enhanceme - Kubernetes 1.24+ - Helm 3.2.0+ - [helm-unittest](https://github.com/helm-unittest/helm-unittest) plugin +- Commits verified by signature ### Setting Up Your Development Environment 1. Fork the repository on GitHub 2. Clone your fork locally: + ```bash git clone https://github.com/your-username/helm-charts.git cd helm-charts ``` 3. Install the helm-unittest plugin: + ```bash helm plugin install https://github.com/helm-unittest/helm-unittest ``` +4. Make sure to sign your commits + + ```bash + git config gpg.format ssh + git config user.signingkey + git config commit.gpgsign true + git config tag.gpgsign true + ``` + + Replace `` with the path to your public ssh key file, e.g. `~/.ssh/id_ed25519.pub`, wich you use to push to GitHub. + Alternatively, a signing ssh key can be used instead. + If you want to sign commits in every repository, not just this one, add the `--global` parameter. + + > More information: [GitHub docs](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification) + ## Contributing Guidelines ### Chart Development Standards @@ -74,18 +104,21 @@ Enhancement suggestions are tracked as GitHub issues. When creating an enhanceme All charts in this repository must follow these standards: #### Security First + - Implement read-only root filesystems where possible - Drop unnecessary Linux capabilities - Configure security contexts properly - Never hardcode credentials #### Production Ready + - Include comprehensive health checks (liveness, readiness, startup probes) - Support resource requests and limits - Provide persistent storage configurations - Include health check endpoints #### Highly Configurable + - Provide extensive `values.yaml` with detailed documentation - Support existing secrets and ConfigMaps - Offer flexible ingress configurations @@ -154,6 +187,7 @@ helm unittest charts/your-chart ### Test Requirements Your tests should cover: + - Template rendering with default values - Template rendering with custom values - Required value validation @@ -181,6 +215,7 @@ kubectl get all -n test ## Pull Request Process 1. **Branch**: Create a feature branch from `main` + ```bash git checkout -b feature/your-chart-improvement ``` @@ -188,6 +223,7 @@ kubectl get all -n test 2. **Development**: Make your changes following the guidelines above 3. **Testing**: Run all tests and ensure they pass + ```bash ./test-all-charts.sh helm lint ./charts/your-chart @@ -196,6 +232,7 @@ kubectl get all -n test 4. **Documentation**: Update documentation as needed 5. **Commit**: Use clear, descriptive commit messages + ```bash git commit -m "[chart-name] Add support for custom annotations" ``` From c6476c3ae051382b5c2d3143ee1de5b8e521a44d Mon Sep 17 00:00:00 2001 From: Finn Rades <64548817+zOnlyKroks@users.noreply.github.com> Date: Fri, 10 Oct 2025 08:41:41 +0200 Subject: [PATCH 05/20] [etcd]: Initial etcd implementation (#230) * [etcd]: Initial etcd implementation * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Update CHANGELOG.md Signed-off-by: github-actions[bot] --------- Signed-off-by: github-actions[bot] Co-authored-by: github-actions[bot] --- charts/etcd/CHANGELOG.md | 5 + charts/etcd/Chart.lock | 6 + charts/etcd/Chart.yaml | 26 ++ charts/etcd/README.md | 265 ++++++++++++++ charts/etcd/templates/_helpers.tpl | 93 +++++ charts/etcd/templates/extraobjects.yaml | 4 + charts/etcd/templates/networkpolicy.yaml | 68 ++++ .../etcd/templates/poddisruptionbudget.yaml | 19 + charts/etcd/templates/service.yaml | 49 +++ charts/etcd/templates/serviceaccount.yaml | 14 + charts/etcd/templates/servicemonitor.yaml | 38 ++ charts/etcd/templates/statefulset.yaml | 240 ++++++++++++ charts/etcd/tests/common-parameters_test.yaml | 210 +++++++++++ .../etcd/tests/etcd-functionality_test.yaml | 258 +++++++++++++ charts/etcd/tests/service-account_test.yaml | 58 +++ charts/etcd/values.schema.json | 341 ++++++++++++++++++ charts/etcd/values.yaml | 271 ++++++++++++++ 17 files changed, 1965 insertions(+) create mode 100644 charts/etcd/CHANGELOG.md create mode 100644 charts/etcd/Chart.lock create mode 100644 charts/etcd/Chart.yaml create mode 100644 charts/etcd/README.md create mode 100644 charts/etcd/templates/_helpers.tpl create mode 100644 charts/etcd/templates/extraobjects.yaml create mode 100644 charts/etcd/templates/networkpolicy.yaml create mode 100644 charts/etcd/templates/poddisruptionbudget.yaml create mode 100644 charts/etcd/templates/service.yaml create mode 100644 charts/etcd/templates/serviceaccount.yaml create mode 100644 charts/etcd/templates/servicemonitor.yaml create mode 100644 charts/etcd/templates/statefulset.yaml create mode 100644 charts/etcd/tests/common-parameters_test.yaml create mode 100644 charts/etcd/tests/etcd-functionality_test.yaml create mode 100644 charts/etcd/tests/service-account_test.yaml create mode 100644 charts/etcd/values.schema.json create mode 100644 charts/etcd/values.yaml diff --git a/charts/etcd/CHANGELOG.md b/charts/etcd/CHANGELOG.md new file mode 100644 index 00000000..cd45d41d --- /dev/null +++ b/charts/etcd/CHANGELOG.md @@ -0,0 +1,5 @@ +# Changelog + +## 0.1.0 (2025-10-09) + +* [etcd]: Initial etcd implementation ([#230](https://github.com/CloudPirates-io/helm-charts/pull/230)) diff --git a/charts/etcd/Chart.lock b/charts/etcd/Chart.lock new file mode 100644 index 00000000..527e3864 --- /dev/null +++ b/charts/etcd/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: oci://registry-1.docker.io/cloudpirates + version: 1.1.1 +digest: sha256:8da3c04e2c4a1ebfff4f21936399938e0f3fcf9fbd2f7135e7e907ce725b8f00 +generated: "2025-10-08T12:49:37.237547+02:00" diff --git a/charts/etcd/Chart.yaml b/charts/etcd/Chart.yaml new file mode 100644 index 00000000..97790d79 --- /dev/null +++ b/charts/etcd/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: etcd +description: etcd is a distributed reliable key-value store for the most critical data of a distributed system +type: application +version: 0.1.0 +appVersion: "3.6.0" +keywords: + - etcd + - distributed + - key-value + - consensus + - raft +home: https://etcd.io/ +sources: + - https://github.com/etcd-io/etcd +annotations: + category: Database + license: Apache-2.0 +maintainers: + - name: CloudPirates GmbH & Co. KG + url: https://www.cloudpirates.io +dependencies: + - name: common + version: "1.x.x" + repository: oci://registry-1.docker.io/cloudpirates +icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/etcd/icon/color/etcd-icon-color.svg diff --git a/charts/etcd/README.md b/charts/etcd/README.md new file mode 100644 index 00000000..fbfde18e --- /dev/null +++ b/charts/etcd/README.md @@ -0,0 +1,265 @@ +

+ +

+ +# etcd Helm Chart + +etcd is a distributed reliable key-value store for the most critical data of a distributed system, with a focus on being simple, secure, fast, and reliable. + +## Quick Start + +### Prerequisites + +- Kubernetes 1.24+ +- Helm 3.2.0+ +- PV provisioner support in the underlying infrastructure (if persistence is enabled) + +### Installation + +To install the chart with the release name `my-etcd`: + +```bash +helm install my-etcd oci://registry-1.docker.io/cloudpirates/etcd +``` + +To install with custom values: + +```bash +helm install my-etcd oci://registry-1.docker.io/cloudpirates/etcd -f my-values.yaml +``` + +Or install directly from the local chart: + +```bash +helm install my-etcd ./charts/etcd +``` + +### Getting Started + +1. Check the status of your etcd cluster: + +```bash +kubectl exec -it my-etcd-0 -- etcdctl \ + --endpoints=my-etcd:2379 \ + endpoint health +``` + +2. Connect to etcd from inside the cluster: + +```bash +kubectl run etcd-client --rm --tty -i --restart='Never' \ + --image gcr.io/etcd-development/etcd:v3.6.0-alpha.0 -- bash + +# Inside the pod: +etcdctl --endpoints=my-etcd:2379 endpoint status --write-out=table +``` + +## Configuration + +### Image Configuration + +| Parameter | Description | Default | +| ------------------- | ------------------------------------- | ------------------------------------ | +| `image.registry` | etcd image registry | `gcr.io` | +| `image.repository` | etcd image repository | `etcd-development/etcd` | +| `image.tag` | etcd image tag | `v3.6.0-alpha.0` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `global.imageRegistry` | Global Docker image registry override | `""` | +| `global.imagePullSecrets` | Global Docker registry secret names | `[]` | + +### Common Parameters + +| Parameter | Description | Default | +| ------------------- | --------------------------------------- | ------- | +| `nameOverride` | String to partially override etcd.fullname | `""` | +| `fullnameOverride` | String to fully override etcd.fullname | `""` | +| `commonLabels` | Labels to add to all deployed objects | `{}` | +| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | +| `replicaCount` | Number of etcd replicas to deploy (must be odd) | `3` | +| `podLabels` | Additional labels for etcd pods | `{}` | +| `podAnnotations` | Additional annotations for etcd pods | `{}` | + +### Service Configuration + +| Parameter | Description | Default | +| ---------------------- | ----------------------- | ----------- | +| `service.type` | Kubernetes service type | `ClusterIP` | +| `service.annotations` | Service annotations | `{}` | +| `service.clientPort` | etcd client port | `2379` | +| `service.peerPort` | etcd peer port | `2380` | +| `service.metricsPort` | etcd metrics port | `2381` | + +### Authentication and Security + +| Parameter | Description | Default | +| --------------------------- | -------------------------------------------------- | ------- | +| `auth.enabled` | Enable client-to-server TLS authentication | `false` | +| `auth.existingSecret` | Name of existing secret containing client certificates | `""` | +| `auth.peer.enabled` | Enable peer-to-peer TLS authentication | `false` | +| `auth.peer.existingSecret` | Name of existing secret containing peer certificates | `""` | + +### etcd Configuration + +| Parameter | Description | Default | +| -------------------------------- | -------------------------------------------- | --------------- | +| `config.initialClusterState` | Initial cluster state (new or existing) | `new` | +| `config.autoCompactionMode` | Auto compaction mode (periodic or revision) | `periodic` | +| `config.autoCompactionRetention` | Auto compaction retention | `1` | +| `config.snapshotCount` | Number of transactions to trigger a snapshot | `10000` | +| `config.quotaBackendBytes` | Backend storage quota in bytes (2GB) | `2147483648` | +| `config.maxRequestBytes` | Maximum client request size in bytes | `1572864` | +| `config.logLevel` | Log level (debug, info, warn, error, panic, fatal) | `info` | +| `config.initialClusterToken` | Initial cluster token | `etcd-cluster` | +| `config.heartbeatInterval` | Heartbeat interval in milliseconds | `100` | +| `config.electionTimeout` | Election timeout in milliseconds | `1000` | +| `config.maxSnapshots` | Maximum number of snapshot files to retain | `5` | +| `config.maxWals` | Maximum number of WAL files to retain | `5` | +| `config.listenPeerIp` | IP address to bind for peer traffic | `0.0.0.0` | +| `config.listenClientIp` | IP address to bind for client traffic | `0.0.0.0` | + +### Persistence + +| Parameter | Description | Default | +| ----------------------------- | ---------------------------------------- | ---------------- | +| `persistence.enabled` | Enable persistence using PVC | `true` | +| `persistence.storageClass` | Storage class of backing PVC | `""` | +| `persistence.annotations` | Annotations for the PVC | `{}` | +| `persistence.size` | Size of data volume | `8Gi` | +| `persistence.accessModes` | Persistent Volume Access Modes | `[ReadWriteOnce]`| +| `persistence.mountPath` | Mount path for data volume | `/var/run/etcd` | + +### Resources + +| Parameter | Description | Default | +| ----------- | ------------------------------------ | ------- | +| `resources` | CPU/Memory resource requests/limits | `{}` | + +### StatefulSet Configuration + +| Parameter | Description | Default | +| ------------------ | ------------------------------ | ----------------- | +| `updateStrategy.type` | StatefulSet update strategy | `RollingUpdate` | + +### Metrics Configuration + +| Parameter | Description | Default | +| -------------------------------------------- | ------------------------------------------------ | ------- | +| `metrics.enabled` | Enable Prometheus metrics | `true` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor for Prometheus Operator | `false` | +| `metrics.serviceMonitor.namespace` | Namespace for ServiceMonitor | `""` | +| `metrics.serviceMonitor.interval` | Scrape interval | `30s` | +| `metrics.serviceMonitor.scrapeTimeout` | Scrape timeout | `""` | +| `metrics.serviceMonitor.relabelings` | Relabel configurations | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | Metric relabel configurations | `[]` | +| `metrics.serviceMonitor.labels` | Additional labels for ServiceMonitor | `{}` | +| `metrics.serviceMonitor.honorLabels` | Honor labels from metrics | `false` | + +### High Availability + +| Parameter | Description | Default | +| ----------------------------------- | ------------------------------------- | ------- | +| `podDisruptionBudget.enabled` | Enable PodDisruptionBudget | `false` | +| `podDisruptionBudget.minAvailable` | Minimum number of available pods | `""` | +| `podDisruptionBudget.maxUnavailable`| Maximum number of unavailable pods | `1` | + +### Service Account + +| Parameter | Description | Default | +| -------------------------------------------- | ---------------------------------------- | ------- | +| `serviceAccount.create` | Create service account | `true` | +| `serviceAccount.name` | Service account name | `""` | +| `serviceAccount.annotations` | Service account annotations | `{}` | +| `serviceAccount.automountServiceAccountToken`| Automount service account token | `false` | + +### Network Policy + +| Parameter | Description | Default | +| -------------------------------- | ------------------------------------ | ------- | +| `networkPolicy.enabled` | Enable NetworkPolicy | `false` | +| `networkPolicy.allowExternal` | Allow external traffic | `true` | +| `networkPolicy.extraIngress` | Additional ingress rules | `[]` | +| `networkPolicy.extraEgress` | Additional egress rules | `[]` | + +### Security Context + +| Parameter | Description | Default | +| -------------------------------------------- | -------------------------------------------- | ------------------ | +| `containerSecurityContext.runAsUser` | User ID to run the container | `1000` | +| `containerSecurityContext.runAsGroup` | Group ID to run the container | `1000` | +| `containerSecurityContext.runAsNonRoot` | Run as non-root user | `true` | +| `containerSecurityContext.allowPrivilegeEscalation` | Allow privilege escalation | `false` | +| `containerSecurityContext.readOnlyRootFilesystem` | Mount root filesystem as read-only | `true` | +| `containerSecurityContext.capabilities.drop` | Linux capabilities to drop | `[ALL]` | +| `podSecurityContext.fsGroup` | Group ID for the volumes | `1000` | + +### Probes + +| Parameter | Description | Default | +| ----------------------------------- | ---------------------------------- | ------- | +| `startupProbe.enabled` | Enable startup probe | `true` | +| `startupProbe.initialDelaySeconds` | Initial delay for startup probe | `0` | +| `startupProbe.periodSeconds` | Period for startup probe | `10` | +| `startupProbe.timeoutSeconds` | Timeout for startup probe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startup probe| `30` | +| `livenessProbe.enabled` | Enable liveness probe | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay for liveness probe | `10` | +| `livenessProbe.periodSeconds` | Period for liveness probe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout for liveness probe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for liveness probe | `3` | +| `readinessProbe.enabled` | Enable readiness probe | `true` | +| `readinessProbe.initialDelaySeconds`| Initial delay for readiness probe | `5` | +| `readinessProbe.periodSeconds` | Period for readiness probe | `10` | +| `readinessProbe.timeoutSeconds` | Timeout for readiness probe | `5` | +| `readinessProbe.failureThreshold` | Failure threshold for readiness probe | `3` | + +### Scheduling + +| Parameter | Description | Default | +| ------------------------------ | --------------------------------------- | ------- | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `affinity` | Affinity rules for pod assignment | `{}` | +| `topologySpreadConstraints` | Topology Spread Constraints | `[]` | +| `priorityClassName` | Priority class name for pod eviction | `""` | + +### Extra Configuration + +| Parameter | Description | Default | +| ------------------- | ------------------------------------------------- | ------- | +| `extraArgs` | Additional etcd command line arguments | `[]` | +| `extraEnv` | Additional environment variables | `[]` | +| `extraVolumes` | Additional volumes to add to the pod | `[]` | +| `extraVolumeMounts` | Additional volume mounts for etcd container | `[]` | +| `extraObjects` | Array of extra objects to deploy with the release | `[]` | + +## Upgrading + +To upgrade your release: + +```bash +helm upgrade my-etcd oci://registry-1.docker.io/cloudpirates/etcd +``` + +## Uninstalling + +To uninstall/delete the `my-etcd` deployment: + +```bash +helm delete my-etcd +``` + +## License + +Copyright © 2024 CloudPirates GmbH & Co. KG + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/charts/etcd/templates/_helpers.tpl b/charts/etcd/templates/_helpers.tpl new file mode 100644 index 00000000..11429253 --- /dev/null +++ b/charts/etcd/templates/_helpers.tpl @@ -0,0 +1,93 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "etcd.name" -}} +{{- include "common.name" . -}} +{{- end }} + +{{/* +Create a default fully qualified app name. +*/}} +{{- define "etcd.fullname" -}} +{{- include "common.fullname" . -}} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "etcd.chart" -}} +{{- include "common.chart" . -}} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "etcd.labels" -}} +{{- include "common.labels" . }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "etcd.selectorLabels" -}} +{{- include "common.selectorLabels" . -}} +{{- end }} + +{{/* +Common annotations +*/}} +{{- define "etcd.annotations" -}} +{{- include "common.annotations" . -}} +{{- end }} + +{{/* +Return the proper etcd image name +*/}} +{{- define "etcd.image" -}} +{{- include "common.image" (dict "image" .Values.image "global" .Values.global) -}} +{{- end }} + +{{/* +Return the proper Docker Image Registry Secret Names +*/}} +{{- define "etcd.imagePullSecrets" -}} +{{ include "common.images.renderPullSecrets" (dict "images" (list .Values.image) "context" .) }} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "etcd.