feat: various fixes and version bumps for >= 1.22.8
This commit is contained in:
parent
dd0ef79dee
commit
8b18ec3920
@ -1,7 +1,7 @@
|
||||
apiVersion: v2
|
||||
description: KubeZero ArgoCD Helm chart to install ArgoCD itself and the KubeZero ArgoCD Application
|
||||
name: kubezero-argocd
|
||||
version: 0.9.5
|
||||
version: 0.9.6
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
keywords:
|
||||
@ -16,6 +16,6 @@ dependencies:
|
||||
version: ">= 0.1.4"
|
||||
repository: https://cdn.zero-downtime.net/charts/
|
||||
- name: argo-cd
|
||||
version: 3.32.1
|
||||
version: 3.33.8
|
||||
repository: https://argoproj.github.io/argo-helm
|
||||
kubeVersion: ">= 1.20.0"
|
||||
|
@ -2,7 +2,7 @@ apiVersion: v2
|
||||
name: kubezero-cert-manager
|
||||
description: KubeZero Umbrella Chart for cert-manager
|
||||
type: application
|
||||
version: 0.8.0
|
||||
version: 0.8.2
|
||||
appVersion: 1.6.1
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
|
@ -1,6 +1,6 @@
|
||||
# kubezero-cert-manager
|
||||
|
||||
![Version: 0.8.0](https://img.shields.io/badge/Version-0.8.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.6.1](https://img.shields.io/badge/AppVersion-1.6.1-informational?style=flat-square)
|
||||
![Version: 0.8.1](https://img.shields.io/badge/Version-0.8.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.6.1](https://img.shields.io/badge/AppVersion-1.6.1-informational?style=flat-square)
|
||||
|
||||
KubeZero Umbrella Chart for cert-manager
|
||||
|
||||
|
@ -1,3 +1,4 @@
|
||||
{{- if index .Values "cert-manager" "prometheus" "servicemonitor" "enabled" }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: PrometheusRule
|
||||
metadata:
|
||||
@ -50,4 +51,4 @@ spec:
|
||||
for: 5m
|
||||
labels:
|
||||
severity: critical
|
||||
|
||||
{{- end }}
|
||||
|
@ -2,7 +2,7 @@ apiVersion: v2
|
||||
name: kubezero-ci
|
||||
description: KubeZero umbrella chart for all things CI
|
||||
type: application
|
||||
version: 0.4.26
|
||||
version: 0.4.44
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
keywords:
|
||||
@ -18,19 +18,19 @@ dependencies:
|
||||
version: ">= 0.1.5"
|
||||
repository: https://cdn.zero-downtime.net/charts/
|
||||
- name: gocd
|
||||
version: 1.39.4
|
||||
version: 1.40.8
|
||||
repository: https://gocd.github.io/helm-chart
|
||||
condition: gocd.enabled
|
||||
- name: gitea
|
||||
version: 5.0.0
|
||||
version: 5.0.3
|
||||
repository: https://dl.gitea.io/charts/
|
||||
condition: gitea.enabled
|
||||
- name: jenkins
|
||||
version: 3.11.3
|
||||
version: 3.11.10
|
||||
repository: https://charts.jenkins.io
|
||||
condition: jenkins.enabled
|
||||
- name: trivy
|
||||
version: 0.4.9
|
||||
version: 0.4.12
|
||||
repository: https://aquasecurity.github.io/helm-charts/
|
||||
condition: trivy.enabled
|
||||
|
||||
|
@ -28,4 +28,7 @@
|
||||
|
||||
## Resources
|
||||
|
||||
### JVM tuning in containers
|
||||
- https://developers.redhat.com/blog/2017/04/04/openjdk-and-containers?extIdCarryOver=true&sc_cid=701f2000001Css5AAC
|
||||
|
||||
{{ template "chart.valuesSection" . }}
|
||||
|
@ -17,7 +17,7 @@ gitea:
|
||||
enabled: false
|
||||
|
||||
image:
|
||||
tag: 1.16.1
|
||||
tag: 1.16.5
|
||||
rootless: true
|
||||
|
||||
securityContext:
|
||||
@ -69,14 +69,14 @@ jenkins:
|
||||
enabled: false
|
||||
|
||||
controller:
|
||||
tagLabel: alpine
|
||||
tag: 2.332.2-lts-jdk17-preview
|
||||
#tagLabel: alpine
|
||||
disableRememberMe: true
|
||||
prometheus:
|
||||
enabled: false
