ZeroDownTime/KubeZero
3
0
Fork 0
Code Issues 1 Pull Requests 29 Packages Projects Releases Wiki Activity

Compare commits

base: ZeroDownTime:2542dcdd380388118b8e0c096ab082146ef8cd38
Branches Tags
ZeroDownTime:main
ZeroDownTime:renovate/kubezero-metrics-major-kubezero-metrics-dependencies
ZeroDownTime:renovate/kubezero-ci-kubezero-ci-dependencies
ZeroDownTime:renovate/kubezero-cache-major-kubezero-cache-dependencies
ZeroDownTime:renovate/kubezero-mq-major-kubezero-mq-dependencies
ZeroDownTime:renovate/kubezero-falco-major-kubezero-falco-dependencies
ZeroDownTime:renovate/docker.io-alpine-3.x
ZeroDownTime:renovate/kubezero-argo-kubezero-argo-dependencies
ZeroDownTime:renovate/kubezero-istio-kubezero-istio-dependencies
ZeroDownTime:renovate/kubezero-istio-gateway-kubezero-istio-gateway-dependencies
ZeroDownTime:renovate/kubezero-falco-kubezero-falco-dependencies
ZeroDownTime:renovate/kubezero-addons-kubezero-addons-dependencies
ZeroDownTime:renovate/kubezero-telemetry-kubezero-telemetry-dependencies
ZeroDownTime:renovate/kubezero-auth-kubezero-auth-dependencies
ZeroDownTime:renovate/kubezero-mq-kubezero-mq-dependencies
ZeroDownTime:renovate/kubezero-metrics-kubezero-metrics-dependencies
ZeroDownTime:renovate/kubezero-sql-kubezero-sql-dependencies
ZeroDownTime:renovate/kubezero-operators-kubezero-operators-dependencies
ZeroDownTime:renovate/nats-2.x
ZeroDownTime:renovate/kubezero-storage-kubezero-storage-dependencies
ZeroDownTime:release/v1.31
ZeroDownTime:renovate/manticore-major-manticore-dependencies
ZeroDownTime:renovate/kubezero-storage-major-kubezero-storage-dependencies
ZeroDownTime:renovate/kubezero-logging-kubezero-logging-dependencies
ZeroDownTime:renovate/kubezero-cache-kubezero-cache-dependencies
ZeroDownTime:renovate/kubezero-graph-kubezero-graph-dependencies
ZeroDownTime:renovate/public.ecr.aws-zero-downtime-fluentd-concenter-1.x
ZeroDownTime:renovate/manticore-manticore-dependencies
ZeroDownTime:renovate/kubezero-cert-manager-kubezero-cert-manager-dependencies
ZeroDownTime:renovate/natsio-nats-server-config-reloader-0.x
ZeroDownTime:renovate/natsio-prometheus-nats-exporter-0.x
ZeroDownTime:release/v1.30
ZeroDownTime:v1.31.6
..
compare: ZeroDownTime:c8a7fed963f74876307fdb279c721d2a47d86df3
Branches Tags
ZeroDownTime:main
ZeroDownTime:renovate/kubezero-metrics-major-kubezero-metrics-dependencies
ZeroDownTime:renovate/kubezero-ci-kubezero-ci-dependencies
ZeroDownTime:renovate/kubezero-cache-major-kubezero-cache-dependencies
ZeroDownTime:renovate/kubezero-mq-major-kubezero-mq-dependencies
ZeroDownTime:renovate/kubezero-falco-major-kubezero-falco-dependencies
ZeroDownTime:renovate/docker.io-alpine-3.x
ZeroDownTime:renovate/kubezero-argo-kubezero-argo-dependencies
ZeroDownTime:renovate/kubezero-istio-kubezero-istio-dependencies
ZeroDownTime:renovate/kubezero-istio-gateway-kubezero-istio-gateway-dependencies
ZeroDownTime:renovate/kubezero-falco-kubezero-falco-dependencies
ZeroDownTime:renovate/kubezero-addons-kubezero-addons-dependencies
ZeroDownTime:renovate/kubezero-telemetry-kubezero-telemetry-dependencies
ZeroDownTime:renovate/kubezero-auth-kubezero-auth-dependencies
ZeroDownTime:renovate/kubezero-mq-kubezero-mq-dependencies
ZeroDownTime:renovate/kubezero-metrics-kubezero-metrics-dependencies
ZeroDownTime:renovate/kubezero-sql-kubezero-sql-dependencies
ZeroDownTime:renovate/kubezero-operators-kubezero-operators-dependencies
ZeroDownTime:renovate/nats-2.x
ZeroDownTime:renovate/kubezero-storage-kubezero-storage-dependencies
ZeroDownTime:release/v1.31
ZeroDownTime:renovate/manticore-major-manticore-dependencies
ZeroDownTime:renovate/kubezero-storage-major-kubezero-storage-dependencies
ZeroDownTime:renovate/kubezero-logging-kubezero-logging-dependencies
ZeroDownTime:renovate/kubezero-cache-kubezero-cache-dependencies
ZeroDownTime:renovate/kubezero-graph-kubezero-graph-dependencies
ZeroDownTime:renovate/public.ecr.aws-zero-downtime-fluentd-concenter-1.x
ZeroDownTime:renovate/manticore-manticore-dependencies
ZeroDownTime:renovate/kubezero-cert-manager-kubezero-cert-manager-dependencies
ZeroDownTime:renovate/natsio-nats-server-config-reloader-0.x
ZeroDownTime:renovate/natsio-prometheus-nats-exporter-0.x
ZeroDownTime:release/v1.30
ZeroDownTime:v1.31.6