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "etcd.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Validate etcd values +*/}} +{{- define "etcd.validateValues" -}} +{{- $replicaCount := int .Values.replicaCount }} +{{- if and (gt $replicaCount 1) (eq (mod $replicaCount 2) 0) }} +{{- fail (printf "etcd: Invalid replica count. etcd requires an odd number of replicas for quorum (e.g., 1, 3, 5, 7). Current value: %d" $replicaCount) }} +{{- end }} +{{- end }} + +{{/* +Generate etcd initial cluster string +*/}} +{{- define "etcd.initialCluster" -}} +{{- $namespace := .Release.Namespace }} +{{- $name := include "etcd.fullname" . -}} +{{- $peerPort := .Values.service.peerPort -}} +{{- $replicaCount := int .Values.replicaCount }} +{{- $protocol := "http" }} +{{- if .Values.auth.peer.enabled }} +{{- $protocol = "https" }} +{{- end }} +{{- range $i := until $replicaCount }} +{{- if $i }},{{ end -}}{{ $name }}-{{ $i }}={{ $protocol }}://{{ $name }}-{{ $i }}.{{ $name }}-headless.{{ $namespace }}.svc.cluster.local:{{ $peerPort }} +{{- end }} +{{- end }} diff --git a/charts/etcd/templates/extraobjects.yaml b/charts/etcd/templates/extraobjects.yaml new file mode 100644 index 00000000..5a8cb412 --- /dev/null +++ b/charts/etcd/templates/extraobjects.yaml @@ -0,0 +1,4 @@ +{{- range .Values.extraObjects }} +--- +{{- include "common.tplvalues.render" (dict "value" . "context" $) }} +{{- end }} diff --git a/charts/etcd/templates/networkpolicy.yaml b/charts/etcd/templates/networkpolicy.yaml new file mode 100644 index 00000000..d3e202fe --- /dev/null +++ b/charts/etcd/templates/networkpolicy.yaml @@ -0,0 +1,68 @@ +{{- if .Values.networkPolicy.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "etcd.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "etcd.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "etcd.selectorLabels" . | nindent 6 }} + policyTypes: + - Ingress + - Egress + ingress: + # Allow client connections + - ports: + - port: {{ .Values.service.clientPort }} + protocol: TCP + {{- if not .Values.networkPolicy.allowExternal }} + from: + - podSelector: + matchLabels: {} + {{- end }} + # Allow peer connections + - ports: + - port: {{ .Values.service.peerPort }} + protocol: TCP + from: + - podSelector: + matchLabels: + {{- include "etcd.selectorLabels" . | nindent 14 }} + {{- if .Values.metrics.enabled }} + # Allow metrics scraping + - ports: + - port: {{ .Values.service.metricsPort }} + protocol: TCP + {{- if not .Values.networkPolicy.allowExternal }} + from: + - namespaceSelector: {} + podSelector: + matchLabels: + app.kubernetes.io/name: prometheus + {{- end }} + {{- end }} + {{- with .Values.networkPolicy.extraIngress }} + {{- toYaml . | nindent 4 }} + {{- end }} + egress: + # Allow DNS resolution + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + # Allow etcd peer communication + - ports: + - port: {{ .Values.service.peerPort }} + protocol: TCP + to: + - podSelector: + matchLabels: + {{- include "etcd.selectorLabels" . | nindent 14 }} + {{- with .Values.networkPolicy.extraEgress }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/etcd/templates/poddisruptionbudget.yaml b/charts/etcd/templates/poddisruptionbudget.yaml new file mode 100644 index 00000000..81c8d2a2 --- /dev/null +++ b/charts/etcd/templates/poddisruptionbudget.yaml @@ -0,0 +1,19 @@ +{{- if .Values.podDisruptionBudget.enabled }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ include "etcd.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "etcd.labels" . | nindent 4 }} +spec: + {{- if .Values.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if .Values.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} + {{- end }} + selector: + matchLabels: + {{- include "etcd.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/etcd/templates/service.yaml b/charts/etcd/templates/service.yaml new file mode 100644 index 00000000..393f414d --- /dev/null +++ b/charts/etcd/templates/service.yaml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "etcd.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "etcd.labels" . | nindent 4 }} + {{- with .Values.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.clientPort | default 2379 }} + targetPort: client + protocol: TCP + name: client + {{- if .Values.metrics.enabled }} + - port: {{ .Values.service.metricsPort | default 2381 }} + targetPort: metrics + protocol: TCP + name: metrics + {{- end }} + selector: + {{- include "etcd.selectorLabels" . | nindent 4 }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "etcd.fullname" . }}-headless + namespace: {{ .Release.Namespace }} + labels: + {{- include "etcd.labels" . | nindent 4 }} +spec: + type: ClusterIP + clusterIP: None + publishNotReadyAddresses: true + ports: + - port: {{ .Values.service.clientPort | default 2379 }} + targetPort: client + protocol: TCP + name: client + - port: {{ .Values.service.peerPort | default 2380 }} + targetPort: peer + protocol: TCP + name: peer + selector: + {{- include "etcd.selectorLabels" . | nindent 4 }} diff --git a/charts/etcd/templates/serviceaccount.yaml b/charts/etcd/templates/serviceaccount.yaml new file mode 100644 index 00000000..1aadc749 --- /dev/null +++ b/charts/etcd/templates/serviceaccount.yaml @@ -0,0 +1,14 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "etcd.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "etcd.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} +{{- end }} diff --git a/charts/etcd/templates/servicemonitor.yaml b/charts/etcd/templates/servicemonitor.yaml new file mode 100644 index 00000000..de65a73f --- /dev/null +++ b/charts/etcd/templates/servicemonitor.yaml @@ -0,0 +1,38 @@ +{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "etcd.fullname" . }} + namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace }} + labels: + {{- include "etcd.labels" . | nindent 4 }} + {{- with .Values.metrics.serviceMonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + {{- include "etcd.selectorLabels" . | nindent 6 }} + endpoints: + - port: metrics + {{- if .Values.metrics.serviceMonitor.interval }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- with .Values.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.honorLabels }} + honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} diff --git a/charts/etcd/templates/statefulset.yaml b/charts/etcd/templates/statefulset.yaml new file mode 100644 index 00000000..e7c93f0a --- /dev/null +++ b/charts/etcd/templates/statefulset.yaml @@ -0,0 +1,240 @@ +{{- include "etcd.validateValues" . }} +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "etcd.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "etcd.labels" . | nindent 4 }} + {{- with (include "etcd.annotations" .) }} + annotations: + {{- . | nindent 4 }} + {{- end }} +spec: + serviceName: {{ include "etcd.fullname" . }}-headless + replicas: {{ .Values.replicaCount }} + podManagementPolicy: Parallel + {{- if .Values.updateStrategy }} + updateStrategy: {{- toYaml .Values.updateStrategy | nindent 4 }} + {{- end }} + selector: + matchLabels: + {{- include "etcd.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "etcd.selectorLabels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + annotations: + {{- with (include "etcd.annotations" .) }} + {{- . | nindent 8 }} + {{- end }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: +{{- with (include "etcd.imagePullSecrets" .) }} +{{ . | nindent 6 }} +{{- end }} + serviceAccountName: {{ include "etcd.serviceAccountName" . }} + securityContext: {{ include "common.renderPodSecurityContext" . | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: {{ include "common.renderContainerSecurityContext" . | nindent 12 }} + image: {{ include "etcd.image" . | quote }} + imagePullPolicy: {{ .Values.image.pullPolicy | default "IfNotPresent" | quote }} + command: + - /usr/local/bin/etcd + args: + - --name=$(POD_NAME) + - --listen-peer-urls={{ if .Values.auth.peer.enabled }}https{{ else }}http{{ end }}://{{ .Values.config.listenPeerIp }}:{{ .Values.service.peerPort }} + - --listen-client-urls={{ if .Values.auth.enabled }}https{{ else }}http{{ end }}://{{ .Values.config.listenClientIp }}:{{ .Values.service.clientPort }} + - --advertise-client-urls={{ if .Values.auth.enabled }}https{{ else }}http{{ end }}://$(POD_NAME).{{ include "etcd.fullname" . }}-headless.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.clientPort }} + - --initial-advertise-peer-urls={{ if .Values.auth.peer.enabled }}https{{ else }}http{{ end }}://$(POD_NAME).{{ include "etcd.fullname" . }}-headless.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.peerPort }} + - --initial-cluster={{ include "etcd.initialCluster" . }} + - --initial-cluster-token={{ .Values.config.initialClusterToken }} + - --initial-cluster-state={{ .Values.config.initialClusterState }} + - --data-dir={{ .Values.persistence.mountPath }}/default.etcd + - --auto-compaction-mode={{ .Values.config.autoCompactionMode }} + - --auto-compaction-retention={{ .Values.config.autoCompactionRetention }} + - --snapshot-count={{ .Values.config.snapshotCount | int64 }} + - --quota-backend-bytes={{ .Values.config.quotaBackendBytes | int64 }} + - --max-request-bytes={{ .Values.config.maxRequestBytes | int64 }} + - --heartbeat-interval={{ .Values.config.heartbeatInterval }} + - --election-timeout={{ .Values.config.electionTimeout }} + - --max-snapshots={{ .Values.config.maxSnapshots }} + - --max-wals={{ .Values.config.maxWals }} + - --log-level={{ .Values.config.logLevel }} + {{- if .Values.auth.enabled }} + - --client-cert-auth + - --trusted-ca-file=/etc/etcd/certs/client/ca.crt + - --cert-file=/etc/etcd/certs/client/tls.crt + - --key-file=/etc/etcd/certs/client/tls.key + {{- end }} + {{- if .Values.auth.peer.enabled }} + - --peer-client-cert-auth + - --peer-trusted-ca-file=/etc/etcd/certs/peer/ca.crt + - --peer-cert-file=/etc/etcd/certs/peer/tls.crt + - --peer-key-file=/etc/etcd/certs/peer/tls.key + {{- end }} + {{- if .Values.metrics.enabled }} + - --listen-metrics-urls=http://{{ .Values.config.listenClientIp }}:{{ .Values.service.metricsPort }} + {{- end }} + {{- range .Values.extraArgs }} + - {{ . }} + {{- end }} + ports: + - name: client + containerPort: {{ .Values.service.clientPort | default 2379 }} + protocol: TCP + - name: peer + containerPort: {{ .Values.service.peerPort | default 2380 }} + protocol: TCP + {{- if .Values.metrics.enabled }} + - name: metrics + containerPort: {{ .Values.service.metricsPort | default 2381 }} + protocol: TCP + {{- end }} + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + {{- range .Values.extraEnv }} + - name: {{ .name }} + value: {{ .value | quote }} + {{- end }} + {{- if .Values.startupProbe.enabled }} + startupProbe: + httpGet: + path: /health + port: client + {{- if .Values.auth.enabled }} + scheme: HTTPS + {{- else }} + scheme: HTTP + {{- end }} + initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.startupProbe.periodSeconds }} + timeoutSeconds: {{ .Values.startupProbe.timeoutSeconds }} + failureThreshold: {{ .Values.startupProbe.failureThreshold }} + successThreshold: {{ .Values.startupProbe.successThreshold }} + {{- end }} + {{- if .Values.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /health + port: client + {{- if .Values.auth.enabled }} + scheme: HTTPS + {{- else }} + scheme: HTTP + {{- end }} + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} + successThreshold: {{ .Values.livenessProbe.successThreshold }} + {{- end }} + {{- if .Values.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /health?serializable=true + port: client + {{- if .Values.auth.enabled }} + scheme: HTTPS + {{- else }} + scheme: HTTP + {{- end }} + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.readinessProbe.failureThreshold }} + successThreshold: {{ .Values.readinessProbe.successThreshold }} + {{- end }} + resources: {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - name: data + mountPath: {{ .Values.persistence.mountPath }} + {{- if .Values.containerSecurityContext.readOnlyRootFilesystem }} + - name: tmp + mountPath: /tmp + {{- end }} + {{- if .Values.auth.enabled }} + - name: client-certs + mountPath: /etc/etcd/certs/client + readOnly: true + {{- end }} + {{- if .Values.auth.peer.enabled }} + - name: peer-certs + mountPath: /etc/etcd/certs/peer + readOnly: true + {{- end }} + {{- if .Values.extraVolumeMounts }} + {{- toYaml .Values.extraVolumeMounts | nindent 12 }} + {{- end }} + volumes: + {{- if not .Values.persistence.enabled }} + - name: data + emptyDir: {} + {{- end }} + {{- if .Values.containerSecurityContext.readOnlyRootFilesystem }} + - name: tmp + emptyDir: {} + {{- end }} + {{- if .Values.auth.enabled }} + - name: client-certs + secret: + secretName: {{ .Values.auth.existingSecret }} + defaultMode: 0400 + {{- end }} + {{- if .Values.auth.peer.enabled }} + - name: peer-certs + secret: + secretName: {{ .Values.auth.peer.existingSecret }} + defaultMode: 0400 + {{- end }} + {{- if .Values.extraVolumes }} + {{- toYaml .Values.extraVolumes | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.topologySpreadConstraints }} + topologySpreadConstraints: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.persistence.enabled }} + volumeClaimTemplates: + - metadata: + name: data + {{- with .Values.persistence.annotations }} + annotations: + {{- toYaml . | nindent 10 }} + {{- end }} + spec: + accessModes: + {{- with .Values.persistence.accessModes }} + {{- toYaml . | nindent 10 }} + {{- end}} + {{- if .Values.persistence.storageClass }} + storageClassName: {{ .Values.persistence.storageClass | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{- end }} diff --git a/charts/etcd/tests/common-parameters_test.yaml b/charts/etcd/tests/common-parameters_test.yaml new file mode 100644 index 00000000..74605bda --- /dev/null +++ b/charts/etcd/tests/common-parameters_test.yaml @@ -0,0 +1,210 @@ +suite: test etcd common parameters +templates: + - statefulset.yaml +set: + image: + tag: v3.6.0-alpha.0 +tests: + - it: should use default values when nothing is overridden + asserts: + - equal: + path: metadata.name + value: RELEASE-NAME-etcd + - equal: + path: metadata.labels["app.kubernetes.io/name"] + value: etcd + - equal: + path: metadata.labels["app.kubernetes.io/instance"] + value: RELEASE-NAME + - equal: + path: spec.template.spec.containers[0].image + value: gcr.io/etcd-development/etcd:v3.6.0-alpha.0 + - equal: + path: spec.template.spec.containers[0].imagePullPolicy + value: IfNotPresent + + - it: should respect global.imageRegistry override + set: + global: + imageRegistry: "my-registry.com" + asserts: + - equal: + path: spec.template.spec.containers[0].image + value: my-registry.com/etcd-development/etcd:v3.6.0-alpha.0 + + - it: should respect global.imagePullSecrets + set: + global: + imagePullSecrets: + - name: my-secret-1 + - name: my-secret-2 + asserts: + - equal: + path: spec.template.spec.imagePullSecrets[0].name + value: my-secret-1 + - equal: + path: spec.template.spec.imagePullSecrets[1].name + value: my-secret-2 + + - it: should respect nameOverride + set: + nameOverride: "custom-name" + asserts: + - equal: + path: metadata.name + value: RELEASE-NAME-custom-name + - equal: + path: metadata.labels["app.kubernetes.io/name"] + value: custom-name + + - it: should respect fullnameOverride + set: + fullnameOverride: "completely-custom-name" + asserts: + - equal: + path: metadata.name + value: completely-custom-name + + - it: should add commonLabels to all resources + set: + commonLabels: + environment: "test" + team: "platform" + asserts: + - equal: + path: metadata.labels.environment + value: test + - equal: + path: metadata.labels.team + value: platform + + - it: should add commonAnnotations to all resources + set: + commonAnnotations: + deployment.kubernetes.io/revision: "1" + prometheus.io/scrape: "true" + asserts: + - equal: + path: metadata.annotations["deployment.kubernetes.io/revision"] + value: "1" + - equal: + path: metadata.annotations["prometheus.io/scrape"] + value: "true" + + - it: should respect image.registry override + set: + image: + registry: "custom-registry.io" + asserts: + - equal: + path: spec.template.spec.containers[0].image + value: custom-registry.io/etcd-development/etcd:v3.6.0-alpha.0 + + - it: should respect image.repository override + set: + image: + repository: "custom/etcd" + asserts: + - equal: + path: spec.template.spec.containers[0].image + value: gcr.io/custom/etcd:v3.6.0-alpha.0 + + - it: should respect image.tag override + set: + image: + tag: "v3.5.0" + asserts: + - equal: + path: spec.template.spec.containers[0].image + value: gcr.io/etcd-development/etcd:v3.5.0 + + - it: should respect image.pullPolicy override + set: + image: + pullPolicy: "Always" + asserts: + - equal: + path: spec.template.spec.containers[0].imagePullPolicy + value: Always + + - it: should prioritize global.imageRegistry over image.registry + set: + global: + imageRegistry: "global-registry.com" + image: + registry: "image-registry.com" + asserts: + - equal: + path: spec.template.spec.containers[0].image + value: global-registry.com/etcd-development/etcd:v3.6.0-alpha.0 + + - it: should add podLabels to pod template + set: + podLabels: + custom: "label" + foo: "bar" + asserts: + - equal: + path: spec.template.metadata.labels.custom + value: label + - equal: + path: spec.template.metadata.labels.foo + value: bar + + - it: should add podAnnotations to pod template + set: + podAnnotations: + custom: "annotation" + foo: "bar" + asserts: + - equal: + path: spec.template.metadata.annotations.custom + value: annotation + - equal: + path: spec.template.metadata.annotations.foo + value: bar + + - it: should combine all overrides correctly + set: + global: + imageRegistry: "global-reg.io" + imagePullSecrets: + - name: global-secret + nameOverride: "custom-etcd" + commonLabels: + env: "prod" + commonAnnotations: + version: "v1.0.0" + podLabels: + pod-label: "value" + podAnnotations: + pod-annotation: "value" + image: + repository: "custom/etcd" + tag: "v3.5.0" + pullPolicy: "Never" + asserts: + - equal: + path: metadata.name + value: RELEASE-NAME-custom-etcd + - equal: + path: metadata.labels.env + value: prod + - equal: + path: metadata.annotations.version + value: v1.0.0 + - equal: + path: spec.template.metadata.labels.pod-label + value: value + - equal: + path: spec.template.metadata.annotations.pod-annotation + value: value + - equal: + path: spec.template.spec.containers[0].image + value: global-reg.io/custom/etcd:v3.5.0 + - equal: + path: spec.template.spec.containers[0].imagePullPolicy + value: Never + - equal: + path: spec.template.spec.imagePullSecrets[0].name + value: global-secret diff --git a/charts/etcd/tests/etcd-functionality_test.yaml b/charts/etcd/tests/etcd-functionality_test.yaml new file mode 100644 index 00000000..0cee7b96 --- /dev/null +++ b/charts/etcd/tests/etcd-functionality_test.yaml @@ -0,0 +1,258 @@ +suite: test etcd functionality +templates: + - statefulset.yaml + - service.yaml + - poddisruptionbudget.yaml + - servicemonitor.yaml + - networkpolicy.yaml +set: + image: + tag: v3.6.0-alpha.0 +tests: + # Replica count validation + - it: should fail with even replica count + template: statefulset.yaml + set: + replicaCount: 2 + asserts: + - failedTemplate: {} + + - it: should succeed with odd replica count + template: statefulset.yaml + set: + replicaCount: 5 + asserts: + - equal: + path: spec.replicas + value: 5 + + # etcd configuration + - it: should configure initial cluster state + template: statefulset.yaml + set: + config: + initialClusterState: "existing" + asserts: + - contains: + path: spec.template.spec.containers[0].args + content: "--initial-cluster-state=existing" + + - it: should configure heartbeat and election timeout + template: statefulset.yaml + set: + config: + heartbeatInterval: 200 + electionTimeout: 2000 + asserts: + - contains: + path: spec.template.spec.containers[0].args + content: "--heartbeat-interval=200" + - contains: + path: spec.template.spec.containers[0].args + content: "--election-timeout=2000" + + - it: should configure listen IPs + template: statefulset.yaml + set: + config: + listenPeerIp: "127.0.0.1" + listenClientIp: "127.0.0.1" + asserts: + - contains: + path: spec.template.spec.containers[0].args + content: "--listen-peer-urls=http://127.0.0.1:2380" + - contains: + path: spec.template.spec.containers[0].args + content: "--listen-client-urls=http://127.0.0.1:2379" + + - it: should add extraArgs + template: statefulset.yaml + set: + extraArgs: + - "--max-txn-ops=128" + - "--grpc-keepalive-min-time=5s" + asserts: + - contains: + path: spec.template.spec.containers[0].args + content: "--max-txn-ops=128" + - contains: + path: spec.template.spec.containers[0].args + content: "--grpc-keepalive-min-time=5s" + + # TLS configuration + - it: should enable client TLS + template: statefulset.yaml + set: + auth: + enabled: true + existingSecret: "etcd-client-certs" + asserts: + - contains: + path: spec.template.spec.containers[0].args + content: "--client-cert-auth" + - contains: + path: spec.template.spec.containers[0].args + content: "--listen-client-urls=https://0.0.0.0:2379" + + - it: should enable peer TLS + template: statefulset.yaml + set: + auth: + peer: + enabled: true + existingSecret: "etcd-peer-certs" + asserts: + - contains: + path: spec.template.spec.containers[0].args + content: "--peer-client-cert-auth" + - contains: + path: spec.template.spec.containers[0].args + content: "--listen-peer-urls=https://0.0.0.0:2380" + + # Metrics configuration + - it: should expose metrics port when enabled + template: statefulset.yaml + set: + metrics: + enabled: true + asserts: + - contains: + path: spec.template.spec.containers[0].args + content: "--listen-metrics-urls=http://0.0.0.0:2381" + - contains: + path: spec.template.spec.containers[0].ports + content: + name: metrics + containerPort: 2381 + protocol: TCP + + - it: should not expose metrics port when disabled + template: statefulset.yaml + set: + metrics: + enabled: false + asserts: + - notContains: + path: spec.template.spec.containers[0].args + content: "--listen-metrics-urls=http://0.0.0.0:2381" + + - it: should create ServiceMonitor when enabled + template: servicemonitor.yaml + set: + metrics: + enabled: true + serviceMonitor: + enabled: true + asserts: + - hasDocuments: + count: 1 + - isKind: + of: ServiceMonitor + + - it: should not create ServiceMonitor when disabled + template: servicemonitor.yaml + set: + metrics: + enabled: true + serviceMonitor: + enabled: false + asserts: + - hasDocuments: + count: 0 + + # Service configuration + - it: should add service annotations + template: service.yaml + set: + service: + annotations: + key1: "value1" + key2: "value2" + asserts: + - equal: + path: metadata.annotations.key1 + value: value1 + documentIndex: 0 + - equal: + path: metadata.annotations.key2 + value: value2 + documentIndex: 0 + + - it: should expose metrics port in service + template: service.yaml + set: + metrics: + enabled: true + asserts: + - contains: + path: spec.ports + content: + name: metrics + port: 2381 + targetPort: metrics + protocol: TCP + documentIndex: 0 + + # PodDisruptionBudget + - it: should create PDB when enabled + template: poddisruptionbudget.yaml + set: + podDisruptionBudget: + enabled: true + asserts: + - hasDocuments: + count: 1 + - isKind: + of: PodDisruptionBudget + + - it: should not create PDB when disabled + template: poddisruptionbudget.yaml + set: + podDisruptionBudget: + enabled: false + asserts: + - hasDocuments: + count: 0 + + - it: should set minAvailable in PDB + template: poddisruptionbudget.yaml + set: + podDisruptionBudget: + enabled: true + minAvailable: 2 + asserts: + - equal: + path: spec.minAvailable + value: 2 + + # NetworkPolicy + - it: should create NetworkPolicy when enabled + template: networkpolicy.yaml + set: + networkPolicy: + enabled: true + asserts: + - hasDocuments: + count: 1 + - isKind: + of: NetworkPolicy + + - it: should not create NetworkPolicy when disabled + template: networkpolicy.yaml + set: + networkPolicy: + enabled: false + asserts: + - hasDocuments: + count: 0 + + # UpdateStrategy + - it: should configure update strategy + template: statefulset.yaml + set: + updateStrategy: + type: "OnDelete" + asserts: + - equal: + path: spec.updateStrategy.type + value: OnDelete diff --git a/charts/etcd/tests/service-account_test.yaml b/charts/etcd/tests/service-account_test.yaml new file mode 100644 index 00000000..22388d09 --- /dev/null +++ b/charts/etcd/tests/service-account_test.yaml @@ -0,0 +1,58 @@ +suite: test etcd service account parameters +templates: + - serviceaccount.yaml +set: + serviceAccount: + create: true +tests: + - it: should use default labels for the manifest + asserts: + - equal: + path: metadata.name + value: RELEASE-NAME-etcd + - equal: + path: metadata.labels["app.kubernetes.io/name"] + value: etcd + - equal: + path: metadata.labels["app.kubernetes.io/instance"] + value: RELEASE-NAME + + - it: should respect serviceAccount.name override + set: + serviceAccount: + name: "my-service-account" + asserts: + - equal: + path: metadata.name + value: my-service-account + + - it: should respect serviceAccount.annotations override + set: + serviceAccount: + annotations: + key1: "value1" + key2: "value2" + asserts: + - equal: + path: metadata.annotations.key1 + value: value1 + - equal: + path: metadata.annotations.key2 + value: value2 + + - it: should respect serviceAccount.automountServiceAccountToken + set: + serviceAccount: + automountServiceAccountToken: true + asserts: + - equal: + path: automountServiceAccountToken + value: true + + - it: should not render when create is false + set: + serviceAccount: + create: false + asserts: + - hasDocuments: + count: 0 diff --git a/charts/etcd/values.schema.json b/charts/etcd/values.schema.json new file mode 100644 index 00000000..8efc0440 --- /dev/null +++ b/charts/etcd/values.schema.json @@ -0,0 +1,341 @@ +{ + "$schema": "https://json-schema.org/draft-07/schema#", + "type": "object", + "title": "etcd Helm Chart Values Schema", + "description": "Schema for etcd Helm chart values", + "properties": { + "global": { + "type": "object", + "title": "Global parameters", + "description": "Global Docker image parameters", + "properties": { + "imageRegistry": { + "type": "string", + "title": "Global Docker Image Registry", + "description": "Global Docker image registry" + }, + "imagePullSecrets": { + "type": "array", + "title": "Global Image Pull Secrets", + "description": "Global Docker registry secret names as an array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string" + } + }, + "required": ["name"] + } + } + } + }, + "nameOverride": { + "type": "string", + "title": "Name Override", + "description": "String to partially override etcd.fullname" + }, + "fullnameOverride": { + "type": "string", + "title": "Full Name Override", + "description": "String to fully override etcd.fullname" + }, + "commonLabels": { + "type": "object", + "title": "Common Labels", + "description": "Labels to add to all deployed objects" + }, + "commonAnnotations": { + "type": "object", + "title": "Common Annotations", + "description": "Annotations to add to all deployed objects" + }, + "image": { + "type": "object", + "title": "etcd Image Configuration", + "description": "Configuration for etcd container image", + "properties": { + "registry": { + "type": "string", + "title": "etcd Image Registry" + }, + "repository": { + "type": "string", + "title": "etcd Image Repository" + }, + "tag": { + "type": "string", + "title": "etcd Image Tag" + }, + "pullPolicy": { + "type": "string", + "title": "etcd Image Pull Policy", + "enum": ["Always", "IfNotPresent", "Never"] + } + } + }, + "replicaCount": { + "type": "integer", + "title": "Replica Count", + "description": "Number of etcd replicas to deploy", + "minimum": 1 + }, + "podLabels": { + "type": "object", + "title": "Pod Labels", + "description": "Additional labels for etcd pods" + }, + "podAnnotations": { + "type": "object", + "title": "Pod Annotations", + "description": "Additional annotations for etcd pods" + }, + "service": { + "type": "object", + "title": "Service Configuration", + "properties": { + "type": { + "type": "string", + "title": "Service Type", + "enum": ["ClusterIP", "NodePort", "LoadBalancer"] + }, + "annotations": { + "type": "object", + "title": "Service Annotations" + }, + "clientPort": { + "type": "integer", + "title": "Client Port", + "minimum": 1, + "maximum": 65535 + }, + "peerPort": { + "type": "integer", + "title": "Peer Port", + "minimum": 1, + "maximum": 65535 + }, + "metricsPort": { + "type": "integer", + "title": "Metrics Port", + "minimum": 1, + "maximum": 65535 + } + } + }, + "config": { + "type": "object", + "title": "etcd Configuration", + "properties": { + "initialClusterState": { + "type": "string", + "title": "Initial Cluster State", + "enum": ["new", "existing"] + }, + "autoCompactionMode": { + "type": "string", + "title": "Auto Compaction Mode", + "enum": ["periodic", "revision"] + }, + "autoCompactionRetention": { + "type": "string", + "title": "Auto Compaction Retention" + }, + "snapshotCount": { + "type": "integer", + "title": "Snapshot Count", + "minimum": 1 + }, + "quotaBackendBytes": { + "type": "integer", + "title": "Backend Quota in Bytes", + "minimum": 1 + }, + "maxRequestBytes": { + "type": "integer", + "title": "Max Request Bytes", + "minimum": 1 + }, + "logLevel": { + "type": "string", + "title": "Log Level", + "enum": ["debug", "info", "warn", "error", "panic", "fatal"] + }, + "initialClusterToken": { + "type": "string", + "title": "Initial Cluster Token" + }, + "heartbeatInterval": { + "type": "integer", + "title": "Heartbeat Interval (ms)", + "minimum": 1 + }, + "electionTimeout": { + "type": "integer", + "title": "Election Timeout (ms)", + "minimum": 1 + }, + "maxSnapshots": { + "type": "integer", + "title": "Max Snapshots to Retain", + "minimum": 1 + }, + "maxWals": { + "type": "integer", + "title": "Max WALs to Retain", + "minimum": 1 + }, + "listenPeerIp": { + "type": "string", + "title": "Listen Peer IP Address", + "pattern": "^(?:[0-9]{1,3}\\.){3}[0-9]{1,3}$|^0\\.0\\.0\\.0$" + }, + "listenClientIp": { + "type": "string", + "title": "Listen Client IP Address", + "pattern": "^(?:[0-9]{1,3}\\.){3}[0-9]{1,3}$|^0\\.0\\.0\\.0$" + } + } + }, + "persistence": { + "type": "object", + "title": "Persistence Configuration", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable Persistence" + }, + "storageClass": { + "type": "string", + "title": "Storage Class" + }, + "size": { + "type": "string", + "title": "Volume Size" + }, + "mountPath": { + "type": "string", + "title": "Mount Path" + } + } + }, + "resources": { + "type": "object", + "title": "Resource Requirements" + }, + "updateStrategy": { + "type": "object", + "title": "Update Strategy", + "properties": { + "type": { + "type": "string", + "title": "Update Strategy Type", + "enum": ["RollingUpdate", "OnDelete"] + } + } + }, + "metrics": { + "type": "object", + "title": "Metrics Configuration", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable Metrics" + }, + "serviceMonitor": { + "type": "object", + "title": "ServiceMonitor Configuration", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable ServiceMonitor" + }, + "namespace": { + "type": "string", + "title": "ServiceMonitor Namespace" + }, + "interval": { + "type": "string", + "title": "Scrape Interval" + }, + "scrapeTimeout": { + "type": "string", + "title": "Scrape Timeout" + }, + "honorLabels": { + "type": "boolean", + "title": "Honor Labels" + } + } + } + } + }, + "podDisruptionBudget": { + "type": "object", + "title": "Pod Disruption Budget", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable PDB" + }, + "minAvailable": { + "oneOf": [ + {"type": "integer", "minimum": 1}, + {"type": "string"} + ], + "title": "Minimum Available Pods" + }, + "maxUnavailable": { + "oneOf": [ + {"type": "integer", "minimum": 1}, + {"type": "string"} + ], + "title": "Maximum Unavailable Pods" + } + } + }, + "serviceAccount": { + "type": "object", + "title": "Service Account", + "properties": { + "create": { + "type": "boolean", + "title": "Create Service Account" + }, + "name": { + "type": "string", + "title": "Service Account Name" + }, + "annotations": { + "type": "object", + "title": "Service Account Annotations" + }, + "automountServiceAccountToken": { + "type": "boolean", + "title": "Automount Token" + } + } + }, + "networkPolicy": { + "type": "object", + "title": "Network Policy", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable Network Policy" + }, + "allowExternal": { + "type": "boolean", + "title": "Allow External Traffic" + } + } + }, + "extraArgs": { + "type": "array", + "title": "Extra Arguments", + "items": { + "type": "string" + } + } + } +} diff --git a/charts/etcd/values.yaml b/charts/etcd/values.yaml new file mode 100644 index 00000000..5ccb609e --- /dev/null +++ b/charts/etcd/values.yaml @@ -0,0 +1,271 @@ +## @section Global parameters +global: + ## @param global.imageRegistry Global Docker Image registry + imageRegistry: "" + ## @param global.imagePullSecrets Global Docker registry secret names as an array + imagePullSecrets: [] + +## @section Common parameters +## @param nameOverride String to partially override etcd.fullname +nameOverride: "" +## @param fullnameOverride String to fully override etcd.fullname +fullnameOverride: "" +## @param commonLabels Labels to add to all deployed objects +commonLabels: {} +## @param commonAnnotations Annotations to add to all deployed objects +commonAnnotations: {} + +## @section etcd image parameters +image: + ## @param image.registry etcd image registry + registry: gcr.io + ## @param image.repository etcd image repository + repository: etcd-development/etcd + ## @param image.tag etcd image tag + tag: "v3.6.0-alpha.0" + ## @param image.pullPolicy etcd image pull policy + pullPolicy: IfNotPresent + +## @param replicaCount Number of etcd replicas to deploy (must be odd number for quorum) +replicaCount: 3 + +## @param podLabels Additional labels for etcd pods +podLabels: {} + +## @param podAnnotations Additional annotations for etcd pods +podAnnotations: {} + +## @section Service configuration +service: + ## @param service.type Kubernetes service type + type: ClusterIP + ## @param service.annotations Service annotations + annotations: {} + ## @param service.clientPort etcd client service port + clientPort: 2379 + ## @param service.peerPort etcd peer service port + peerPort: 2380 + ## @param service.metricsPort etcd metrics service port + metricsPort: 2381 + +auth: + ## @param auth.enabled Enable client-to-server authentication + enabled: false + ## @param auth.existingSecret Name of existing secret containing client certificates + existingSecret: "" + peer: + ## @param auth.peer.enabled Enable peer-to-peer authentication + enabled: false + ## @param auth.peer.existingSecret Name of existing secret containing peer certificates + existingSecret: "" + +## @section etcd configuration +config: + ## @param config.initialClusterState Initial cluster state (new or existing) + initialClusterState: new + ## @param config.autoCompactionMode Auto compaction mode (periodic or revision) + autoCompactionMode: periodic + ## @param config.autoCompactionRetention Auto compaction retention (1 hour for periodic mode) + autoCompactionRetention: "1" + ## @param config.snapshotCount Number of committed transactions to trigger a snapshot + snapshotCount: 10000 + ## @param config.quotaBackendBytes Backend storage quota in bytes (default 2GB) + quotaBackendBytes: 2147483648 + ## @param config.maxRequestBytes Maximum client request size in bytes + maxRequestBytes: 1572864 + ## @param config.logLevel Log level (debug, info, warn, error, panic, fatal) + logLevel: info + ## @param config.initialClusterToken Initial cluster token for the etcd cluster + initialClusterToken: etcd-cluster + ## @param config.heartbeatInterval Time (in milliseconds) of a heartbeat interval + heartbeatInterval: 100 + ## @param config.electionTimeout Time (in milliseconds) for an election to timeout + electionTimeout: 1000 + ## @param config.maxSnapshots Maximum number of snapshot files to retain + maxSnapshots: 5 + ## @param config.maxWals Maximum number of wal files to retain + maxWals: 5 + ## @param config.listenPeerIp IP address to listen on for peer traffic (default 0.0.0.0) + listenPeerIp: 0.0.0.0 + ## @param config.listenClientIp IP address to listen on for client traffic (default 0.0.0.0) + listenClientIp: 0.0.0.0 + +## @section Persistence +persistence: + ## @param persistence.enabled Enable persistence using Persistent Volume Claims + enabled: true + ## @param persistence.storageClass Persistent Volume storage class + storageClass: "" + ## @param persistence.annotations Persistent Volume Claim annotations + annotations: {} + ## @param persistence.size Persistent Volume size + size: 8Gi + ## @param persistence.accessModes Persistent Volume access modes + accessModes: + - ReadWriteOnce + ## @param persistence.mountPath The path where to mount the data volume + mountPath: /var/run/etcd + +## @param resources Resource limits and requests for etcd pod +resources: {} + # limits: + # memory: 512Mi + # requests: + # cpu: 250m + # memory: 256Mi + +## @section StatefulSet configuration +## @param updateStrategy.type StatefulSet update strategy type +updateStrategy: + type: RollingUpdate + +## @section Metrics configuration +metrics: + ## @param metrics.enabled Enable Prometheus metrics + enabled: true + serviceMonitor: + ## @param metrics.serviceMonitor.enabled Create ServiceMonitor resource for scraping metrics using PrometheusOperator + enabled: false + ## @param metrics.serviceMonitor.namespace Namespace which Prometheus is running in + namespace: "" + ## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped + interval: 30s + ## @param metrics.serviceMonitor.scrapeTimeout Specify the timeout after which the scrape is ended + scrapeTimeout: "" + ## @param metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping + relabelings: [] + ## @param metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion + metricRelabelings: [] + ## @param metrics.serviceMonitor.labels Additional labels that can be used so ServiceMonitor will be discovered by Prometheus + labels: {} + ## @param metrics.serviceMonitor.honorLabels honorLabels chooses the metric's labels on collisions with target labels + honorLabels: false + +## @section High Availability +podDisruptionBudget: + ## @param podDisruptionBudget.enabled Enable Pod Disruption Budget + enabled: false + ## @param podDisruptionBudget.minAvailable Minimum number of available pods + minAvailable: "" + ## @param podDisruptionBudget.maxUnavailable Maximum number of unavailable pods + maxUnavailable: 1 + +## @section Service Account +serviceAccount: + ## @param serviceAccount.create Enable creation of ServiceAccount for etcd pod + create: true + ## @param serviceAccount.name Name of the created serviceAccount + name: "" + ## @param serviceAccount.annotations Annotations for service account + annotations: {} + ## @param serviceAccount.automountServiceAccountToken Auto-mount the service account token in the pod + automountServiceAccountToken: false + +## @section Network Policy +networkPolicy: + ## @param networkPolicy.enabled Enable NetworkPolicy + enabled: false + ## @param networkPolicy.allowExternal Allow external traffic + allowExternal: true + ## @param networkPolicy.extraIngress Additional ingress rules + extraIngress: [] + ## @param networkPolicy.extraEgress Additional egress rules + extraEgress: [] + +## @param extraArgs Additional etcd command line arguments as array +extraArgs: [] +# - --max-txn-ops=128 +# - --grpc-keepalive-min-time=5s + +## @param nodeSelector Node selector for pod assignment +nodeSelector: {} + +## @param priorityClassName for pod eviction +priorityClassName: "" + +## @param tolerations Tolerations for pod assignment +tolerations: [] + +## @param affinity Affinity rules for pod assignment +affinity: {} + +## @param topologySpreadConstraints Topology Spread Constraints for pod assignment +topologySpreadConstraints: [] + +containerSecurityContext: + ## @param containerSecurityContext.runAsUser User ID to run the container + runAsUser: 1000 + ## @param containerSecurityContext.runAsGroup Group ID to run the container + runAsGroup: 1000 + ## @param containerSecurityContext.runAsNonRoot Run as non-root user + runAsNonRoot: true + ## @param containerSecurityContext.allowPrivilegeEscalation Set etcd container's privilege escalation + allowPrivilegeEscalation: false + ## @param containerSecurityContext.readOnlyRootFilesystem Mount container root filesystem as read-only + readOnlyRootFilesystem: true + ## @param containerSecurityContext.capabilities.drop Linux capabilities to drop + capabilities: + drop: + - ALL + +## @param podSecurityContext Security context for the pod +podSecurityContext: + ## @param podSecurityContext.fsGroup Set etcd pod's Security Context fsGroup + fsGroup: 1000 + +## @section Liveness and readiness probes +livenessProbe: + ## @param livenessProbe.enabled Enable livenessProbe on etcd containers + enabled: true + ## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + initialDelaySeconds: 10 + ## @param livenessProbe.periodSeconds Period seconds for livenessProbe + periodSeconds: 10 + ## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + timeoutSeconds: 5 + ## @param livenessProbe.failureThreshold Failure threshold for livenessProbe + failureThreshold: 3 + ## @param livenessProbe.successThreshold Success threshold for livenessProbe + successThreshold: 1 + +readinessProbe: + ## @param readinessProbe.enabled Enable readinessProbe on etcd containers + enabled: true + ## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + initialDelaySeconds: 5 + ## @param readinessProbe.periodSeconds Period seconds for readinessProbe + periodSeconds: 10 + ## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + timeoutSeconds: 5 + ## @param readinessProbe.failureThreshold Failure threshold for readinessProbe + failureThreshold: 3 + ## @param readinessProbe.successThreshold Success threshold for readinessProbe + successThreshold: 1 + +startupProbe: + ## @param startupProbe.enabled Enable startupProbe on etcd containers + enabled: true + ## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe + initialDelaySeconds: 0 + ## @param startupProbe.periodSeconds Period seconds for startupProbe + periodSeconds: 10 + ## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe + timeoutSeconds: 5 + ## @param startupProbe.failureThreshold Failure threshold for startupProbe + failureThreshold: 30 + ## @param startupProbe.successThreshold Success threshold for startupProbe + successThreshold: 1 + +## @param extraEnv Additional environment variables to set +extraEnv: [] +# - name: EXTRA_VAR +# value: "extra_value" + +## @param extraVolumes Additional volumes to add to the pod +extraVolumes: [] + +## @param extraVolumeMounts Additional volume mounts to add to the etcd container +extraVolumeMounts: [] + +## @param extraObjects Array of extra objects to deploy with the release +extraObjects: [] From ecf445f3959cb55429ad16e294e5cc5ab85ef04d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 08:53:55 +0200 Subject: [PATCH 06/20] [mongo] Update charts/mongodb/values.yaml mongo (#319) * [mongo] Update charts/mongodb/values.yaml mongo * Bump chart version * Update CHANGELOG.md Signed-off-by: github-actions[bot] --------- Signed-off-by: github-actions[bot] Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Finn Rades Co-authored-by: github-actions[bot] --- charts/mongodb/CHANGELOG.md | 74 ++++++++++++++++++++++++++++++++++++- charts/mongodb/Chart.yaml | 2 +- charts/mongodb/values.yaml | 2 +- 3 files changed, 74 insertions(+), 4 deletions(-) diff --git a/charts/mongodb/CHANGELOG.md b/charts/mongodb/CHANGELOG.md index fe8c8abb..e428b28f 100644 --- a/charts/mongodb/CHANGELOG.md +++ b/charts/mongodb/CHANGELOG.md @@ -1,5 +1,75 @@ # Changelog -## 0.4.1 (2025-10-09) +## 0.4.2 (2025-10-10) -* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) +* [mongo] Update charts/mongodb/values.yaml mongo ([#319](https://github.com/CloudPirates-io/helm-charts/pull/319)) + +## 0.4.1 (2025-10-09) + +* [all] add tests for openshift (#226) ([c80c98a](https://github.com/CloudPirates-io/helm-charts/commit/c80c98a)), closes [#226](https://github.com/CloudPirates-io/helm-charts/issues/226) +* fix: newline between mongo labels and additional labels (#301) ([ea7937f](https://github.com/CloudPirates-io/helm-charts/commit/ea7937f)), closes [#301](https://github.com/CloudPirates-io/helm-charts/issues/301) + +## 0.4.0 (2025-10-09) + +* feat: add metrics exporter (#243) ([c931978](https://github.com/CloudPirates-io/helm-charts/commit/c931978)), closes [#243](https://github.com/CloudPirates-io/helm-charts/issues/243) + +## 0.3.3 (2025-10-09) + +* makes configmap name dynamic (#279) ([6dd10a9](https://github.com/CloudPirates-io/helm-charts/commit/6dd10a9)), closes [#279](https://github.com/CloudPirates-io/helm-charts/issues/279) + +## 0.3.2 (2025-10-09) + +* [mongo] Update charts/mongodb/values.yaml mongo to v8.0.15 (patch) (#262) ([2fc1f1a](https://github.com/CloudPirates-io/helm-charts/commit/2fc1f1a)), closes [#262](https://github.com/CloudPirates-io/helm-charts/issues/262) + +## 0.3.1 (2025-10-08) + +* [minio, mongodb, postgres, timescaledb] Update securityContext to containerSecurityContext in the v ([8a4003f](https://github.com/CloudPirates-io/helm-charts/commit/8a4003f)), closes [#213](https://github.com/CloudPirates-io/helm-charts/issues/213) +* [mariadb] use tpl to return existingConfigMap (#217) ([c7c2f4c](https://github.com/CloudPirates-io/helm-charts/commit/c7c2f4c)), closes [#217](https://github.com/CloudPirates-io/helm-charts/issues/217) +* update values.schema.json (#242) ([f973e47](https://github.com/CloudPirates-io/helm-charts/commit/f973e47)), closes [#242](https://github.com/CloudPirates-io/helm-charts/issues/242) + +## 0.3.0 (2025-10-02) + +* make mongodb run on openshift (#202) ([b654629](https://github.com/CloudPirates-io/helm-charts/commit/b654629)), closes [#202](https://github.com/CloudPirates-io/helm-charts/issues/202) +* [redis] return fqdn for sentinel master lookup (#156) ([00b9882](https://github.com/CloudPirates-io/helm-charts/commit/00b9882)), closes [#156](https://github.com/CloudPirates-io/helm-charts/issues/156) + +## 0.2.0 (2025-09-25) + +* [documentation] update readme files ([16944cd](https://github.com/CloudPirates-io/helm-charts/commit/16944cd)) +* [mongo] chore(deps): update docker.io/mongo:8.0.13 Docker digest to 7acbcf3 ([37cb0a1](https://github.com/CloudPirates-io/helm-charts/commit/37cb0a1)) +* [mongo] chore(deps): update docker.io/mongo:8.0.13 Docker digest to cf340b1 ([3fe0172](https://github.com/CloudPirates-io/helm-charts/commit/3fe0172)) +* add custom user creation at initialization (#153) ([772d18f](https://github.com/CloudPirates-io/helm-charts/commit/772d18f)), closes [#153](https://github.com/CloudPirates-io/helm-charts/issues/153) +* add imagepullsecret support ([2768b4e](https://github.com/CloudPirates-io/helm-charts/commit/2768b4e)) +* fix test ([cfac15f](https://github.com/CloudPirates-io/helm-charts/commit/cfac15f)) +* Realese appVersion 8.0.13 ([4710010](https://github.com/CloudPirates-io/helm-charts/commit/4710010)) +* replace deployment with statefulset, fix config, securityContext ([9ac37ad](https://github.com/CloudPirates-io/helm-charts/commit/9ac37ad)) +* update chart to 0.1.4 ([a6d86b7](https://github.com/CloudPirates-io/helm-charts/commit/a6d86b7)) +* Add ArtifactHub Badges to all Charts ([08b855b](https://github.com/CloudPirates-io/helm-charts/commit/08b855b)) +* Add ArtifactHub repo config ([15180a8](https://github.com/CloudPirates-io/helm-charts/commit/15180a8)) +* Add cosign signature READMEs ([5f82e7f](https://github.com/CloudPirates-io/helm-charts/commit/5f82e7f)) +* Add extensive chart testing ([a46efac](https://github.com/CloudPirates-io/helm-charts/commit/a46efac)) +* add extraObject array to all charts ([34772b7](https://github.com/CloudPirates-io/helm-charts/commit/34772b7)) +* Add generated values.schema.json files from values.yaml ([aa79ac3](https://github.com/CloudPirates-io/helm-charts/commit/aa79ac3)) +* Add initial Changelogs to all Charts ([68f10ca](https://github.com/CloudPirates-io/helm-charts/commit/68f10ca)) +* Add LICENSE ([fdbf1ab](https://github.com/CloudPirates-io/helm-charts/commit/fdbf1ab)) +* add logos to helm-charts ([fc70cdc](https://github.com/CloudPirates-io/helm-charts/commit/fc70cdc)) +* Bump chart version ([77f76af](https://github.com/CloudPirates-io/helm-charts/commit/77f76af)) +* Bump chart version ([159ba82](https://github.com/CloudPirates-io/helm-charts/commit/159ba82)) +* Bump chart version ([98d3ee6](https://github.com/CloudPirates-io/helm-charts/commit/98d3ee6)) +* Fix image tag/digest handling ([a5c982b](https://github.com/CloudPirates-io/helm-charts/commit/a5c982b)) +* Fix imagePullSecrets format and pull always ([ce0d301](https://github.com/CloudPirates-io/helm-charts/commit/ce0d301)) +* fix readme.md install text, update chart.yaml home-website ([3511582](https://github.com/CloudPirates-io/helm-charts/commit/3511582)) +* Fix values.yaml / Chart.yaml linting issues ([043c7e0](https://github.com/CloudPirates-io/helm-charts/commit/043c7e0)) +* Format README files ([04aacab](https://github.com/CloudPirates-io/helm-charts/commit/04aacab)) +* init, add mariadb, mongodb and redis chart ([8e44c83](https://github.com/CloudPirates-io/helm-charts/commit/8e44c83)) +* Release new chart versions / update sources ([dbb0e45](https://github.com/CloudPirates-io/helm-charts/commit/dbb0e45)) +* Remove leading $ from code blocks ([836b2e3](https://github.com/CloudPirates-io/helm-charts/commit/836b2e3)) +* remove serviceaccounts from all charts ([be8f43a](https://github.com/CloudPirates-io/helm-charts/commit/be8f43a)) +* Update CHANGELOG.md ([72601e5](https://github.com/CloudPirates-io/helm-charts/commit/72601e5)) +* Update CHANGELOG.md ([5c9f4d0](https://github.com/CloudPirates-io/helm-charts/commit/5c9f4d0)) +* Update CHANGELOG.md ([3174cb2](https://github.com/CloudPirates-io/helm-charts/commit/3174cb2)) +* Update docker.io/mongo Docker tag to v8.0.13 ([2a585ff](https://github.com/CloudPirates-io/helm-charts/commit/2a585ff)) +* Update docker.io/mongo:8.0.13 Docker digest to c750922 ([cbd41d9](https://github.com/CloudPirates-io/helm-charts/commit/cbd41d9)) +* Update mongodb readme ([52b9620](https://github.com/CloudPirates-io/helm-charts/commit/52b9620)) +* update readme, chart.yaml texts and descriptions ([0179046](https://github.com/CloudPirates-io/helm-charts/commit/0179046)) +* Use lookup function for password where applicable ([dfb9a0e](https://github.com/CloudPirates-io/helm-charts/commit/dfb9a0e)) +* fix: chart icon urls ([cc38c0d](https://github.com/CloudPirates-io/helm-charts/commit/cc38c0d)) diff --git a/charts/mongodb/Chart.yaml b/charts/mongodb/Chart.yaml index e4266c1e..583d8c49 100644 --- a/charts/mongodb/Chart.yaml +++ b/charts/mongodb/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: mongodb description: MongoDB a flexible NoSQL database for scalable, real-time data management type: application -version: 0.4.1 +version: 0.4.2 appVersion: "8.0.13" keywords: - mongodb diff --git a/charts/mongodb/values.yaml b/charts/mongodb/values.yaml index 5078e5a2..108e1924 100644 --- a/charts/mongodb/values.yaml +++ b/charts/mongodb/values.yaml @@ -22,7 +22,7 @@ image: ## @param image.repository MongoDB image repository repository: mongo ## @param image.tag MongoDB image tag - tag: "8.0.15@sha256:41e48e703c413df7befc6aa9f3ac93583d17bc770fe8dd8ea848ef7136c3327f" + tag: "8.0.15@sha256:c23684919810f0341e58744987e4b1c510fb8becdae850217d2d04b6fa7605e7" ## @param image.pullPolicy MongoDB image pull policy pullPolicy: Always From b974e8aab3cc312ec5135fdc5141e20fe7de24d5 Mon Sep 17 00:00:00 2001 From: Finn Rades <64548817+zOnlyKroks@users.noreply.github.com> Date: Fri, 10 Oct 2025 09:07:10 +0200 Subject: [PATCH 07/20] [memcached]: Implement PDB (#295) * [memcached]: Implement PDB * Bump chart version * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Adjust readme * Fix linting * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Update CHANGELOG.md Signed-off-by: github-actions[bot] --------- Signed-off-by: github-actions[bot] Co-authored-by: github-actions[bot] Co-authored-by: Gianni --- charts/memcached/CHANGELOG.md | 34 ++++++++++++++++++++++-- charts/memcached/Chart.yaml | 3 +-- charts/memcached/README.md | 13 ++++++++++ charts/memcached/templates/pdb.yaml | 22 ++++++++++++++++ charts/memcached/values.schema.json | 40 +++++++++++++++++++++++++++++ charts/memcached/values.yaml | 9 +++++++ 6 files changed, 117 insertions(+), 4 deletions(-) create mode 100644 charts/memcached/templates/pdb.yaml diff --git a/charts/memcached/CHANGELOG.md b/charts/memcached/CHANGELOG.md index 64c8ce6e..a8cfb6db 100644 --- a/charts/memcached/CHANGELOG.md +++ b/charts/memcached/CHANGELOG.md @@ -1,5 +1,35 @@ # Changelog -## 0.2.1 (2025-10-09) +## 0.2.2 (2025-10-10) -* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) +* [memcached]: Implement PDB ([#295](https://github.com/CloudPirates-io/helm-charts/pull/295)) + +## 0.2.1 (2025-10-02) + +* chore(deps): update docker.io/memcached:1.6.39 Docker digest to 157c563 (#185) ([d55b428](https://github.com/CloudPirates-io/helm-charts/commit/d55b428)), closes [#185](https://github.com/CloudPirates-io/helm-charts/issues/185) + +## 0.2.0 (2025-10-01) + +* cast verbosity to int before passing to repeat ([518b602](https://github.com/CloudPirates-io/helm-charts/commit/518b602)) +* chore(deps): update docker.io/memcached:1.6.39 Docker digest to 68c1185 ([3c6ec49](https://github.com/CloudPirates-io/helm-charts/commit/3c6ec49)) +* make memcached run on openshift (#194) ([87ffbbf](https://github.com/CloudPirates-io/helm-charts/commit/87ffbbf)), closes [#194](https://github.com/CloudPirates-io/helm-charts/issues/194) +* Bump chart version ([1661d8d](https://github.com/CloudPirates-io/helm-charts/commit/1661d8d)) +* bump version ([884f4ab](https://github.com/CloudPirates-io/helm-charts/commit/884f4ab)) +* mariadb now respects full custom container security context settings ([770ea69](https://github.com/CloudPirates-io/helm-charts/commit/770ea69)) +* Update