|
||||
testEnabled: false
|
||||
enableRawHtmlMarkupFormatter: true
|
||||
# javaOpts: "-Xms512m -Xmx512m"
|
||||
javaOpts: "-XX:+UseStringDeduplication -Dhudson.model.DirectoryBrowserSupport.CSP=\"sandbox allow-popups; default-src 'none'; img-src 'self' cdn.zero-downtime.net; style-src 'unsafe-inline';\""
|
||||
javaOpts: "-XX:+UseContainerSupport -XX:+UseStringDeduplication -Dhudson.model.DirectoryBrowserSupport.CSP=\"sandbox allow-popups; default-src 'none'; img-src 'self' cdn.zero-downtime.net; style-src 'unsafe-inline';\""
|
||||
jenkinsOpts: "--sessionTimeout=180 --sessionEviction=3600"
|
||||
|
||||
resources:
|
||||
@ -114,14 +114,15 @@ jenkins:
|
||||
numToKeepStr: "10"
|
||||
|
||||
installPlugins:
|
||||
- kubernetes:1.31.3
|
||||
- kubernetes:3580.v78271e5631dc
|
||||
- workflow-aggregator:2.6
|
||||
- git:4.10.3
|
||||
- configuration-as-code:1346.ve8cfa_3473c94
|
||||
- git:4.11.0
|
||||
- configuration-as-code:1414.v878271fc496f
|
||||
- antisamy-markup-formatter:2.7
|
||||
- prometheus:2.0.10
|
||||
- prometheus:2.0.11
|
||||
- htmlpublisher:1.29
|
||||
- build-discarder:60.v1747b0eb632a
|
||||
- dark-theme:156.v6cf16af6f9ef
|
||||
|
||||
serviceAccountAgent:
|
||||
create: true
|
||||
@ -130,22 +131,22 @@ jenkins:
|
||||
# Preconfigure agents to use zdt podman requires fuse/overlayfs
|
||||
agent:
|
||||
image: public.ecr.aws/zero-downtime/jenkins-podman
|
||||
tag: v0.2.4-6
|
||||
tag: v0.2.4-21
|
||||
resources:
|
||||
requests:
|
||||
cpu: "512m"
|
||||
memory: "512Mi"
|
||||
memory: "1024Mi"
|
||||
limits:
|
||||
cpu: "1"
|
||||
memory: "2048Mi"
|
||||
alwaysPullImage: true
|
||||
cpu: "4"
|
||||
memory: "6144Mi"
|
||||
#alwaysPullImage: true
|
||||
podRetention: "Default"
|
||||
showRawYaml: false
|
||||
podName: "podman-aws"
|
||||
customJenkinsLabels:
|
||||
- podman-aws-trivy
|
||||
idleMinutes: 10
|
||||
containerCap: 4
|
||||
containerCap: 2
|
||||
annotations:
|
||||
container.apparmor.security.beta.kubernetes.io/jnlp: unconfined
|
||||
# envVars:
|
||||
|
@ -10,7 +10,7 @@ if [ -r jsonnetfile.lock.json ]; then
|
||||
jb update
|
||||
else
|
||||
#jb install github.com/prometheus-operator/kube-prometheus/jsonnet/kube-prometheus@main
|
||||
jb install github.com/prometheus-operator/kube-prometheus/jsonnet/kube-prometheus@release-0.9
|
||||
jb install github.com/prometheus-operator/kube-prometheus/jsonnet/kube-prometheus@release-0.10
|
||||
fi
|
||||
|
||||
make clean
|
||||
|
@ -73,6 +73,8 @@ kube-prometheus-stack:
|
||||
enabled: true
|
||||
|
||||
prometheus-node-exporter:
|
||||
hostRootFsMount:
|
||||
enabled: false
|
||||
prometheus:
|
||||
monitor:
|
||||
relabelings:
|
||||
|
@ -2,7 +2,7 @@ apiVersion: v2
|
||||
name: kubezero-network
|
||||
description: KubeZero umbrella chart for all things network
|
||||
type: application
|
||||
version: 0.1.7
|
||||
version: 0.2.1
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
keywords:
|
||||
@ -16,7 +16,7 @@ maintainers:
|
||||
email: stefan@zero-downtime.net
|
||||
dependencies:
|
||||
- name: cilium
|
||||
version: 1.10.5
|
||||
version: 1.11.3
|
||||
repository: https://helm.cilium.io/
|
||||
condition: cilium.enabled
|
||||
- name: metallb
|
||||
|
@ -3,7 +3,7 @@ name: calico
|
||||
description: KubeZero Chart for Calico
|
||||
type: application
|
||||
version: 0.2.2
|
||||
appVersion: v3.16.5
|
||||
appVersion: v3.16.10
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
keywords:
|
||||
|
@ -518,7 +518,7 @@ spec:
|
||||
mountPath: /sys/fs/
|
||||
# Bidirectional means that, if we mount the BPF filesystem at /sys/fs/bpf it will propagate to the host.
|
||||
# If the host is known to mount that filesystem already then Bidirectional can be omitted.
|
||||
mountPropagation: Bidirectional
|
||||
# mountPropagation: Bidirectional
|
||||
volumes:
|
||||
# Used by calico-node.
|
||||
- name: lib-modules
|
||||
@ -541,7 +541,7 @@ spec:
|
||||
# Used to install CNI.
|
||||
- name: cni-bin-dir
|
||||
hostPath:
|
||||
path: /opt/cni/bin
|
||||
path: /usr/libexec/cni
|
||||
- name: cni-net-dir
|
||||
hostPath:
|
||||
path: /etc/cni/net.d
|
||||
|
@ -115,6 +115,7 @@ spec:
|
||||
args:
|
||||
- "--multus-conf-file=auto"
|
||||
- "--rename-conf-file=true"
|
||||
- "--cni-bin-dir=/host/usr/libexec/cni"
|
||||
- "--cni-version=0.3.1"
|
||||
resources:
|
||||
requests:
|
||||
@ -133,7 +134,7 @@ spec:
|
||||
- name: cni
|
||||
mountPath: /host/etc/cni/net.d
|
||||
- name: cnibin
|
||||
mountPath: /host/opt/cni/bin
|
||||
mountPath: /host/usr/libexec/cni
|
||||
- name: multus-cfg
|
||||
mountPath: /tmp/multus-conf
|
||||
terminationGracePeriodSeconds: 10
|
||||
@ -146,7 +147,7 @@ spec:
|
||||
path: /etc/cni/net.d
|
||||
- name: cnibin
|
||||
hostPath:
|
||||
path: /opt/cni/bin
|
||||
path: /usr/libexec/cni
|
||||
- name: multus-cfg
|
||||
configMap:
|
||||
name: multus-cni-config
|
||||
|
@ -28,7 +28,7 @@ dependencies:
|
||||
condition: gemini.enabled
|
||||
# repository: https://charts.fairwinds.com/stable
|
||||
- name: aws-ebs-csi-driver
|
||||
version: 2.6.3
|
||||
version: 2.6.4
|
||||
condition: aws-ebs-csi-driver.enabled
|
||||
# repository: https://kubernetes-sigs.github.io/aws-ebs-csi-driver
|
||||
- name: aws-efs-csi-driver
|
||||
|
@ -1,5 +1,9 @@
|
||||
# Helm chart
|
||||
|
||||
## v2.6.4
|
||||
|
||||
* Remove exposure all secrets to external-snapshotter-role
|
||||
|
||||
## v2.6.3
|
||||
|
||||
* Bump app/driver to version `v1.5.1`
|
||||
|
@ -19,4 +19,4 @@ maintainers:
|
||||
name: aws-ebs-csi-driver
|
||||
sources:
|
||||
- https://github.com/kubernetes-sigs/aws-ebs-csi-driver
|
||||
version: 2.6.3
|
||||
version: 2.6.4
|
||||
|
@ -9,9 +9,13 @@ rules:
|
||||
- apiGroups: [ "" ]
|
||||
resources: [ "events" ]
|
||||
verbs: [ "list", "watch", "create", "update", "patch" ]
|
||||
- apiGroups: [ "" ]
|
||||
resources: [ "secrets" ]
|
||||
verbs: [ "get", "list" ]