23 Commits
2542dcdd38 ... c8a7fed963

Author SHA1 Message Date
Renovate Bot
c8a7fed963 chore(deps): update kubezero-metrics-dependencies 2025-05-24 03:02:29 +00:00
Stefan Reimer
ccdf4652cf feat: upgrade ArgoCD to V3 2025-05-23 17:46:34 +00:00
Stefan Reimer
1b37ad37e7 Merge pull request 'chore(deps): update helm release argo-cd to v8' (#85) from renovate/kubezero-argo-major-kubezero-argo-dependencies into main 
Reviewed-on: #85
 2025-05-23 16:28:58 +00:00
Renovate Bot
94e3458364 chore(deps): update helm release argo-cd to v8 2025-05-23 16:28:58 +00:00
Stefan Reimer
e7673a1e59 Feat: first working Opensearch V3 2025-05-23 14:08:35 +00:00
Stefan Reimer
405eea7119 feat: add opensearch helm charts 2025-05-23 12:22:37 +00:00
Stefan Reimer
1c1ff749af Merge pull request 'chore(deps): update kubezero-telemetry-dependencies' (#103) from renovate/kubezero-telemetry-kubezero-telemetry-dependencies into main 
Reviewed-on: #103
 2025-05-23 12:19:12 +00:00
Renovate Bot
cc6650becb chore(deps): update kubezero-telemetry-dependencies 2025-05-23 12:19:12 +00:00
Stefan Reimer
4184cef843 chore: adjust control plane requests 2025-05-23 12:16:34 +00:00
Stefan Reimer
a811c595d9 feat: latest operators, remove opensearch 2025-05-22 14:31:53 +00:00
Stefan Reimer
487a625003 Merge pull request 'chore(deps): update helm release eck-operator to v3' (#105) from renovate/kubezero-operators-major-kubezero-operators-dependencies into main 
Reviewed-on: #105
 2025-05-22 14:30:22 +00:00
Renovate Bot
c97999fee4 chore(deps): update helm release eck-operator to v3 2025-05-22 14:30:22 +00:00
Stefan Reimer
a09fb25201 Merge pull request 'chore(deps): update kubezero-operators-dependencies' (#92) from renovate/kubezero-operators-kubezero-operators-dependencies into main 
Reviewed-on: #92
 2025-05-22 14:01:37 +00:00
Renovate Bot
66a975dbb4 chore(deps): update kubezero-operators-dependencies 2025-05-22 14:01:37 +00:00
Stefan Reimer
dcbe965292 feat: latest CI, 1.32 upgrade fixes 2025-05-22 13:49:27 +00:00
Stefan Reimer
1c0fcaf4dd Merge pull request 'chore(deps): update keycloak docker tag to v24.7.1' (#79) from renovate/kubezero-auth-kubezero-auth-dependencies into main 
Reviewed-on: #79
 2025-05-22 13:48:00 +00:00
Renovate Bot
9a2af5c94c chore(deps): update keycloak docker tag to v24.7.1 2025-05-22 13:48:00 +00:00
Stefan Reimer
0be77157f5 Merge pull request 'chore(deps): update kubezero-ci-dependencies (major)' (#109) from renovate/kubezero-ci-major-kubezero-ci-dependencies into main 
Reviewed-on: #109
 2025-05-22 13:20:46 +00:00
Renovate Bot
6d6b686196 chore(deps): update kubezero-ci-dependencies 2025-05-22 13:14:22 +00:00
Stefan Reimer
37f0d3c9f0 Merge pull request 'chore(deps): update kubezero-ci-dependencies' (#91) from renovate/kubezero-ci-kubezero-ci-dependencies into main 
Reviewed-on: #91
 2025-05-22 13:11:46 +00:00
Renovate Bot
a3294b78c0 chore(deps): update kubezero-ci-dependencies 2025-05-20 03:01:46 +00:00
Stefan Reimer
17e9720c42 feature: add optional grpcweb filter to ingress 2025-05-16 11:51:12 +00:00
Stefan Reimer
b05a4937bd fix: bump Istio minor incl. envoyfilter cleanup 2025-05-16 11:31:48 +00:00
178 changed files with 1605 additions and 5201 deletions
Show Stats Expand all files Collapse all files