CHANGELOG.md ([7a828fa](https://github.com/CloudPirates-io/helm-charts/commit/7a828fa)) +* Update CHANGELOG.md ([f9df296](https://github.com/CloudPirates-io/helm-charts/commit/f9df296)) +* Update CHANGELOG.md ([0c85529](https://github.com/CloudPirates-io/helm-charts/commit/0c85529)) +* Update CHANGELOG.md ([0e5b657](https://github.com/CloudPirates-io/helm-charts/commit/0e5b657)) +* Update CHANGELOG.md ([dcabcee](https://github.com/CloudPirates-io/helm-charts/commit/dcabcee)) +* Update CHANGELOG.md ([812bd46](https://github.com/CloudPirates-io/helm-charts/commit/812bd46)) +* Update docker.io/memcached:1.6.39 Docker digest to 4404f32 ([454eea5](https://github.com/CloudPirates-io/helm-charts/commit/454eea5)) + +## 0.1.0 (2025-09-02) + +* add extraObject array to all charts ([34772b7](https://github.com/CloudPirates-io/helm-charts/commit/34772b7)) +* Add initial Changelogs to all Charts ([68f10ca](https://github.com/CloudPirates-io/helm-charts/commit/68f10ca)) +* bump all chart versions for new extraObjects feature ([aaa57f9](https://github.com/CloudPirates-io/helm-charts/commit/aaa57f9)) + +## 0.0.1 (2025-08-26) + +* [memcached]: Initial Memcached Implementation (#17) ([790bcbd](https://github.com/CloudPirates-io/helm-charts/commit/790bcbd)), closes [#17](https://github.com/CloudPirates-io/helm-charts/issues/17) diff --git a/charts/memcached/Chart.yaml b/charts/memcached/Chart.yaml index c56e7df5..5124ff4f 100644 --- a/charts/memcached/Chart.yaml +++ b/charts/memcached/Chart.yaml @@ -2,8 +2,7 @@ apiVersion: v2 name: memcached description: Memcached is an in-memory key-value store for small chunks of arbitrary data (strings, objects) from results of database calls, API calls, or page rendering. type: application - -version: 0.2.1 +version: 0.2.2 appVersion: "1.6.39" keywords: diff --git a/charts/memcached/README.md b/charts/memcached/README.md index 32cc5445..6338befa 100644 --- a/charts/memcached/README.md +++ b/charts/memcached/README.md @@ -158,6 +158,14 @@ The following table lists the configurable parameters of the Memcached chart and | `ingress.hosts` | An array with hosts and paths | `[{"host": "memcached.local", "paths": [{"path": "/", "pathType": "ImplementationSpecific"}]}]` | | `ingress.tls` | TLS configuration for the Ingress | `[]` | +### Pod Disruption Budget Parameters + +| Parameter | Description | Default | +| -------------------- | -------------------------------------------------------------- | ------- | +| `pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `""` | +| `pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | + ### Extra Configuration Parameters | Parameter | Description | Default | @@ -258,6 +266,11 @@ resources: service: type: ClusterIP +# Enable Pod Disruption Budget for high availability +pdb: + create: true + minAvailable: 1 + # Use anti-affinity to spread pods across nodes affinity: podAntiAffinity: diff --git a/charts/memcached/templates/pdb.yaml b/charts/memcached/templates/pdb.yaml new file mode 100644 index 00000000..c12b91f0 --- /dev/null +++ b/charts/memcached/templates/pdb.yaml @@ -0,0 +1,22 @@ +{{- if .Values.pdb.create }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ template "memcached.fullname" . }}-pdb + namespace: {{ .Release.Namespace }} + labels: {{- include "memcached.labels" . | nindent 4 }} + {{- with (include "memcached.annotations" .) }} + annotations: + {{- . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.pdb.minAvailable }} + minAvailable: {{ .Values.pdb.minAvailable }} + {{- end }} + {{- if or .Values.pdb.maxUnavailable (not .Values.pdb.minAvailable) }} + maxUnavailable: {{ .Values.pdb.maxUnavailable | default 1 }} + {{- end }} + selector: + matchLabels: + {{- include "memcached.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/memcached/values.schema.json b/charts/memcached/values.schema.json index 460acfe7..bece3b11 100644 --- a/charts/memcached/values.schema.json +++ b/charts/memcached/values.schema.json @@ -143,6 +143,46 @@ "type": "object", "description": "A Kubernetes manifest object. All fields are allowed." } + }, + "pdb": { + "type": "object", + "title": "Pod Disruption Budget configuration", + "description": "Pod Disruption Budget (PDB) configuration to ensure high availability", + "properties": { + "create": { + "type": "boolean", + "title": "Create PDB", + "description": "Enable/disable a Pod Disruption Budget creation" + }, + "minAvailable": { + "oneOf": [ + { + "type": "integer", + "minimum": 0 + }, + { + "type": "string", + "pattern": "^([0-9]+%|)$" + } + ], + "title": "Minimum Available", + "description": "Minimum number/percentage of pods that should remain scheduled" + }, + "maxUnavailable": { + "oneOf": [ + { + "type": "integer", + "minimum": 0 + }, + { + "type": "string", + "pattern": "^([0-9]+%|)$" + } + ], + "title": "Maximum Unavailable", + "description": "Maximum number/percentage of pods that may be made unavailable" + } + } } } } \ No newline at end of file diff --git a/charts/memcached/values.yaml b/charts/memcached/values.yaml index bf2429d1..ae6fb1d2 100644 --- a/charts/memcached/values.yaml +++ b/charts/memcached/values.yaml @@ -103,6 +103,15 @@ tolerations: [] ## @param affinity Affinity rules for pod assignment affinity: {} +## @section Pod Disruption Budget parameters +pdb: + ## @param pdb.create Enable/disable a Pod Disruption Budget creation + create: false + ## @param pdb.minAvailable Minimum number/percentage of pods that should remain scheduled + minAvailable: "" + ## @param pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable. + maxUnavailable: "" + containerSecurityContext: ## @param containerSecurityContext.runAsUser User ID to run the container runAsUser: 11211 From 986eff5a5fd3f83cc2966eaf85f776fb5590c892 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 09:09:32 +0200 Subject: [PATCH 08/20] [rabbitmq] Update charts/rabbitmq/values.yaml rabbitmq (#321) * [rabbitmq] Update charts/rabbitmq/values.yaml rabbitmq * Bump chart version * Update CHANGELOG.md Signed-off-by: github-actions[bot] --------- Signed-off-by: github-actions[bot] Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Finn Rades Co-authored-by: github-actions[bot] --- charts/rabbitmq/CHANGELOG.md | 121 ++++++++++++++++++++++++++++++++++- charts/rabbitmq/Chart.yaml | 2 +- charts/rabbitmq/values.yaml | 2 +- 3 files changed, 121 insertions(+), 4 deletions(-) diff --git a/charts/rabbitmq/CHANGELOG.md b/charts/rabbitmq/CHANGELOG.md index 8f2d0fee..1bcbaa66 100644 --- a/charts/rabbitmq/CHANGELOG.md +++ b/charts/rabbitmq/CHANGELOG.md @@ -1,5 +1,122 @@ # Changelog -## 0.3.4 (2025-10-09) +## 0.3.5 (2025-10-10) -* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) +* [rabbitmq] Update charts/rabbitmq/values.yaml rabbitmq ([#321](https://github.com/CloudPirates-io/helm-charts/pull/321)) + +## 0.3.4 (2025-10-09) + +* [redis , rabbitmq]: Add podAnnotations (#294) ([6d78869](https://github.com/CloudPirates-io/helm-charts/commit/6d78869)), closes [#294](https://github.com/CloudPirates-io/helm-charts/issues/294) + +## 0.3.3 (2025-10-09) + +* [all] add tests for openshift (#226) ([c80c98a](https://github.com/CloudPirates-io/helm-charts/commit/c80c98a)), closes [#226](https://github.com/CloudPirates-io/helm-charts/issues/226) +* [mongodb] feat: add metrics exporter (#243) ([c931978](https://github.com/CloudPirates-io/helm-charts/commit/c931978)), closes [#243](https://github.com/CloudPirates-io/helm-charts/issues/243) +* [rabbitmq]: add option to handle definitions via chart (#286) ([5425131](https://github.com/CloudPirates-io/helm-charts/commit/5425131)), closes [#286](https://github.com/CloudPirates-io/helm-charts/issues/286) +* [rabbitmq]: Fix auth disable erlang cookie (#248) ([9abf547](https://github.com/CloudPirates-io/helm-charts/commit/9abf547)), closes [#248](https://github.com/CloudPirates-io/helm-charts/issues/248) + +## 0.3.2 (2025-10-09) + +* Feature/renovate fix (#256) ([0d364d0](https://github.com/CloudPirates-io/helm-charts/commit/0d364d0)), closes [#256](https://github.com/CloudPirates-io/helm-charts/issues/256) + +## 0.3.1 (2025-10-06) + +* [mariadb] use tpl to return existingConfigMap (#217) ([c7c2f4c](https://github.com/CloudPirates-io/helm-charts/commit/c7c2f4c)), closes [#217](https://github.com/CloudPirates-io/helm-charts/issues/217) +* chore(deps): update docker.io/rabbitmq:4.1.4-management Docker digest to 8c31e22 (#204) ([dd82ffe](https://github.com/CloudPirates-io/helm-charts/commit/dd82ffe)), closes [#204](https://github.com/CloudPirates-io/helm-charts/issues/204) + +## 0.3.0 (2025-10-06) + +* make rabbitmq run on openshift (#201) ([df4deeb](https://github.com/CloudPirates-io/helm-charts/commit/df4deeb)), closes [#201](https://github.com/CloudPirates-io/helm-charts/issues/201) + +## 0.2.13 (2025-10-02) + +* [busybox] chore(deps): update docker.io/busybox:1.37.0 Docker digest to d82f458 ([a6990a6](https://github.com/CloudPirates-io/helm-charts/commit/a6990a6)) +* Add automatically generated fields to volumeClaimTemplates (#210) ([2c31a43](https://github.com/CloudPirates-io/helm-charts/commit/2c31a43)), closes [#210](https://github.com/CloudPirates-io/helm-charts/issues/210) +* chore(deps): update docker.io/rabbitmq:4.1.4-management Docker digest to 0f83c90 ([554ccc0](https://github.com/CloudPirates-io/helm-charts/commit/554ccc0)) +* chore(deps): update docker.io/rabbitmq:4.1.4-management Docker digest to 2d92ad8 ([2afff89](https://github.com/CloudPirates-io/helm-charts/commit/2afff89)) +* chore(deps): update docker.io/rabbitmq:4.1.4-management Docker digest to 4788f7d ([1bdfe1c](https://github.com/CloudPirates-io/helm-charts/commit/1bdfe1c)) +* chore(deps): update docker.io/rabbitmq:4.1.4-management Docker digest to 85cb76f ([9d6e3c5](https://github.com/CloudPirates-io/helm-charts/commit/9d6e3c5)) +* chore(deps): update docker.io/rabbitmq:4.1.4-management Docker digest to ba622d4 ([daeed6a](https://github.com/CloudPirates-io/helm-charts/commit/daeed6a)) +* Update appVersion ([b7d28b0](https://github.com/CloudPirates-io/helm-charts/commit/b7d28b0)) +* Update version ([bb928b4](https://github.com/CloudPirates-io/helm-charts/commit/bb928b4)) +* Bump chart version ([d26f247](https://github.com/CloudPirates-io/helm-charts/commit/d26f247)) +* Bump chart version ([e697ed5](https://github.com/CloudPirates-io/helm-charts/commit/e697ed5)) +* Bump chart version ([9f722c5](https://github.com/CloudPirates-io/helm-charts/commit/9f722c5)) +* Bump chart version ([81827c8](https://github.com/CloudPirates-io/helm-charts/commit/81827c8)) +* Bump chart version ([8e9f211](https://github.com/CloudPirates-io/helm-charts/commit/8e9f211)) +* Bump chart version ([8637a3e](https://github.com/CloudPirates-io/helm-charts/commit/8637a3e)) +* Bump chart version ([2cae2fb](https://github.com/CloudPirates-io/helm-charts/commit/2cae2fb)) +* Bump Chart Version ([2be6653](https://github.com/CloudPirates-io/helm-charts/commit/2be6653)) +* Bump RabbitMQ to latests stable ([14d0222](https://github.com/CloudPirates-io/helm-charts/commit/14d0222)) +* Bump version ([9427e8d](https://github.com/CloudPirates-io/helm-charts/commit/9427e8d)) +* Bump version and sha ([0bf0925](https://github.com/CloudPirates-io/helm-charts/commit/0bf0925)) +* Fix copy rabbitmq plugins ([9d1b0ed](https://github.com/CloudPirates-io/helm-charts/commit/9d1b0ed)) +* Fix erlang cookie copy / access rights ([54c8ab8](https://github.com/CloudPirates-io/helm-charts/commit/54c8ab8)) +* fix unit test ([80eba48](https://github.com/CloudPirates-io/helm-charts/commit/80eba48)) +* Fix YAML syntax in statefulset.yaml ([ee88104](https://github.com/CloudPirates-io/helm-charts/commit/ee88104)) +* Implement fix ([33fecf8](https://github.com/CloudPirates-io/helm-charts/commit/33fecf8)) +* Lintin works? ([0938b7c](https://github.com/CloudPirates-io/helm-charts/commit/0938b7c)) +* Reimplement chown ([d68af5e](https://github.com/CloudPirates-io/helm-charts/commit/d68af5e)) +* Remove incorrectly pushed file ([b03c230](https://github.com/CloudPirates-io/helm-charts/commit/b03c230)) +* Remove ownership change for .erlang.cookie ([723a45c](https://github.com/CloudPirates-io/helm-charts/commit/723a45c)) +* Resolve merge conflicts ([6921f33](https://github.com/CloudPirates-io/helm-charts/commit/6921f33)) +* Update CHANGELOG.md ([b2893ca](https://github.com/CloudPirates-io/helm-charts/commit/b2893ca)) +* Update CHANGELOG.md ([6f9ff21](https://github.com/CloudPirates-io/helm-charts/commit/6f9ff21)) +* Update CHANGELOG.md ([9be9185](https://github.com/CloudPirates-io/helm-charts/commit/9be9185)) +* Update CHANGELOG.md ([61e7883](https://github.com/CloudPirates-io/helm-charts/commit/61e7883)) +* Update CHANGELOG.md ([cf7c15e](https://github.com/CloudPirates-io/helm-charts/commit/cf7c15e)) +* Update CHANGELOG.md ([88006d0](https://github.com/CloudPirates-io/helm-charts/commit/88006d0)) +* Update CHANGELOG.md ([1b168e6](https://github.com/CloudPirates-io/helm-charts/commit/1b168e6)) +* Update CHANGELOG.md ([5df0a6f](https://github.com/CloudPirates-io/helm-charts/commit/5df0a6f)) +* Update CHANGELOG.md ([9354db5](https://github.com/CloudPirates-io/helm-charts/commit/9354db5)) +* Update CHANGELOG.md ([cd341c8](https://github.com/CloudPirates-io/helm-charts/commit/cd341c8)) +* Update CHANGELOG.md ([6021756](https://github.com/CloudPirates-io/helm-charts/commit/6021756)) +* Update CHANGELOG.md ([622f5c5](https://github.com/CloudPirates-io/helm-charts/commit/622f5c5)) +* Update CHANGELOG.md ([7c4f20f](https://github.com/CloudPirates-io/helm-charts/commit/7c4f20f)) +* Update CHANGELOG.md ([b579d1b](https://github.com/CloudPirates-io/helm-charts/commit/b579d1b)) +* Update CHANGELOG.md ([7e42a1e](https://github.com/CloudPirates-io/helm-charts/commit/7e42a1e)) +* Update CHANGELOG.md ([0d009c0](https://github.com/CloudPirates-io/helm-charts/commit/0d009c0)) +* Update CHANGELOG.md ([ab4655e](https://github.com/CloudPirates-io/helm-charts/commit/ab4655e)) +* Update CHANGELOG.md ([be6bf34](https://github.com/CloudPirates-io/helm-charts/commit/be6bf34)) +* Update CHANGELOG.md ([9112d4b](https://github.com/CloudPirates-io/helm-charts/commit/9112d4b)) +* Update CHANGELOG.md ([ac217ce](https://github.com/CloudPirates-io/helm-charts/commit/ac217ce)) +* Update CHANGELOG.md ([5794798](https://github.com/CloudPirates-io/helm-charts/commit/5794798)) +* Update CHANGELOG.md ([bcde9db](https://github.com/CloudPirates-io/helm-charts/commit/bcde9db)) +* Update CHANGELOG.md ([a0217a1](https://github.com/CloudPirates-io/helm-charts/commit/a0217a1)) +* Update CHANGELOG.md ([59ea4e5](https://github.com/CloudPirates-io/helm-charts/commit/59ea4e5)) +* working ([0c29e1e](https://github.com/CloudPirates-io/helm-charts/commit/0c29e1e)) +* docs(rabbitmq): update readme ([3006a9e](https://github.com/CloudPirates-io/helm-charts/commit/3006a9e)) +* feat: add securityContext spec for the initContainer ([3c6ca13](https://github.com/CloudPirates-io/helm-charts/commit/3c6ca13)) +* feat: add support to automatically download and enable 3rd party plugins ([c677de3](https://github.com/CloudPirates-io/helm-charts/commit/c677de3)) +* feat(rabbit): add podLabels ([0bbb86c](https://github.com/CloudPirates-io/helm-charts/commit/0bbb86c)) +* feat(rabbitmq): add new values for PDB, RBAC, ServiceAccount and STS ([b1506ca](https://github.com/CloudPirates-io/helm-charts/commit/b1506ca)) +* feat(rabbitmq): add sts podManagementPolicy in value ([4ec745d](https://github.com/CloudPirates-io/helm-charts/commit/4ec745d)) +* feat(rabbitmq): add support for extraPorts in Service and StatefulSet ([0545898](https://github.com/CloudPirates-io/helm-charts/commit/0545898)) +* feat(rabbitmq): add support for extraPorts in Service and StatefulSet ([94ff4bd](https://github.com/CloudPirates-io/helm-charts/commit/94ff4bd)) +* feat(rabbitmq): add support for extraPorts in Service and StatefulSet ([bfbc729](https://github.com/CloudPirates-io/helm-charts/commit/bfbc729)) +* feat(rabbitmq): add support for extraPorts in Service and StatefulSet ([ed381e0](https://github.com/CloudPirates-io/helm-charts/commit/ed381e0)) +* feat(rabbitmq): fix podLabels ([e5af639](https://github.com/CloudPirates-io/helm-charts/commit/e5af639)) +* feat(rabbitmq): fix podLabels duplication ([ad3a30b](https://github.com/CloudPirates-io/helm-charts/commit/ad3a30b)) +* chore: fix no new line character at the end of file ([0c4d018](https://github.com/CloudPirates-io/helm-charts/commit/0c4d018)) +* chore: fix no new line character at the end of file ([917d39a](https://github.com/CloudPirates-io/helm-charts/commit/917d39a)) +* chore: fix spaces ([a0a3394](https://github.com/CloudPirates-io/helm-charts/commit/a0a3394)) +* chore: remove commonAnnotation ([2a9c666](https://github.com/CloudPirates-io/helm-charts/commit/2a9c666)) +* fix: add missing @ for sha image reference ([7abe06a](https://github.com/CloudPirates-io/helm-charts/commit/7abe06a)) +* fix: allow setting a clusterdomain different than the default ([963a8c5](https://github.com/CloudPirates-io/helm-charts/commit/963a8c5)) + +## 0.1.1 (2025-09-08) + +* Fix erlang.cookie creation ([640e725](https://github.com/CloudPirates-io/helm-charts/commit/640e725)) +* Update CHANGELOG.md ([63b1299](https://github.com/CloudPirates-io/helm-charts/commit/63b1299)) + +## 0.1.0 (2025-09-02) + +* Fix clustering and metrics configurations ([f571ab3](https://github.com/CloudPirates-io/helm-charts/commit/f571ab3)) +* Fix ingress port and added test ([67ae961](https://github.com/CloudPirates-io/helm-charts/commit/67ae961)) +* Release 0.0.2 ([3f33f07](https://github.com/CloudPirates-io/helm-charts/commit/3f33f07)) +* add extraObject array to all charts ([34772b7](https://github.com/CloudPirates-io/helm-charts/commit/34772b7)) +* Add initial Changelogs to all Charts ([68f10ca](https://github.com/CloudPirates-io/helm-charts/commit/68f10ca)) +* bump all chart versions for new extraObjects feature ([aaa57f9](https://github.com/CloudPirates-io/helm-charts/commit/aaa57f9)) +* Fix missing t in tag ([3ba5c21](https://github.com/CloudPirates-io/helm-charts/commit/3ba5c21)) +* Fix values.yaml / Chart.yaml linting issues ([043c7e0](https://github.com/CloudPirates-io/helm-charts/commit/043c7e0)) +* initial implementation ([549034c](https://github.com/CloudPirates-io/helm-charts/commit/549034c)) diff --git a/charts/rabbitmq/Chart.yaml b/charts/rabbitmq/Chart.yaml index 59f0c8b8..e33f769a 100644 --- a/charts/rabbitmq/Chart.yaml +++ b/charts/rabbitmq/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: rabbitmq description: A messaging broker that implements the Advanced Message Queuing Protocol (AMQP) type: application -version: 0.3.4 +version: 0.3.5 appVersion: "4.1.4" keywords: - rabbitmq diff --git a/charts/rabbitmq/values.yaml b/charts/rabbitmq/values.yaml index ca9bff9b..1cce1daf 100644 --- a/charts/rabbitmq/values.yaml +++ b/charts/rabbitmq/values.yaml @@ -23,7 +23,7 @@ image: ## @param image.repository RabbitMQ image repository repository: rabbitmq ## @param image.tag RabbitMQ image tag - tag: "4.1.4-management@sha256:8c31e22adfd876e183d81281b82fa489cd8032e6f9ef886e52261a1182a60951" + tag: "4.1.4-management@sha256:04be562d256bfd26278ca4ff2014fab6bbb31fced47490cee7e86f5cdb7f47d5" ## @param image.imagePullPolicy RabbitMQ image pull policy imagePullPolicy: Always From 951745c7823b807add03edbe251239e93cb3038d Mon Sep 17 00:00:00 2001 From: dcoppa Date: Fri, 10 Oct 2025 09:10:36 +0200 Subject: [PATCH 09/20] =?UTF-8?q?