|
||||
# Secret permission is optional.
|
||||
# Enable it if your driver needs secret.
|
||||
# For example, `csi.storage.k8s.io/snapshotter-secret-name` is set in VolumeSnapshotClass.
|
||||
# See https://kubernetes-csi.github.io/docs/secrets-and-credentials.html for more details.
|
||||
# - apiGroups: [ "" ]
|
||||
# resources: [ "secrets" ]
|
||||
# verbs: [ "get", "list" ]
|
||||
- apiGroups: [ "snapshot.storage.k8s.io" ]
|
||||
resources: [ "volumesnapshotclasses" ]
|
||||
verbs: [ "get", "list", "watch" ]
|
||||
|
@ -2,7 +2,7 @@ apiVersion: v2
|
||||
name: kubezero
|
||||
description: KubeZero - Root App of Apps chart
|
||||
type: application
|
||||
version: 1.21.9-4
|
||||
version: 1.22.8-1
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
keywords:
|
||||
|
@ -1,6 +1,6 @@
|
||||
# kubezero
|
||||
|
||||
![Version: 1.21.9](https://img.shields.io/badge/Version-1.21.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
|
||||
![Version: 1.22.8-1](https://img.shields.io/badge/Version-1.22.8--1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
|
||||
|
||||
KubeZero - Root App of Apps chart
|
||||
|
||||
@ -14,7 +14,7 @@ KubeZero - Root App of Apps chart
|
||||
|
||||
## Requirements
|
||||
|
||||
Kubernetes: `>= 1.20.0`
|
||||
Kubernetes: `>= 1.22.0`
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
@ -26,29 +26,27 @@ Kubernetes: `>= 1.20.0`
|
||||
|-----|------|---------|-------------|
|
||||
| HighAvailableControlplane | bool | `false` | |
|
||||
| addons.enabled | bool | `false` | |
|
||||
| addons.targetRevision | string | `"0.2.4"` | |
|
||||
| addons.targetRevision | string | `"0.4.1"` | |
|
||||
| argocd.enabled | bool | `false` | |
|
||||
| argocd.istio.enabled | bool | `false` | |
|
||||
| argocd.namespace | string | `"argocd"` | |
|
||||
| argocd.targetRevision | string | `"0.9.4"` | |
|
||||
| argocd.targetRevision | string | `"0.9.6"` | |
|
||||
| cert-manager.enabled | bool | `false` | |
|
||||
| cert-manager.namespace | string | `"cert-manager"` | |
|
||||
| cert-manager.targetRevision | string | `"0.8.0"` | |
|
||||
| cert-manager.targetRevision | string | `"0.8.2"` | |
|
||||
| istio-ingress.enabled | bool | `false` | |
|
||||
| istio-ingress.namespace | string | `"istio-ingress"` | |
|
||||
| istio-ingress.targetRevision | string | `"0.7.6"` | |
|
||||
| istio.enabled | bool | `false` | |
|
||||
| istio.namespace | string | `"istio-system"` | |
|
||||
| istio.targetRevision | string | `"0.7.6"` | |
|
||||
| kiam.enabled | bool | `false` | |
|
||||
| kiam.targetRevision | string | `"0.3.5"` | |
|
||||
| kubezero.defaultTargetRevision | string | `"*"` | |
|
||||
| kubezero.gitSync | object | `{}` | |
|
||||
| kubezero.repoURL | string | `"https://cdn.zero-downtime.net/charts"` | |
|
||||
| kubezero.server | string | `"https://kubernetes.default.svc"` | |
|
||||
| logging.enabled | bool | `false` | |
|
||||
| logging.namespace | string | `"logging"` | |
|
||||
| logging.targetRevision | string | `"0.7.17"` | |
|
||||
| logging.targetRevision | string | `"0.7.19"` | |
|
||||
| metrics.enabled | bool | `false` | |
|
||||
| metrics.istio.grafana | object | `{}` | |
|
||||
| metrics.istio.prometheus | object | `{}` | |
|
||||
@ -56,11 +54,11 @@ Kubernetes: `>= 1.20.0`
|
||||
| metrics.targetRevision | string | `"0.7.4"` | |
|
||||
| network.enabled | bool | `false` | |
|
||||
| network.retain | bool | `true` | |
|
||||
| network.targetRevision | string | `"0.1.0"` | |
|
||||