17
.yamllint Normal file
View File

@ -0,0 +1,17 @@
---
extends: default
ignore: |
.yamllint
rules:
truthy:
allowed-values: ['true', 'false']
check-keys: False
level: error
line-length: disable
document-start: disable
comments:
min-spaces-from-content: 1
braces:
max-spaces-inside: 2

56
admin/hooks-1.31.sh
View File

@ -1,56 +0,0 @@
### v1.31
# All things BEFORE the first controller / control plane upgrade
pre_control_plane_upgrade_cluster() {
# add kubezero version label to existing controller nodes for aws-iam migration
for n in $(kubectl get nodes -l "node-role.kubernetes.io/control-plane=" | grep v1.30 | awk {'print $1}'); do
kubectl label node $n 'node.kubernetes.io/kubezero.version=v1.30.6' || true
done
# patch aws-iam-authenticator DS to NOT run pods on 1.31 controllers
kubectl patch ds aws-iam-authenticator -n kube-system -p '{"spec": {"template": {"spec": {"nodeSelector": {"node.kubernetes.io/kubezero.version": "v1.30.6"}}}}}' || true
}
# All things after the first controller / control plane upgrade
post_control_plane_upgrade_cluster() {
# delete previous root app controlled by kubezero module
kubectl delete application kubezero-git-sync -n argocd || true
# only patch appproject to keep SyncWindow in place
kubectl patch appproject kubezero -n argocd --type json -p='[{"op": "remove", "path": "/metadata/labels"}]' || true
kubectl patch appproject kubezero -n argocd --type json -p='[{"op": "remove", "path": "/metadata/annotations"}]' || true
}
# All things AFTER all contollers are on the new version
pre_cluster_upgrade_final() {
set +e
if [ "$PLATFORM" == "aws" ];then
# cleanup aws-iam-authenticator
kubectl delete clusterrolebinding aws-iam-authenticator
kubectl delete clusterrole aws-iam-authenticator
kubectl delete serviceaccount aws-iam-authenticator -n kube-system
kubectl delete cm aws-iam-authenticator -n kube-system
kubectl delete ds aws-iam-authenticator -n kube-system
kubectl delete IAMIdentityMapping kubezero-worker-nodes
kubectl delete IAMIdentityMapping kubernetes-admin
kubectl delete crd iamidentitymappings.iamauthenticator.k8s.aws
kubectl delete secret aws-iam-certs -n kube-system
fi
# Remove any helm hook related resources
kubectl delete rolebinding argo-argocd-redis-secret-init -n argocd
kubectl delete sa argo-argocd-redis-secret-init -n argocd
kubectl delete role argo-argocd-redis-secret-init -n argocd
kubectl delete job argo-argocd-redis-secret-init -n argocd
set -e
}
# Last call
post_cluster_upgrade_final() {
echo
}