[common]=20feat:=20add=20"common.namespac?= =?UTF-8?q?e",=20defaults=20to=20.Release.Namespace=E2=80=A6=20(#323)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [common] feat: add "common.namespace", defaults to .Release.Namespace but can be overridden via .Values.namespaceOverride --- charts/common/Chart.yaml | 2 +- charts/common/templates/_helpers.tpl | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/charts/common/Chart.yaml b/charts/common/Chart.yaml index 7993fc38..39402ffb 100644 --- a/charts/common/Chart.yaml +++ b/charts/common/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: common description: A library chart for common templates and helper functions type: library -version: 1.1.1 +version: 1.1.2 appVersion: "1.0.0" home: https://www.cloudpirates.io diff --git a/charts/common/templates/_helpers.tpl b/charts/common/templates/_helpers.tpl index 4a37405a..5ec8980c 100644 --- a/charts/common/templates/_helpers.tpl +++ b/charts/common/templates/_helpers.tpl @@ -23,6 +23,15 @@ If release name contains chart name it will be used as a full name. {{- end }} {{- end }} +{{/* +Return the namespace to use for resources. +Defaults to .Release.Namespace but can be overridden via .Values.namespaceOverride. +Useful for multi-namespace deployments in combined charts. +*/}} +{{- define "common.namespace" -}} +{{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + {{/* Create chart name and version as used by the chart label. */}} From b8ae5326c7a20be5f3c345a835e89842285372e4 Mon Sep 17 00:00:00 2001 From: Finn Rades <64548817+zOnlyKroks@users.noreply.github.com> Date: Fri, 10 Oct 2025 09:27:08 +0200 Subject: [PATCH 10/20] =?UTF-8?q?Fix=20immortal=20pr=C2=B4s=20(#325)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- renovate.json | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/renovate.json b/renovate.json index 4ca5aeb8..810b1f53 100644 --- a/renovate.json +++ b/renovate.json @@ -62,7 +62,8 @@ "koperator-internal/services/clusterpirate" ], "enabled": false, - "pinDigests": false + "pinDigests": false, + "recreateWhen": "never" }, { "matchDatasources": [ @@ -72,7 +73,8 @@ "cloudpirates/common", "cloudpirates/valkey" ], - "enabled": false + "enabled": false, + "recreateWhen": "never" } ] } From d0f01766365cec1fe7360a350ddee1e404f6534f Mon Sep 17 00:00:00 2001 From: Finn Rades <64548817+zOnlyKroks@users.noreply.github.com> Date: Fri, 10 Oct 2025 09:31:45 +0200 Subject: [PATCH 11/20] Bugfix/renovat (#330) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Fix immortal pr´s * Remove immortal pr´s --- renovate.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/renovate.json b/renovate.json index 810b1f53..756189de 100644 --- a/renovate.json +++ b/renovate.json @@ -10,7 +10,7 @@ ], "separateMinorPatch": true, "prConcurrentLimit": 5, - "recreateWhen": "always", + "recreateWhen": "never", "customManagers": [ { "customType": "regex", From 92617cfde2d1be3852a54018a401a39c7ca8da69 Mon Sep 17 00:00:00 2001 From: Finn Rades <64548817+zOnlyKroks@users.noreply.github.com> Date: Fri, 10 Oct 2025 09:38:02 +0200 Subject: [PATCH 12/20] [etcd]: Invalid repo used (#331) --- charts/etcd/values.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/etcd/values.yaml b/charts/etcd/values.yaml index 5ccb609e..853a99a5 100644 --- a/charts/etcd/values.yaml +++ b/charts/etcd/values.yaml @@ -18,11 +18,11 @@ commonAnnotations: {} ## @section etcd image parameters image: ## @param image.registry etcd image registry - registry: gcr.io + registry: quay.io ## @param image.repository etcd image repository - repository: etcd-development/etcd + repository: coreos/etcd ## @param image.tag etcd image tag - tag: "v3.6.0-alpha.0" + tag: "v3.6.5@sha256:3397341272b9e0a6f44d7e3fc7c321c6efe6cbe82ce866b9b01d0c704bfc5bf3" ## @param image.pullPolicy etcd image pull policy pullPolicy: IfNotPresent From 6dd8563cfce0990abda57f37927d800abce0920b Mon Sep 17 00:00:00 2001 From: dcoppa Date: Fri, 10 Oct 2025 09:46:02 +0200 Subject: [PATCH 13/20] [redis] feat: use "common.namespace" (#332) * [redis] feat: use "common.namespace" * [redis] update Chart.yaml --- charts/redis/Chart.lock | 6 +++--- charts/redis/Chart.yaml | 4 ++-- charts/redis/README.md | 1 + charts/redis/templates/configmap.yaml | 2 +- charts/redis/templates/headless-service.yaml | 2 +- charts/redis/templates/metrics-service.yaml | 2 +- charts/redis/templates/prestop-configmap.yaml | 6 +++--- charts/redis/templates/secret.yaml | 4 ++-- charts/redis/templates/sentinel-service.yaml | 2 +- charts/redis/templates/service.yaml | 2 +- charts/redis/templates/servicemonitor.yaml | 2 +- charts/redis/templates/statefulset.yaml | 6 +++--- charts/redis/values.schema.json | 5 +++++ charts/redis/values.yaml | 4 +++- 14 files changed, 28 insertions(+), 20 deletions(-) diff --git a/charts/redis/Chart.lock b/charts/redis/Chart.lock index a52dadf2..b4601d44 100644 --- a/charts/redis/Chart.lock +++ b/charts/redis/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: oci://registry-1.docker.io/cloudpirates - version: 1.1.1 -digest: sha256:8da3c04e2c4a1ebfff4f21936399938e0f3fcf9fbd2f7135e7e907ce725b8f00 -generated: "2025-09-30T20:54:19.733262+02:00" + version: 1.1.2 +digest: sha256:5e34e3bab5f014ae1cf5d4c2976c84e03ccb4859105e60aefb3c264ad86b5718 +generated: "2025-10-10T09:32:07.534667076+02:00" diff --git a/charts/redis/Chart.yaml b/charts/redis/Chart.yaml index bc776f35..cbc85a4d 100644 --- a/charts/redis/Chart.yaml +++ b/charts/redis/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: redis description: An open source, in-memory data structure store used as a database, cache, and message broker. type: application -version: 0.6.2 -appVersion: "8.2.1" +version: 0.6.3 +appVersion: "8.2.2" keywords: - redis - database diff --git a/charts/redis/README.md b/charts/redis/README.md index 87e91e67..e9da94cb 100644 --- a/charts/redis/README.md +++ b/charts/redis/README.md @@ -73,6 +73,7 @@ redis-cli -h my-redis -a $REDIS_PASSWORD |---------------------| ----------------------------------------------------------------------- | ------------ | | `nameOverride` | String to partially override redis.fullname | `""` | | `fullnameOverride` | String to fully override redis.fullname | `""` | +| `namespaceOverride` | String to override the namespace for all resources | `""` | | `commonLabels` | Labels to add to all deployed objects | `{}` | | `commonAnnotations` | Annotations to add to all deployed objects | `{}` | | `architecture` | Redis architecture. Allowed values: `standalone` or `replication` | `standalone` | diff --git a/charts/redis/templates/configmap.yaml b/charts/redis/templates/configmap.yaml index 41ac77ff..b89fc7fe 100644 --- a/charts/redis/templates/configmap.yaml +++ b/charts/redis/templates/configmap.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ include "redis.fullname" . }}-config - namespace: {{ .Release.Namespace }} + namespace: {{ include "common.namespace" . }} labels: {{- include "redis.labels" . | nindent 4 }} data: diff --git a/charts/redis/templates/headless-service.yaml b/charts/redis/templates/headless-service.yaml index 6e500f2c..af5f4f9f 100644 --- a/charts/redis/templates/headless-service.yaml +++ b/charts/redis/templates/headless-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "redis.fullname" . }}-headless - namespace: {{ .Release.Namespace }} + namespace: {{ include "common.namespace" . }} labels: {{- include "redis.labels" . | nindent 4 }} spec: diff --git a/charts/redis/templates/metrics-service.yaml b/charts/redis/templates/metrics-service.yaml index 600445dd..2bf30103 100644 --- a/charts/redis/templates/metrics-service.yaml +++ b/charts/redis/templates/metrics-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "redis.fullname" . }}-metrics - namespace: {{ .Release.Namespace }} + namespace: {{ include "common.namespace" . }} labels: {{- include "redis.labels" . | nindent 4 }} app.kubernetes.io/component: metrics diff --git a/charts/redis/templates/prestop-configmap.yaml b/charts/redis/templates/prestop-configmap.yaml index 1cbd1a18..e7931040 100644 --- a/charts/redis/templates/prestop-configmap.yaml +++ b/charts/redis/templates/prestop-configmap.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ include "redis.fullname" . }}-prestop-script - namespace: {{ .Release.Namespace }} + namespace: {{ include "common.namespace" . }} labels: {{- include "redis.labels" . | nindent 4 }} data: @@ -19,8 +19,8 @@ data: REDIS_PORT="{{ .Values.service.port }}" SENTINEL_PORT="{{ .Values.sentinel.port }}" MASTER_NAME="{{ .Values.sentinel.masterName }}" - HEADLESS_SERVICE="{{ include "redis.fullname" . }}-headless.{{ .Release.Namespace }}.svc.cluster.local" - REDIS_SERVICE="{{ include "redis.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local" + HEADLESS_SERVICE="{{ include "redis.fullname" . }}-headless.{{ include "common.namespace" . }}.svc.cluster.local" + REDIS_SERVICE="{{ include "redis.fullname" . }}.{{ include "common.namespace" . }}.svc.cluster.local" # Set authentication if enabled {{- if .Values.auth.enabled }} diff --git a/charts/redis/templates/secret.yaml b/charts/redis/templates/secret.yaml index b0e3cb9d..48d40146 100644 --- a/charts/redis/templates/secret.yaml +++ b/charts/redis/templates/secret.yaml @@ -3,12 +3,12 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "redis.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ include "common.namespace" . }} labels: {{- include "redis.labels" . | nindent 4 }} type: Opaque data: - {{- $existingSecret := (lookup "v1" "Secret" .Release.Namespace (include "redis.fullname" .)) }} + {{- $existingSecret := (lookup "v1" "Secret" (include "common.namespace" .) (include "redis.fullname" .)) }} {{- $existingPassword := "" }} {{- if and $existingSecret $existingSecret.data }} {{- $existingPassword = index $existingSecret.data "redis-password" }} diff --git a/charts/redis/templates/sentinel-service.yaml b/charts/redis/templates/sentinel-service.yaml index a5cab230..838382c2 100644 --- a/charts/redis/templates/sentinel-service.yaml +++ b/charts/redis/templates/sentinel-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "redis.fullname" . }}-sentinel - namespace: {{ .Release.Namespace }} + namespace: {{ include "common.namespace" . }} labels: {{- include "redis.labels" . | nindent 4 }} app.kubernetes.io/component: sentinel diff --git a/charts/redis/templates/service.yaml b/charts/redis/templates/service.yaml index 55d4f050..68c4e93c 100644 --- a/charts/redis/templates/service.yaml +++ b/charts/redis/templates/service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "redis.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ include "common.namespace" . }} labels: {{- include "redis.labels" . | nindent 4 }} {{- if and .Values.sentinel.enabled (eq .Values.architecture "replication") }} diff --git a/charts/redis/templates/servicemonitor.yaml b/charts/redis/templates/servicemonitor.yaml index 53965ba3..32cf34ea 100644 --- a/charts/redis/templates/servicemonitor.yaml +++ b/charts/redis/templates/servicemonitor.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ include "redis.fullname" . }}-metrics - namespace: {{ .Release.Namespace }} + namespace: {{ include "common.namespace" . }} labels: {{- include "redis.labels" . | nindent 4 }} app.kubernetes.io/component: metrics diff --git a/charts/redis/templates/statefulset.yaml b/charts/redis/templates/statefulset.yaml index 2beb0a41..572d99ab 100644 --- a/charts/redis/templates/statefulset.yaml +++ b/charts/redis/templates/statefulset.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "redis.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ include "common.namespace" . }} labels: {{- include "redis.labels" . | nindent 4 }} {{- with (include "redis.annotations" .) }} @@ -345,7 +345,7 @@ spec: if [ "$SENTINEL_FOUND_MASTER" = false ]; then echo "No Sentinels available, checking Redis instances directly..." for i in $(seq 0 $(({{ if eq .Values.architecture "standalone" }}1{{ else }}{{ .Values.replicaCount }}{{ end }} - 1))); do - REDIS_HOST="{{ include "redis.fullname" . }}-${i}.{{ include "redis.fullname" . }}-headless.{{ .Release.Namespace }}.svc.cluster.local" + REDIS_HOST="{{ include "redis.fullname" . }}-${i}.{{ include "redis.fullname" . }}-headless.{{ include "common.namespace" . }}.svc.cluster.local" ROLE_INFO=$(redis-cli -h "${REDIS_HOST}" -p {{ .Values.service.port }} {{- if .Values.auth.enabled }} -a "${REDIS_PASSWORD}"{{- end }} info replication 2>/dev/null | grep "role:master" || echo "") if [ -n "$ROLE_INFO" ]; then MASTER_HOST="$REDIS_HOST" @@ -357,7 +357,7 @@ spec: # Final fallback: Use pod-0 hostname for initial bootstrap only if [ -z "$MASTER_HOST" ]; then - MASTER_HOST="{{ include "redis.fullname" . }}-0.{{ include "redis.fullname" . }}-headless.{{ .Release.Namespace }}.svc.cluster.local" + MASTER_HOST="{{ include "redis.fullname" . }}-0.{{ include "redis.fullname" . }}-headless.{{ include "common.namespace" . }}.svc.cluster.local" echo "No existing master found, using pod-0 for initial bootstrap: $MASTER_HOST" fi diff --git a/charts/redis/values.schema.json b/charts/redis/values.schema.json index 4b8ccc3e..924c1517 100644 --- a/charts/redis/values.schema.json +++ b/charts/redis/values.schema.json @@ -42,6 +42,11 @@ "title": "Full Name Override", "description": "String to fully override redis.fullname" }, + "namespaceOverride": { + "type": "string", + "title": "Namespace Override", + "description": "String to override the namespace for all resources" + }, "commonLabels": { "type": "object", "title": "Common Labels", diff --git a/charts/redis/values.yaml b/charts/redis/values.yaml index 8d8275dd..f0254a6b 100644 --- a/charts/redis/values.yaml +++ b/charts/redis/values.yaml @@ -10,6 +10,8 @@ global: nameOverride: "" ## @param fullnameOverride String to fully override redis.fullname fullnameOverride: "" +## @param namespaceOverride String to override the namespace for all resources +namespaceOverride: "" ## @param commonLabels Labels to add to all deployed objects commonLabels: {} ## @param commonAnnotations Annotations to add to all deployed objects @@ -295,6 +297,6 @@ extraObjects: [] # kind: ConfigMap # metadata: # name: extra-config -# namespace: "{{ .Release.Namespace }}" +# namespace: "{{ include "common.namespace" . }}" # data: # key: value From e74a03daa93737fddfa3c3d35449b96fc80bde3f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 09:52:17 +0200 Subject: [PATCH 14/20] [ghost] Update charts/ghost/values.yaml ghost to v6.3.0 (minor) (#327) * [ghost] Update charts/ghost/values.yaml ghost to v6.2.0 * Bump chart version * Bump chart version * [ghost] Update charts/ghost/values.yaml ghost to v6.3.0 * Bump chart version * Update CHANGELOG.md Signed-off-by: github-actions[bot] --------- Signed-off-by: github-actions[bot] Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Finn Rades Co-authored-by: github-actions[bot] --- charts/ghost/CHANGELOG.md | 46 +++++++++++++++++++++++++++++++++++++-- charts/ghost/Chart.yaml | 2 +- charts/ghost/values.yaml | 2 +- 3 files changed, 46 insertions(+), 4 deletions(-) diff --git a/charts/ghost/CHANGELOG.md b/charts/ghost/CHANGELOG.md index f76987b3..66c38351 100644 --- a/charts/ghost/CHANGELOG.md +++ b/charts/ghost/CHANGELOG.md @@ -1,5 +1,47 @@ # Changelog -## 0.2.5 (2025-10-09) +## 0.2.6 (2025-10-10) -* [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) +* [ghost] Update charts/ghost/values.yaml ghost to v6.3.0 (minor) ([#327](https://github.com/CloudPirates-io/helm-charts/pull/327)) + +## 0.2.5 (2025-10-09) + +* Update charts/ghost/values.yaml ghost to v6.2.0 (minor) (#268) ([c8d3f80](https://github.com/CloudPirates-io/helm-charts/commit/c8d3f80)), closes [#268](https://github.com/CloudPirates-io/helm-charts/issues/268) + +## 0.2.4 (2025-10-09) + +* Update charts/ghost/values.yaml ghost to v6.0.10 (patch) (#259) ([c9b9b8b](https://github.com/CloudPirates-io/helm-charts/commit/c9b9b8b)), closes [#259](https://github.com/CloudPirates-io/helm-charts/issues/259) + +## 0.2.3 (2025-10-06) + +* [mariadb] chore(deps): update mariadb:12.0.2 Docker digest to 03a03a6 (#208) ([01a6ad1](https://github.com/CloudPirates-io/helm-charts/commit/01a6ad1)), closes [#208](https://github.com/CloudPirates-io/helm-charts/issues/208) + +## 0.2.2 (2025-10-01) + +* use png as icon (#200) ([359e88f](https://github.com/CloudPirates-io/helm-charts/commit/359e88f)), closes [#200](https://github.com/CloudPirates-io/helm-charts/issues/200) + +## 0.2.1 (2025-10-01) + +* switch helm-chart icon to a new svg (#199) ([44e4d0d](https://github.com/CloudPirates-io/helm-charts/commit/44e4d0d)), closes [#199](https://github.com/CloudPirates-io/helm-charts/issues/199) + +## 0.2.0 (2025-10-01) + +* make ghost run on openshift (#195) ([93762d4](https://github.com/CloudPirates-io/helm-charts/commit/93762d4)), closes [#195](https://github.com/CloudPirates-io/helm-charts/issues/195) +* add artifacthub repo ID ([665bf26](https://github.com/CloudPirates-io/helm-charts/commit/665bf26)) +* add ghost ([83ef05d](https://github.com/CloudPirates-io/helm-charts/commit/83ef05d)) +* add ghost logo ([6a4df33](https://github.com/CloudPirates-io/helm-charts/commit/6a4df33)) +* add maintainer information ([7eec72b](https://github.com/CloudPirates-io/helm-charts/commit/7eec72b)) +* fix app version ([688338c](https://github.com/CloudPirates-io/helm-charts/commit/688338c)) +* fix Chart.lock for linting ([40c4159](https://github.com/CloudPirates-io/helm-charts/commit/40c4159)) +* fix configuration and installation ([40a2729](https://github.com/CloudPirates-io/helm-charts/commit/40a2729)) +* fix unittest typo ([cc31439](https://github.com/CloudPirates-io/helm-charts/commit/cc31439)) +* improve configuration settings for more clearity with 'externaldb' ([d539bf8](https://github.com/CloudPirates-io/helm-charts/commit/d539bf8)) +* improve startup, wait for mariadb to be ready ([8baec0a](https://github.com/CloudPirates-io/helm-charts/commit/8baec0a)) +* Update CHANGELOG.md ([dc9fbd8](https://github.com/CloudPirates-io/helm-charts/commit/dc9fbd8)) +* Update CHANGELOG.md ([1bee7fe](https://github.com/CloudPirates-io/helm-charts/commit/1bee7fe)) +* update docs ([333b4e3](https://github.com/CloudPirates-io/helm-charts/commit/333b4e3)) +* update docs ([d503408](https://github.com/CloudPirates-io/helm-charts/commit/d503408)) +* update docs for external database connection ([1fa8f61](https://github.com/CloudPirates-io/helm-charts/commit/1fa8f61)) +* update values schema with missing fields ([3f38991](https://github.com/CloudPirates-io/helm-charts/commit/3f38991)) +* chore: add Newline for the linter ([a667374](https://github.com/CloudPirates-io/helm-charts/commit/a667374)) +* chore: fix linting, remove trailing spaces ([0f2465d](https://github.com/CloudPirates-io/helm-charts/commit/0f2465d)) diff --git a/charts/ghost/Chart.yaml b/charts/ghost/Chart.yaml index 48b23658..950c2572 100644 --- a/charts/ghost/Chart.yaml +++ b/charts/ghost/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: ghost description: A simple, powerful publishing platform that allows you to share your stories with the world. type: application -version: 0.2.5 +version: 0.2.6 appVersion: "6.0.9" keywords: - ghost diff --git a/charts/ghost/values.yaml b/charts/ghost/values.yaml index 2decfdf5..edec71cc 100644 --- a/charts/ghost/values.yaml +++ b/charts/ghost/values.yaml @@ -22,7 +22,7 @@ image: ## @param image.repository Nginx image repository repository: ghost ## @param image.tag Nginx image tag - tag: "6.2.0@sha256:ffc213a6f2db7210b69396dc4330b4a9c5e27c8b044ae453854d53bd3937a6ec" + tag: "6.3.0@sha256:4b58f8f889b9115199c18994f9d13ac5bc0b32d9c5b65f06f58fcaa7f739f6e8" ## @param image.pullPolicy Nginx image pull policy pullPolicy: Always From 36ca7c703d9721d6463671eb2f08a89dab47e4cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20L=C3=B6wen?