| network.targetRevision | string | `"0.1.7"` | |
|
||||
| storage.aws-ebs-csi-driver.enabled | bool | `false` | |
|
||||
| storage.aws-efs-csi-driver.enabled | bool | `false` | |
|
||||
| storage.enabled | bool | `false` | |
|
||||
| storage.targetRevision | string | `"0.5.2"` | |
|
||||
| storage.targetRevision | string | `"0.5.7"` | |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0)
|
||||
|
@ -1,20 +0,0 @@
|
||||
{{- define "kiam-values" }}
|
||||
kiam:
|
||||
server:
|
||||
assumeRoleArn: "{{ .Values.kiam.IamArn }}"
|
||||
deployment:
|
||||
replicas: {{ ternary 2 1 .Values.HighAvailableControlplane }}
|
||||
prometheus:
|
||||
servicemonitor:
|
||||
enabled: {{ .Values.metrics.enabled }}
|
||||
agent:
|
||||
prometheus:
|
||||
servicemonitor:
|
||||
enabled: {{ .Values.metrics.enabled }}
|
||||
{{- end }}
|
||||
|
||||
|
||||
{{- define "kiam-argo" }}
|
||||
{{- end }}
|
||||
|
||||
{{ include "kubezero-app.app" . }}
|
@ -20,11 +20,6 @@ cert-manager:
|
||||
namespace: cert-manager
|
||||
targetRevision: 0.8.2
|
||||
|
||||
# deprecated - removed with 1.22
|
||||
kiam:
|
||||
enabled: false
|
||||
targetRevision: 0.3.5
|
||||
|
||||
storage:
|
||||
enabled: false
|
||||
targetRevision: 0.5.7
|
||||
@ -54,7 +49,7 @@ metrics:
|
||||
logging:
|
||||
enabled: false
|
||||
namespace: logging
|
||||
targetRevision: 0.7.18
|
||||
targetRevision: 0.8.0
|
||||
|
||||
argocd:
|
||||
enabled: false
|
||||
|
@ -13,30 +13,41 @@ mkdir -p $TMPDIR
|
||||
|
||||
[ -z "$DEBUG" ] && trap 'rm -rf $TMPDIR' ERR EXIT
|
||||
|
||||
for dir in $(find -L $SRCROOT/charts -mindepth 1 -maxdepth 1 -type d);
|
||||
do
|
||||
name=$(basename $dir)
|
||||
[[ $name =~ $CHARTS ]] || continue
|
||||
|
||||
#if [ $(helm dep list $dir 2>/dev/null| wc -l) -gt 1 ]
|
||||
#then
|
||||
# echo "Processing chart dependencies"
|
||||
# rm -rf $dir/tmpcharts
|
||||
# helm dependency update --skip-refresh $dir
|
||||
#fi
|
||||
function reset_index() {
|
||||
aws s3 sync $REPO_URL_S3/ $TMPDIR/
|
||||
helm repo index $TMPDIR --url $REPO_URL
|
||||
aws s3 cp $TMPDIR/index.yaml $REPO_URL_S3/ --cache-control max-age=1
|
||||
}
|
||||
|
||||
echo "Processing $dir"
|
||||
helm lint $dir
|
||||
helm package -d $TMPDIR $dir
|
||||
done
|
||||
|
||||
curl -L -s -o $TMPDIR/index.yaml ${REPO_URL}/index.yaml
|
||||
function publish_chart() {
|
||||
for dir in $(find -L $SRCROOT/charts -mindepth 1 -maxdepth 1 -type d);
|
||||
do
|
||||
name=$(basename $dir)
|
||||
[[ $name =~ $CHARTS ]] || continue
|
||||
|
||||
helm repo index $TMPDIR --url $REPO_URL --merge $TMPDIR/index.yaml
|
||||
#if [ $(helm dep list $dir 2>/dev/null| wc -l) -gt 1 ]
|
||||
#then
|
||||
# echo "Processing chart dependencies"
|
||||
# rm -rf $dir/tmpcharts
|
||||
# helm dependency update --skip-refresh $dir
|
||||
#fi
|
||||
|
||||
for p in $TMPDIR/*.tgz; do
|
||||
aws s3 cp $p $REPO_URL_S3/
|
||||
done
|
||||
aws s3 cp $TMPDIR/index.yaml $REPO_URL_S3/ --cache-control max-age=1
|
||||
echo "Processing $dir"
|
||||
helm lint $dir
|
||||
helm package -d $TMPDIR $dir
|
||||
done
|
||||
|
||||
rm -rf $TMPDIR
|
||||
curl -L -s -o $TMPDIR/index.yaml ${REPO_URL}/index.yaml
|
||||
helm repo index $TMPDIR --url $REPO_URL --merge $TMPDIR/index.yaml
|
||||
|
||||
for p in $TMPDIR/*.tgz; do
|
||||
aws s3 cp $p $REPO_URL_S3/
|
||||
done
|
||||
aws s3 cp $TMPDIR/index.yaml $REPO_URL_S3/ --cache-control max-age=1
|
||||
}
|
||||
|
||||
|
||||
publish_chart
|
||||
#reset_index
|
||||
|
Loading…
Reference in New Issue
Block a user