2
admin/libhelm.sh
View File

@ -210,7 +210,7 @@ for manifest in yaml.safe_load_all(sys.stdin):
# helm template | kubectl apply -f - # helm template | kubectl apply -f -
# confine to one namespace if possible # confine to one namespace if possible
function render() { function render() {
helm secrets --evaluate-templates template $(chart_location $chart) -n $namespace --name-template $module $targetRevision --skip-tests --skip-crds -f $WORKDIR/values.yaml $API_VERSIONS --kube-version $KUBE_VERSION $@ \ helm secrets --evaluate-templates template $(chart_location $chart) -n $namespace --name-template $module $targetRevision --skip-tests --skip-crds -f $WORKDIR/values.yaml $API_VERSIONS --kube-version $KUBE_VERSION $ENV_VALUES \
| python3 -c ' | python3 -c '
#!/usr/bin/python3 #!/usr/bin/python3
import yaml import yaml

13
admin/migrate_argo_values.py
View File

@ -8,18 +8,9 @@ import yaml
def migrate(values): def migrate(values):
"""Actual changes here""" """Actual changes here"""
# migrate kubezero root app of apps to Argo chart # 1.32
try: try:
if values["kubezero"]: pass
try:
values["kubezero"].pop("syncPolicy")
except KeyError:
pass
values["kubezero"]["gitSync"]["repoUrl"] = values["kubezero"]["gitSync"].pop("repoURL")
values["argo"]["argo-cd"]["kubezero"] = values["kubezero"]["gitSync"]
values.pop("kubezero")
except KeyError: except KeyError:
pass pass

5
admin/upgrade_cluster.sh
View File

@ -2,7 +2,7 @@
set -eE set -eE
set -o pipefail set -o pipefail
KUBE_VERSION=v1.31 KUBE_VERSION=v1.32
ARGO_APP=${1:-/tmp/new-kubezero-argoapp.yaml} ARGO_APP=${1:-/tmp/new-kubezero-argoapp.yaml}
@ -38,9 +38,6 @@ echo "Applying remaining KubeZero modules..."
admin_job "apply_cert-manager, apply_istio, apply_istio-ingress, apply_istio-private-ingress, apply_logging, apply_metrics, apply_telemetry, apply_argo" admin_job "apply_cert-manager, apply_istio, apply_istio-ingress, apply_istio-private-ingress, apply_logging, apply_metrics, apply_telemetry, apply_argo"
# we replace the project during v1.31 so disable again
[ "$ARGOCD" == "true" ] && disable_argo
# Final step is to commit the new argocd kubezero app # Final step is to commit the new argocd kubezero app
kubectl get app kubezero -n argocd -o yaml | yq 'del(.status) | del(.metadata) | del(.operation) | .metadata.name="kubezero" | .metadata.namespace="argocd"' | yq 'sort_keys(..)' > $ARGO_APP kubectl get app kubezero -n argocd -o yaml | yq 'del(.status) | del(.metadata) | del(.operation) | .metadata.name="kubezero" | .metadata.namespace="argocd"' | yq 'sort_keys(..)' > $ARGO_APP

4
charts/kubeadm/templates/patches/kube-apiserver0.yaml
View File

@ -4,5 +4,5 @@ spec:
- name: kube-apiserver - name: kube-apiserver
resources: resources:
requests: requests:
cpu: 250m cpu: 200m
memory: 1268Mi memory: 1536Mi

4
charts/kubeadm/templates/patches/kube-controller-manager0.yaml
View File

@ -3,5 +3,5 @@ spec:
- name: kube-controller-manager - name: kube-controller-manager
resources: resources:
requests: requests:
cpu: 50m cpu: 30m
memory: 192Mi memory: 128Mi

4
charts/kubeadm/templates/patches/kube-scheduler0.yaml
View File

@ -3,5 +3,5 @@ spec:
- name: kube-scheduler - name: kube-scheduler
resources: resources:
requests: requests:
cpu: 50m cpu: 30m
memory: 96Mi memory: 64Mi