= <59952635+dloewen2@users.noreply.github.com> Date: Fri, 10 Oct 2025 10:16:51 +0200 Subject: [PATCH 15/20] [Etcd] artifact hub repository id (#333) * [etcd] add artifacthub-repo.yaml with repositoryId * [etcd] bump version * Fix linting errors * Update CHANGELOG.md Signed-off-by: github-actions[bot] * Fix invalid commit --------- Signed-off-by: github-actions[bot] Co-authored-by: Finn Rades Co-authored-by: github-actions[bot] --- charts/etcd/CHANGELOG.md | 8 ++++++-- charts/etcd/Chart.yaml | 2 +- charts/etcd/artifacthub-repo.yml | 1 + charts/etcd/tests/common-parameters_test.yaml | 12 ++++++------ 4 files changed, 14 insertions(+), 9 deletions(-) create mode 100644 charts/etcd/artifacthub-repo.yml diff --git a/charts/etcd/CHANGELOG.md b/charts/etcd/CHANGELOG.md index cd45d41d..d3cdee79 100644 --- a/charts/etcd/CHANGELOG.md +++ b/charts/etcd/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog -## 0.1.0 (2025-10-09) +## 0.1.1 (2025-10-10) -* [etcd]: Initial etcd implementation ([#230](https://github.com/CloudPirates-io/helm-charts/pull/230)) +* [Etcd] artifact hub repository id ([#333](https://github.com/CloudPirates-io/helm-charts/pull/333)) + +## 0.1.0 (2025-10-10) + +* [etcd]: Initial etcd implementation (#230) ([c6476c3](https://github.com/CloudPirates-io/helm-charts/commit/c6476c3)), closes [#230](https://github.com/CloudPirates-io/helm-charts/issues/230) diff --git a/charts/etcd/Chart.yaml b/charts/etcd/Chart.yaml index 97790d79..c25fdae9 100644 --- a/charts/etcd/Chart.yaml +++ b/charts/etcd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: etcd description: etcd is a distributed reliable key-value store for the most critical data of a distributed system type: application -version: 0.1.0 +version: 0.1.1 appVersion: "3.6.0" keywords: - etcd diff --git a/charts/etcd/artifacthub-repo.yml b/charts/etcd/artifacthub-repo.yml new file mode 100644 index 00000000..3b8407ed --- /dev/null +++ b/charts/etcd/artifacthub-repo.yml @@ -0,0 +1 @@ +repositoryID: 229cfa80-872a-4900-ad74-d9d1252e8214 \ No newline at end of file diff --git a/charts/etcd/tests/common-parameters_test.yaml b/charts/etcd/tests/common-parameters_test.yaml index 74605bda..ea73fca5 100644 --- a/charts/etcd/tests/common-parameters_test.yaml +++ b/charts/etcd/tests/common-parameters_test.yaml @@ -18,7 +18,7 @@ tests: value: RELEASE-NAME - equal: path: spec.template.spec.containers[0].image - value: gcr.io/etcd-development/etcd:v3.6.0-alpha.0 + value: quay.io/coreos/etcd:v3.6.0-alpha.0 - equal: path: spec.template.spec.containers[0].imagePullPolicy value: IfNotPresent @@ -30,7 +30,7 @@ tests: asserts: - equal: path: spec.template.spec.containers[0].image - value: my-registry.com/etcd-development/etcd:v3.6.0-alpha.0 + value: my-registry.com/coreos/etcd:v3.6.0-alpha.0 - it: should respect global.imagePullSecrets set: @@ -98,7 +98,7 @@ tests: asserts: - equal: path: spec.template.spec.containers[0].image - value: custom-registry.io/etcd-development/etcd:v3.6.0-alpha.0 + value: custom-registry.io/coreos/etcd:v3.6.0-alpha.0 - it: should respect image.repository override set: @@ -107,7 +107,7 @@ tests: asserts: - equal: path: spec.template.spec.containers[0].image - value: gcr.io/custom/etcd:v3.6.0-alpha.0 + value: quay.io/custom/etcd:v3.6.0-alpha.0 - it: should respect image.tag override set: @@ -116,7 +116,7 @@ tests: asserts: - equal: path: spec.template.spec.containers[0].image - value: gcr.io/etcd-development/etcd:v3.5.0 + value: quay.io/coreos/etcd:v3.5.0 - it: should respect image.pullPolicy override set: @@ -136,7 +136,7 @@ tests: asserts: - equal: path: spec.template.spec.containers[0].image - value: global-registry.com/etcd-development/etcd:v3.6.0-alpha.0 + value: global-registry.com/coreos/etcd:v3.6.0-alpha.0 - it: should add podLabels to pod template set: From af00fe0c63c9a594d3356dcf3cbe2b3790376ed9 Mon Sep 17 00:00:00 2001 From: Gasper Oblak <83308880+bl4ko@users.noreply.github.com> Date: Fri, 10 Oct 2025 10:34:20 +0200 Subject: [PATCH 16/20] [rabbitmq] add traffic distribution and option to source definitions from existingSecret (#334) * [rabbitmq]: add missing readme heading for definitions section * [rabbitmq]: add trafficDistribution and topology spread constraint options * [rabbitmq]: fix duplicate work * [rabbitmq]: also add support for sourcing definitions from secret * [rabbitmq]: add missing stuff --------- Co-authored-by: Finn Rades <64548817+zOnlyKroks@users.noreply.github.com> --- charts/rabbitmq/README.md | 23 +++++++++------- .../templates/definitions-configmap.yaml | 2 +- charts/rabbitmq/templates/service.yaml | 3 ++- charts/rabbitmq/templates/statefulset.yaml | 18 +++++++++++-- charts/rabbitmq/values.schema.json | 27 +++++++++++++------ charts/rabbitmq/values.yaml | 6 +++++ 6 files changed, 58 insertions(+), 21 deletions(-) diff --git a/charts/rabbitmq/README.md b/charts/rabbitmq/README.md index cac7c126..23f998d8 100644 --- a/charts/rabbitmq/README.md +++ b/charts/rabbitmq/README.md @@ -103,11 +103,15 @@ The following table lists the configurable parameters of the RabbitMQ chart and | `podAnnotations` | Annotations to attach to pods | `{}` | | `statefulsetAnnotations` | Annotations for StatefulSet | `{}` | +### RabbitMQ Definitions + | Parameter | Description | Default | | ---------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- | ----------- | | `definitions.enabled` | Enable loading of RabbitMQ definitions on startup. When `true`, definitions will be loaded at container boot. | `false` | | `definitions.existingConfigMap` | Name of an existing ConfigMap containing RabbitMQ definitions (e.g., created via `kubectl create configmap rmq-defs --from-file=defs.json`). | `""` | | `definitions.existingConfigMapKey` | Key in the existing ConfigMap containing the RabbitMQ definitions JSON file. | `defs.json` | +| `defintions.existingSecret` | Name of an existing Secret containing RabbitMQ definitions. | `""` | +| `definitions.existingSecretKey` | Key in the existing Secret containing the RabbitMQ definitions JSON file. | `defs.json` | | `definitions.users` | Array of RabbitMQ users to create. | `[]` | | `definitions.vhosts` | Array of RabbitMQ virtual hosts to create. | `[]` | | `definitions.permissions` | Array of RabbitMQ permissions to set per vhost. | `[]` | @@ -121,15 +125,16 @@ The following table lists the configurable parameters of the RabbitMQ chart and ### Service configuration -| Parameter | Description | Default | -| ----------------------------- | -------------------------------------- | ----------- | -| `service.type` | Kubernetes service type | `ClusterIP` | -| `service.amqpPort` | RabbitMQ AMQP service port | `5672` | -| `service.managementPort` | RabbitMQ management UI port | `15672` | -| `service.epmdPort` | RabbitMQ EPMD port | `4369` | -| `service.distPort` | RabbitMQ distribution port | `25672` | -| `service.annotations` | Kubernetes service annotations | `{}` | -| `service.annotationsHeadless` | Kubernetes service annotationsHeadless | `25672` | +| Parameter | Description | Default | +| ----------------------------- | ------------------------------------------- | ----------- | +| `service.type` | Kubernetes service type | `ClusterIP` | +| `service.amqpPort` | RabbitMQ AMQP service port | `5672` | +| `service.managementPort` | RabbitMQ management UI port | `15672` | +| `service.epmdPort` | RabbitMQ EPMD port | `4369` | +| `service.distPort` | RabbitMQ distribution port | `25672` | +| `service.annotations` | Kubernetes service annotations | `{}` | +| `service.annotationsHeadless` | Kubernetes service annotationsHeadless | `25672` | +| `service.trafficDistribution` | Traffic distribution policy for the service | `""` | ### RabbitMQ Authentication diff --git a/charts/rabbitmq/templates/definitions-configmap.yaml b/charts/rabbitmq/templates/definitions-configmap.yaml index 6b5ba931..448df39a 100644 --- a/charts/rabbitmq/templates/definitions-configmap.yaml +++ b/charts/rabbitmq/templates/definitions-configmap.yaml @@ -2,7 +2,7 @@ This file is rendered only if definitions are enabled AND an existing ConfigMap is NOT specified. It constructs a dictionary from the values and then converts it to a valid JSON object. */}} -{{- if and .Values.definitions.enabled (not .Values.definitions.existingConfigMap) }} +{{- if and .Values.definitions.enabled (not .Values.definitions.existingConfigMap) (not .Values.definitions.existingSecret) }} {{- $def := dict }} {{- if .Values.definitions.users -}}{{- $_ := set $def "users" .Values.definitions.users }}{{- end }} {{- if .Values.definitions.vhosts -}}{{- $_ := set $def "vhosts" .Values.definitions.vhosts }}{{- end }} diff --git a/charts/rabbitmq/templates/service.yaml b/charts/rabbitmq/templates/service.yaml index e1076a13..79f5828c 100644 --- a/charts/rabbitmq/templates/service.yaml +++ b/charts/rabbitmq/templates/service.yaml @@ -11,6 +11,7 @@ metadata: {{- end }} spec: type: {{ .Values.service.type }} + trafficDistribution: {{ .Values.service.trafficDistribution }} ports: - port: {{ .Values.service.amqpPort }} targetPort: amqp @@ -31,4 +32,4 @@ spec: name: {{ .name }} {{- end }} selector: - {{- include "rabbitmq.selectorLabels" . | nindent 4 }} \ No newline at end of file + {{- include "rabbitmq.selectorLabels" . | nindent 4 }} diff --git a/charts/rabbitmq/templates/statefulset.yaml b/charts/rabbitmq/templates/statefulset.yaml index 25e993e9..6dd16bce 100644 --- a/charts/rabbitmq/templates/statefulset.yaml +++ b/charts/rabbitmq/templates/statefulset.yaml @@ -210,7 +210,13 @@ spec: {{- if .Values.definitions.enabled }} - name: definitions mountPath: "/etc/rabbitmq-definitions/defs.json" - subPath: {{ .Values.definitions.existingConfigMapKey | default "defs.json" }} + subPath: {{- if .Values.definitions.existingConfigMap }} + {{ .Values.definitions.existingConfigMapKey | default "defs.json" }} + {{- else if .Values.definitions.existingSecret }} + {{ .Values.definitions.existingSecretKey | default "defs.json" }} + {{- else }} + defs.json + {{- end }} {{- end }} {{- if .Values.extraVolumeMounts }} {{- toYaml .Values.extraVolumeMounts | nindent 12 }} @@ -231,8 +237,16 @@ spec: name: {{ include "rabbitmq.fullname" . }}-config {{- if .Values.definitions.enabled }} - name: definitions + {{- if .Values.definitions.existingConfigMap }} configMap: - name: {{ .Values.definitions.existingConfigMap | default (printf "%s-definitions" (include "rabbitmq.fullname" .)) }} + name: {{ .Values.definitions.existingConfigMap }} + {{- else if .Values.definitions.existingSecret }} + secret: + secretName: {{ .Values.definitions.existingSecret }} + {{- else }} + configMap: + name: {{ printf "%s-definitions" (include "rabbitmq.fullname" .) }} + {{- end }} {{- end }} {{- if .Values.extraVolumes }} {{- toYaml .Values.extraVolumes | nindent 8 }} diff --git a/charts/rabbitmq/values.schema.json b/charts/rabbitmq/values.schema.json index 019dd16d..6b9194a8 100644 --- a/charts/rabbitmq/values.schema.json +++ b/charts/rabbitmq/values.schema.json @@ -108,6 +108,12 @@ "description": "Kubernetes service type", "enum": ["ClusterIP", "NodePort", "LoadBalancer", "ExternalName"] }, + "trafficDistribution": { + "type": "string", + "description": "Traffic distribution policy", + "enum": ["", "PreferClose", "PreferSameZone", "PreferSameNode"], + "default": "" + }, "amqpPort": { "type": "integer", "title": "AMQP Port", @@ -913,18 +919,12 @@ "description": "Enable/disable a Pod Disruption Budget creation" }, "minAvailable": { - "oneOf": [ - {"type": "string"}, - {"type": "integer"} - ], + "oneOf": [{ "type": "string" }, { "type": "integer" }], "title": "Min Available", "description": "Minimum number/percentage of pods that should remain scheduled" }, "maxUnavailable": { - "oneOf": [ - {"type": "string"}, - {"type": "integer"} - ], + "oneOf": [{ "type": "string" }, { "type": "integer" }], "title": "Max Unavailable", "description": "Maximum number/percentage of pods that may be made unavailable" } @@ -951,6 +951,17 @@ "description": "Key in existing ConfigMap containing RabbitMQ definitions", "default": "defs.json" }, + "existingSecret": { + "type": "string", + "title": "Existing Secret", + "description": "Name of existing Secret containing RabbitMQ definitions" + }, + "existingSecretKey": { + "type": "string", + "title": "Existing Secret Key", + "description": "Key in existing Secret containing RabbitMQ definitions", + "default": "defs.json" + }, "bindings": { "type": "array", "title": "Bindings", diff --git a/charts/rabbitmq/values.yaml b/charts/rabbitmq/values.yaml index 1cce1daf..93d42b2b 100644 --- a/charts/rabbitmq/values.yaml +++ b/charts/rabbitmq/values.yaml @@ -38,6 +38,8 @@ replicaCount: 1 service: ## @param service.type Kubernetes service type type: ClusterIP + ## @param service.trafficDistribution Traffic distribution policy for the service + trafficDistribution: "" ## @param service.amqpPort RabbitMQ AMQP service port amqpPort: 5672 ## @param service.managementPort RabbitMQ management UI port @@ -374,6 +376,10 @@ definitions: existingConfigMap: "" ## @param definitions.existingConfigMapKey Key in existing ConfigMap containing RabbitMQ definitions existingConfigMapKey: defs.json + ## @param definitions.existingSecret Name of existing Secret containing RabbitMQ definitions + existingSecret: "" + ## @param definitions.existingSecretKey Key in existing Secret containing RabbitMQ definitions + existingSecretKey: defs.json ## @param definitions.bindings Array of RabbitMQ bindings to create bindings: [] ## @param definitions.global_parameters Array of RabbitMQ global parameters to create From f7ff0cf376a06e36c28cb1bfbc3b34899cbfecd2 Mon Sep 17 00:00:00 2001 From: Tanguy Falconnet Date: Fri, 10 Oct 2025 11:07:28 +0200 Subject: [PATCH 17/20] [keycloak] Import realm (#219) * feat(keycloak): import realm * fix(keycloak): default values to avoid crash * chore(keycloak): update changelog * chore: bump chart version --------- Signed-off-by: Tanguy Falconnet --- charts/keycloak/CHANGELOG.md | 83 +++++++++++++++++++++++ charts/keycloak/Chart.yaml | 2 +- charts/keycloak/README.md | 20 ++++++ charts/keycloak/templates/configmap.yaml | 19 +++++- charts/keycloak/templates/deployment.yaml | 20 ++++-- charts/keycloak/values.schema.json | 13 ++++ charts/keycloak/values.yaml | 7 ++ 7 files changed, 158 insertions(+), 6 deletions(-) diff --git a/charts/keycloak/CHANGELOG.md b/charts/keycloak/CHANGELOG.md index fc4902d3..10715f0b 100644 --- a/charts/keycloak/CHANGELOG.md +++ b/charts/keycloak/CHANGELOG.md @@ -1,5 +1,88 @@ # Changelog +## 0.4.0 (2025-10-10) + +* [keycloak] Allow to import a realm at startup from a json config ([#219](https://github.com/CloudPirates-io/helm-charts/pull/219)) + ## 0.3.2 (2025-10-09) * [mongodb] fix: newline between mongo labels and additional labels ([#301](https://github.com/CloudPirates-io/helm-charts/pull/301)) + +## 0.3.1 (2025-10-09) + +* [keycloak/keycloak] Update charts/keycloak/values.yaml keycloak/keycloak to v26.3.5 (patch) ([#261](https://github.com/CloudPirates-io/helm-charts/pull/261)) + +## 0.3.0 (2025-10-08) + +* make keycloak run on openshift (#225) ([9b4f896](https://github.com/CloudPirates-io/helm-charts/commit/9b4f896)), closes [#225](https://github.com/CloudPirates-io/helm-charts/issues/225) + +## 0.2.1 (2025-10-07) + +* default http relative path to '/' to fix argocd deployment (#221) ([bdb1946](https://github.com/CloudPirates-io/helm-charts/commit/bdb1946)), closes [#221](https://github.com/CloudPirates-io/helm-charts/issues/221) + +## 0.2.0 (2025-10-06) + +* Add support for extra volumes, volumeMounts and initContainers (#215) ([16afcfe](https://github.com/CloudPirates-io/helm-charts/commit/16afcfe)), closes [#215](https://github.com/CloudPirates-io/helm-charts/issues/215) + +## 