4
charts/kubezero-argo/Chart.yaml
View File

@ -1,7 +1,7 @@
apiVersion: v2 apiVersion: v2
description: KubeZero Argo - Events, Workflow, CD description: KubeZero Argo - Events, Workflow, CD
name: kubezero-argo name: kubezero-argo
version: 0.3.3 version: 0.4.0
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -22,7 +22,7 @@ dependencies:
repository: https://argoproj.github.io/argo-helm repository: https://argoproj.github.io/argo-helm
condition: argo-events.enabled condition: argo-events.enabled
- name: argo-cd - name: argo-cd
version: 7.9.0 version: 8.0.9
repository: https://argoproj.github.io/argo-helm repository: https://argoproj.github.io/argo-helm
condition: argo-cd.enabled condition: argo-cd.enabled
- name: argocd-image-updater - name: argocd-image-updater

13
charts/kubezero-argo/README.md
View File

@ -1,6 +1,6 @@
# kubezero-argo # kubezero-argo
![Version: 0.3.3](https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square) ![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square)
KubeZero Argo - Events, Workflow, CD KubeZero Argo - Events, Workflow, CD
@ -18,7 +18,7 @@ Kubernetes: `>= 1.30.0-0`
| Repository | Name | Version | | Repository | Name | Version |
|------------|------|---------| |------------|------|---------|
| https://argoproj.github.io/argo-helm | argo-cd | 7.9.0 | | https://argoproj.github.io/argo-helm | argo-cd | 8.0.9 |
| https://argoproj.github.io/argo-helm | argo-events | 2.4.15 | | https://argoproj.github.io/argo-helm | argo-events | 2.4.15 |
| https://argoproj.github.io/argo-helm | argocd-image-updater | 0.12.1 | | https://argoproj.github.io/argo-helm | argocd-image-updater | 0.12.1 |
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 |
@ -28,17 +28,16 @@ Kubernetes: `>= 1.30.0-0`
| Key | Type | Default | Description | | Key | Type | Default | Description |
|-----|------|---------|-------------| |-----|------|---------|-------------|
| argo-cd.configs.cm."application.instanceLabelKey" | string | `nil` | | | argo-cd.configs.cm."application.instanceLabelKey" | string | `nil` | |
| argo-cd.configs.cm."application.resourceTrackingMethod" | string | `"annotation"` | |
| argo-cd.configs.cm."resource.customizations" | string | `"argoproj.io/Application:\n health.lua: |\n hs = {}\n hs.status = \"Progressing\"\n hs.message = \"\"\n if obj.status ~= nil then\n if obj.status.health ~= nil then\n hs.status = obj.status.health.status\n if obj.status.health.message ~= nil then\n hs.message = obj.status.health.message\n end\n end\n end\n return hs\n"` | | | argo-cd.configs.cm."resource.customizations" | string | `"argoproj.io/Application:\n health.lua: |\n hs = {}\n hs.status = \"Progressing\"\n hs.message = \"\"\n if obj.status ~= nil then\n if obj.status.health ~= nil then\n hs.status = obj.status.health.status\n if obj.status.health.message ~= nil then\n hs.message = obj.status.health.message\n end\n end\n end\n return hs\n"` | |
| argo-cd.configs.cm."server.rbac.log.enforce.enable" | string | `nil` | |
| argo-cd.configs.cm."timeout.reconciliation" | string | `"300s"` | | | argo-cd.configs.cm."timeout.reconciliation" | string | `"300s"` | |
| argo-cd.configs.cm."ui.bannercontent" | string | `"KubeZero v1.31 - Release notes"` | | | argo-cd.configs.cm."ui.bannercontent" | string | `"KubeZero v1.32 - Release notes"` | |
| argo-cd.configs.cm."ui.bannerpermanent" | string | `"true"` | | | argo-cd.configs.cm."ui.bannerpermanent" | string | `"true"` | |
| argo-cd.configs.cm."ui.bannerposition" | string | `"bottom"` | | | argo-cd.configs.cm."ui.bannerposition" | string | `"bottom"` | |
| argo-cd.configs.cm."ui.bannerurl" | string | `"https://kubezero.com/releases/v1.31"` | | | argo-cd.configs.cm."ui.bannerurl" | string | `"https://kubezero.com/releases/v1.32"` | |
| argo-cd.configs.cm.installationID | string | `"KubeZero-ArgoCD"` | | | argo-cd.configs.cm.installationID | string | `"KubeZero-ArgoCD"` | |
| argo-cd.configs.cm.url | string | `"https://argocd.example.com"` | | | argo-cd.configs.cm.url | string | `"https://argocd.example.com"` | |
| argo-cd.configs.params."controller.diff.server.side" | string | `"true"` | | | argo-cd.configs.params."controller.diff.server.side" | string | `"true"` | |
| argo-cd.configs.params."controller.resource.health.persist" | string | `"false"` | |
| argo-cd.configs.params."controller.sync.timeout.seconds" | int | `1800` | | | argo-cd.configs.params."controller.sync.timeout.seconds" | int | `1800` | |
| argo-cd.configs.params."server.enable.gzip" | bool | `true` | | | argo-cd.configs.params."server.enable.gzip" | bool | `true` | |
| argo-cd.configs.params."server.insecure" | bool | `true` | | | argo-cd.configs.params."server.insecure" | bool | `true` | |
@ -54,7 +53,7 @@ Kubernetes: `>= 1.30.0-0`
| argo-cd.dex.enabled | bool | `false` | | | argo-cd.dex.enabled | bool | `false` | |
| argo-cd.enabled | bool | `false` | | | argo-cd.enabled | bool | `false` | |
| argo-cd.global.image.repository | string | `"public.ecr.aws/zero-downtime/zdt-argocd"` | | | argo-cd.global.image.repository | string | `"public.ecr.aws/zero-downtime/zdt-argocd"` | |
| argo-cd.global.image.tag | string | `"v2.14.9-1"` | | | argo-cd.global.image.tag | string | `"v3.0.3"` | |
| argo-cd.global.logging.format | string | `"json"` | | | argo-cd.global.logging.format | string | `"json"` | |
| argo-cd.global.networkPolicy.create | bool | `true` | | | argo-cd.global.networkPolicy.create | bool | `true` | |
| argo-cd.istio.enabled | bool | `false` | | | argo-cd.istio.enabled | bool | `false` | |