0.1.12 (2025-10-06) + +* [mariadb] chore(deps): update mariadb:12.0.2 Docker digest to 03a03a6 (#208) ([01a6ad1](https://github.com/CloudPirates-io/helm-charts/commit/01a6ad1)), closes [#208](https://github.com/CloudPirates-io/helm-charts/issues/208) +* [mariadb] use tpl to return existingConfigMap (#217) ([c7c2f4c](https://github.com/CloudPirates-io/helm-charts/commit/c7c2f4c)), closes [#217](https://github.com/CloudPirates-io/helm-charts/issues/217) + +## 0.1.11 (2025-10-06) + +* Allow keycloak to have a relative path (#216) ([0237457](https://github.com/CloudPirates-io/helm-charts/commit/0237457)), closes [#216](https://github.com/CloudPirates-io/helm-charts/issues/216) + +## 0.1.10 (2025-10-02) + +* [postgres] chore(deps): update postgres:17.6 Docker digest to e6a4209 (#173) ([beb0b40](https://github.com/CloudPirates-io/helm-charts/commit/beb0b40)), closes [#173](https://github.com/CloudPirates-io/helm-charts/issues/173) + +## 0.1.9 (2025-10-02) + +* add topologySpreadConstraints and trafficDistribution opti… (#209) ([c777fca](https://github.com/CloudPirates-io/helm-charts/commit/c777fca)), closes [#209](https://github.com/CloudPirates-io/helm-charts/issues/209) + +## 0.1.8 (2025-09-30) + +* Feature/command customize (#186) ([a458e15](https://github.com/CloudPirates-io/helm-charts/commit/a458e15)), closes [#186](https://github.com/CloudPirates-io/helm-charts/issues/186) + +## 0.1.7 (2025-09-29) + +* replace deprecated 'proxy' with new proxy parameters (#183) ([d850b7b](https://github.com/CloudPirates-io/helm-charts/commit/d850b7b)), closes [#183](https://github.com/CloudPirates-io/helm-charts/issues/183) + +## 0.1.6 (2025-09-26) + +* [postgres] chore(deps): update postgres:17.6 Docker digest to 0b6428e (#162) ([6293612](https://github.com/CloudPirates-io/helm-charts/commit/6293612)), closes [#162](https://github.com/CloudPirates-io/helm-charts/issues/162) + +## 0.1.5 (2025-09-25) + +* add namespaces to templates, change user/group-ids to 1001 ([31b203b](https://github.com/CloudPirates-io/helm-charts/commit/31b203b)) +* add readme documentation and values.schema.json ([369448b](https://github.com/CloudPirates-io/helm-charts/commit/369448b)) +* add support for extra env vars from an existing secret (#158) ([263604f](https://github.com/CloudPirates-io/helm-charts/commit/263604f)), closes [#158](https://github.com/CloudPirates-io/helm-charts/issues/158) +* Fix resolving template expressions in extraobjects ([12a1cb5](https://github.com/CloudPirates-io/helm-charts/commit/12a1cb5)) +* [postgres] chore(deps): update postgres:17.6 Docker digest to 0f4f200 ([b4a6a30](https://github.com/CloudPirates-io/helm-charts/commit/b4a6a30)) +* Add keycloak logo ([bf1e1c2](https://github.com/CloudPirates-io/helm-charts/commit/bf1e1c2)) +* Add TODO ([8162d60](https://github.com/CloudPirates-io/helm-charts/commit/8162d60)) +* Artifact hub id ([02540ae](https://github.com/CloudPirates-io/helm-charts/commit/02540ae)) +* Bump the correct thing ([35e7901](https://github.com/CloudPirates-io/helm-charts/commit/35e7901)) +* Fix chart version bump ([aae07b1](https://github.com/CloudPirates-io/helm-charts/commit/aae07b1)) +* Fix deprecated env vars warning ([50d9fa0](https://github.com/CloudPirates-io/helm-charts/commit/50d9fa0)) +* Fix lint ([4bf9e77](https://github.com/CloudPirates-io/helm-charts/commit/4bf9e77)) +* Fix lint 2 ([a38fc35](https://github.com/CloudPirates-io/helm-charts/commit/a38fc35)) +* Fix lint 3 ([0875bfa](https://github.com/CloudPirates-io/helm-charts/commit/0875bfa)) +* Fix lint 4 ([7fcbd78](https://github.com/CloudPirates-io/helm-charts/commit/7fcbd78)) +* Improvements ([cea8f2c](https://github.com/CloudPirates-io/helm-charts/commit/cea8f2c)) +* Initial implementation ([c5d41ec](https://github.com/CloudPirates-io/helm-charts/commit/c5d41ec)) +* Rework keycloak ([2afb0fd](https://github.com/CloudPirates-io/helm-charts/commit/2afb0fd)) +* Update CHANGELOG.md ([b7572a8](https://github.com/CloudPirates-io/helm-charts/commit/b7572a8)) +* Update CHANGELOG.md ([245f9b6](https://github.com/CloudPirates-io/helm-charts/commit/245f9b6)) +* Update CHANGELOG.md ([0bf9f75](https://github.com/CloudPirates-io/helm-charts/commit/0bf9f75)) +* Update CHANGELOG.md ([03d476e](https://github.com/CloudPirates-io/helm-charts/commit/03d476e)) +* Update CHANGELOG.md ([20c19bb](https://github.com/CloudPirates-io/helm-charts/commit/20c19bb)) +* Update CHANGELOG.md ([68435aa](https://github.com/CloudPirates-io/helm-charts/commit/68435aa)) +* Update CHANGELOG.md ([b8adca8](https://github.com/CloudPirates-io/helm-charts/commit/b8adca8)) +* Update CHANGELOG.md ([62e51b9](https://github.com/CloudPirates-io/helm-charts/commit/62e51b9)) +* Update CHANGELOG.md ([54f725e](https://github.com/CloudPirates-io/helm-charts/commit/54f725e)) +* Update CHANGELOG.md ([2ed9b3f](https://github.com/CloudPirates-io/helm-charts/commit/2ed9b3f)) +* Update CHANGELOG.md ([2178148](https://github.com/CloudPirates-io/helm-charts/commit/2178148)) +* Update CHANGELOG.md ([8d6710f](https://github.com/CloudPirates-io/helm-charts/commit/8d6710f)) +* chore: fix changelog ([bd9f1a8](https://github.com/CloudPirates-io/helm-charts/commit/bd9f1a8)) diff --git a/charts/keycloak/Chart.yaml b/charts/keycloak/Chart.yaml index 2e61bbc7..dde2f8dc 100644 --- a/charts/keycloak/Chart.yaml +++ b/charts/keycloak/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: keycloak description: Open Source Identity and Access Management Solution type: application -version: 0.3.2 +version: 0.4.0 appVersion: "26.3.4" keywords: - keycloak diff --git a/charts/keycloak/README.md b/charts/keycloak/README.md index 10372ca3..7d1e5b77 100644 --- a/charts/keycloak/README.md +++ b/charts/keycloak/README.md @@ -167,6 +167,13 @@ The following table lists the configurable parameters of the Keycloak chart and | `cache.stack` | Cache stack (local, ispn, default) | `local` | | `cache.configFile` | Custom cache configuration file | `""` | +### Realm Configuration + +| Parameter | Description | Default | +| ------------------ | -------------------------------------------------------------------------------------- | ------- | +| `realm.import` | Enable import of realms from /opt/keycloak/data/import (production mode must be false) | `false` | +| `realm.configFile` | Json config for initial realm configuration, mounted in /opt/keycloak/data/import | `""` | + ### Features Configuration | Parameter | Description | Default | @@ -460,6 +467,19 @@ kubectl create secret generic keycloak-db-credentials \ --from-literal=db-username=keycloak ``` +### Realm import + +```yaml +realm: + import: true + configFile: | + { + "realm": "my-realm", + "enabled": true + } +``` + + ### High Availability Setup ```yaml diff --git a/charts/keycloak/templates/configmap.yaml b/charts/keycloak/templates/configmap.yaml index 34160321..0ac03236 100644 --- a/charts/keycloak/templates/configmap.yaml +++ b/charts/keycloak/templates/configmap.yaml @@ -13,4 +13,21 @@ metadata: data: cache-ispn.xml: | {{- .Values.cache.configFile | nindent 4 }} -{{- end }} \ No newline at end of file +{{- end }} +{{- if .Values.realm.import }} +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: {{ include "keycloak.fullname" . }}-realm + namespace: {{ .Release.Namespace }} + labels: + {{- include "keycloak.labels" . | nindent 4 }} + {{- with (include "keycloak.annotations" .) }} + annotations: + {{- . | nindent 4 }} + {{- end }} +data: + realm.json: | + {{ .Values.realm.configFile | nindent 4 }} +{{- end }} diff --git a/charts/keycloak/templates/deployment.yaml b/charts/keycloak/templates/deployment.yaml index 6c309346..f9698d8b 100644 --- a/charts/keycloak/templates/deployment.yaml +++ b/charts/keycloak/templates/deployment.yaml @@ -67,6 +67,9 @@ spec: - start {{- else }} - start-dev + {{- if .Values.realm.import }} + - --import-realm + {{- end }} {{- end }} {{- if .Values.keycloak.httpEnabled }} - --http-enabled=true @@ -220,10 +223,14 @@ spec: mountPath: /opt/keycloak/work - name: keycloak-lib-quarkus mountPath: /opt/keycloak/lib/quarkus + {{- if .Values.realm.import }} + - name: realm-config + mountPath: /opt/keycloak/data/import + readOnly: true + {{- end }} {{- if .Values.extraVolumeMounts }} {{- toYaml .Values.extraVolumeMounts | nindent 12}} {{- end }} - volumes: {{- if .Values.persistence.enabled }} - name: data @@ -244,9 +251,14 @@ spec: emptyDir: {} - name: keycloak-lib-quarkus emptyDir: {} - {{- if .Values.extraVolumes }} - {{- toYaml .Values.extraVolumes | nindent 8 }} - {{- end }} + {{- if .Values.realm.import }} + - name: realm-config + configMap: + name: {{ include "keycloak.fullname" . }}-realm + {{- end }} + {{- if .Values.extraVolumes }} + {{- toYaml .Values.extraVolumes | nindent 8 }} + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/keycloak/values.schema.json b/charts/keycloak/values.schema.json index 19e86a41..c52fe5ec 100644 --- a/charts/keycloak/values.schema.json +++ b/charts/keycloak/values.schema.json @@ -284,6 +284,19 @@ } } }, + "realm": { + "type": "object", + "properties": { + "import": { + "type": "boolean", + "description": "Enable import of realms from /opt/keycloak/data/import (production mode must be false)" + }, + "configFile": { + "type": "string", + "description": "Json config for initial realm configuration, mounted in /opt/keycloak/data/import" + } + } + }, "features": { "type": "object", "properties": { diff --git a/charts/keycloak/values.yaml b/charts/keycloak/values.yaml index 6b2799d5..fff58e57 100644 --- a/charts/keycloak/values.yaml +++ b/charts/keycloak/values.yaml @@ -143,6 +143,13 @@ cache: ## @param cache.configFile Custom cache configuration file configFile: "" +## @section Realm Configuration +realm: + ## @param realm.import Enable import of realms from /opt/keycloak/data/import (production mode must be false) + import: false + ## @param realm.configFile Json config for initial realm configuration, mounted in /opt/keycloak/data/import + configFile: "" + ## @section Features Configuration features: ## @param features.enabled List of enabled features From c71838f58808daf9a2f0b7c6bdba2e97b874f0af Mon Sep 17 00:00:00 2001 From: Finn Rades <64548817+zOnlyKroks@users.noreply.github.com> Date: Fri, 10 Oct 2025 11:08:20 +0200 Subject: [PATCH 18/20] [universal]: Add non verified commit warning github action (#335) * Add non verified commit warning github action * Recognize ssh signing * Fix unset git option * Test change to verify without signature message * Test change to verify without signature message * Test change to verify without signature message --- .github/workflows/check-signed-commits.yaml | 139 ++++++++++++++++++++ 1 file changed, 139 insertions(+) create mode 100644 .github/workflows/check-signed-commits.yaml diff --git a/.github/workflows/check-signed-commits.yaml b/.github/workflows/check-signed-commits.yaml new file mode 100644 index 00000000..fed9725b --- /dev/null +++ b/.github/workflows/check-signed-commits.yaml @@ -0,0 +1,139 @@ +name: "Check Signed Commits" + +on: + pull_request: + types: + - opened + - synchronize + - reopened + branches: + - main + +jobs: + check-signed-commits: + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: write + steps: + - name: Checkout repository + uses: actions/checkout@v5.0.0 + with: + fetch-depth: 0 + ref: ${{ github.event.pull_request.head.sha }} + + - name: Configure Git for SSH signature verification + run: | + # Create a temporary allowed signers file (not used for actual verification) + # This allows git to recognize SSH signatures exist without requiring key validation + touch /tmp/allowed_signers + git config --global gpg.ssh.allowedSignersFile /tmp/allowed_signers + # Configure git to recognize SSH signing format + git config --global gpg.format ssh + + - name: Check for verified commits + id: check-commits + run: | + # Get all commits in the PR + git fetch origin ${{ github.event.pull_request.base.ref }} + COMMITS=$(git rev-list origin/${{ github.event.pull_request.base.ref }}..${{ github.event.pull_request.head.sha }}) + + UNSIGNED_COMMITS="" + UNSIGNED_COUNT=0 + TOTAL_COUNT=0 + + for commit in $COMMITS; do + TOTAL_COUNT=$((TOTAL_COUNT + 1)) + # Check if commit is signed (GPG or SSH signature) + # %G? returns signature status + # %GF returns the signing key fingerprint (empty if not signed) + SIGNATURE=$(git log -1 --format='%G?' $commit) + FINGERPRINT=$(git log -1 --format='%GF' $commit) + + # %G? returns: + # G = good GPG signature + # U = unverified signature (has signature but can't verify - common for SSH) + # B = bad signature + # N = no signature + # E = signature expired + # Y = good signature (expired key) + + # A commit is considered SIGNED if it has any signature present + # We check for a fingerprint to confirm a signature exists + # For SSH signatures, %G? will be "U" but %GF will have the fingerprint + + if [[ -z "$FINGERPRINT" ]]; then + # No fingerprint means no signature at all + UNSIGNED_COMMITS="${UNSIGNED_COMMITS}${commit}\n" + UNSIGNED_COUNT=$((UNSIGNED_COUNT + 1)) + fi + done + + echo "total_commits=${TOTAL_COUNT}" >> $GITHUB_OUTPUT + echo "unsigned_commits=${UNSIGNED_COUNT}" >> $GITHUB_OUTPUT + + if [ $UNSIGNED_COUNT -gt 0 ]; then + echo "has_unsigned=true" >> $GITHUB_OUTPUT + else + echo "has_unsigned=false" >> $GITHUB_OUTPUT + fi + + - name: Check if comment already exists + if: steps.check-commits.outputs.has_unsigned == 'true' + id: check-comment + env: + GH_TOKEN: ${{ github.token }} + run: | + # Check if our bot has already commented on this PR + COMMENT_EXISTS=$(gh api \ + -H "Accept: application/vnd.github+json" \ + -H "X-GitHub-Api-Version: 2022-11-28" \ + "/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/comments" \ + | jq -r '.[] | select(.user.login == "github-actions[bot]" and (.body | contains("⚠️ Unsigned Commits Detected"))) | .id' | head -1) + + if [ -n "$COMMENT_EXISTS" ]; then + echo "comment_exists=true" >> $GITHUB_OUTPUT + echo "comment_id=${COMMENT_EXISTS}" >> $GITHUB_OUTPUT + else + echo "comment_exists=false" >> $GITHUB_OUTPUT + fi + + - name: Post warning comment + if: steps.check-commits.outputs.has_unsigned == 'true' && steps.check-comment.outputs.comment_exists == 'false' + env: + GH_TOKEN: ${{ github.token }} + run: | + cat << 'EOF' | gh pr comment ${{ github.event.pull_request.number }} --repo ${{ github.repository }} -F - + ## ⚠️ Unsigned Commits Detected + + This pull request contains unsigned commits. + + ### What does this mean? + + Signed commits help ensure the authenticity and traceability of contributions. They allow us to verify that commits actually came from the stated author, even if GitHub accounts are deleted or modified in the future. + + ### Current Policy (Grace Period) + + **This is currently a warning only.** We are in a transition period to give all contributors time to set up commit signing. + + After this grace period, **all commits will be required to be signed** before PRs can be merged. + + ### How to sign your commits + + Please see our [Contributing Guide](../blob/main/CONTRIBUTING.md#setting-up-your-development-environment) for detailed instructions on setting up commit signing. + + ### Resources + + - [Contributing Guide: Development Setup](../blob/main/CONTRIBUTING.md#setting-up-your-development-environment) + - [GitHub Docs: About Commit Signature Verification](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification) + + --- + + _This check will become mandatory in the future. Please start signing your commits now to avoid issues later._ + EOF + + - name: Success message + if: steps.check-commits.outputs.has_unsigned == 'false' + run: | + echo "✅ All ${{ steps.check-commits.outputs.total_commits }} commits in this PR are signed!" + \ No newline at end of file From 1c06f2e15d8f45c66ebb039e2644e3a123c960ed Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 13:34:25 +0200 Subject: [PATCH 19/20] [rabbitmq] Update charts/rabbitmq/values.yaml rabbitmq (#339) * [rabbitmq] Update charts/rabbitmq/values.yaml rabbitmq * Bump chart version * [rabbitmq] Update charts/rabbitmq/values.yaml rabbitmq * Bump chart version * [rabbitmq] Update charts/rabbitmq/values.yaml rabbitmq * Bump chart version * Bump chart version --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Finn Rades --- charts/rabbitmq/Chart.yaml | 2 +- charts/rabbitmq/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/rabbitmq/Chart.yaml b/charts/rabbitmq/Chart.yaml index e33f769a..de7ea59b 100644 --- a/charts/rabbitmq/Chart.yaml +++ b/charts/rabbitmq/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: rabbitmq description: A messaging broker that implements the Advanced Message Queuing Protocol (AMQP) type: application -version: 0.3.5 +version: 0.3.6 appVersion: "4.1.4" keywords: - rabbitmq diff --git a/charts/rabbitmq/values.yaml b/charts/rabbitmq/values.yaml index 93d42b2b..72da8869 100644 --- a/charts/rabbitmq/values.yaml +++ b/charts/rabbitmq/values.yaml @@ -23,7 +23,7 @@ image: ## @param image.repository RabbitMQ image repository repository: rabbitmq ## @param image.tag RabbitMQ image tag - tag: "4.1.4-management@sha256:04be562d256bfd26278ca4ff2014fab6bbb31fced47490cee7e86f5cdb7f47d5" + tag: "4.1.4-management@sha256:f66d1a21bd0b65fd91a4fd160de656dea92332e6037e58cb48e7174645a0586c" ## @param image.imagePullPolicy RabbitMQ image pull policy imagePullPolicy: Always From 9dd4b92afb8cec527aa85aad4c6df5d0470a3391 Mon Sep 17 00:00:00 2001 From: Finn Rades <64548817+zOnlyKroks@users.noreply.github.com> Date: Fri, 10 Oct 2025 17:14:27 +0200 Subject: [PATCH 20/20] [universal]: Implement specific run hook (#345) * Implement specific run hook * Fix wrong permissions * Mistake wrong hooK --- .github/workflows/check-signed-commits.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/check-signed-commits.yaml b/.github/workflows/check-signed-commits.yaml index fed9725b..b39a9019 100644 --- a/.github/workflows/check-signed-commits.yaml +++ b/.github/workflows/check-signed-commits.yaml @@ -15,6 +15,7 @@ jobs: permissions: contents: read pull-requests: write + issues: write steps: - name: Checkout repository uses: actions/checkout@v5.0.0 @@ -136,4 +137,3 @@ jobs: if: steps.check-commits.outputs.has_unsigned == 'false' run: | echo "✅ All ${{ steps.check-commits.outputs.total_commits }} commits in this PR are signed!" - \ No newline at end of file