2
charts/kubezero-argo/dashboards.yaml
View File

@ -4,6 +4,6 @@ condition: 'index .Values "argo-cd" "controller" "metrics" "enabled"'
folder: KubeZero folder: KubeZero
dashboards: dashboards:
- name: ArgoCD - name: ArgoCD
url: https://grafana.com/api/dashboards/14584/revisions/1/download url: https://raw.githubusercontent.com/argoproj/argo-cd/refs/heads/master/examples/dashboard.json
tags: tags:
- ArgoCD - ArgoCD

2
charts/kubezero-argo/templates/argo-cd/grafana-dashboards.yaml
View File

File diff suppressed because one or more lines are too long

4
charts/kubezero-argo/templates/argo-cd/kubezero-git-sync-app.yaml
View File

@ -26,8 +26,8 @@ spec:
prune: true prune: true
syncOptions: syncOptions:
- ServerSideApply=true - ServerSideApply=true
- ApplyOutOfSyncOnly=true # - ApplyOutOfSyncOnly=true
info: info:
- name: "Source:" - name: "Source:"
value: "https://git.zero-downtime.net/ZeroDownTime/KubeZero/src/branch/release/v1.31/" value: "https://git.zero-downtime.net/ZeroDownTime/KubeZero/src/branch/release/v1.32/"
{{- end }} {{- end }}

9
charts/kubezero-argo/values.yaml
View File

@ -38,7 +38,7 @@ argo-cd:
format: json format: json
image: image:
repository: public.ecr.aws/zero-downtime/zdt-argocd repository: public.ecr.aws/zero-downtime/zdt-argocd
tag: v2.14.9-1 tag: v3.0.3
networkPolicy: networkPolicy:
create: true create: true
@ -49,8 +49,8 @@ argo-cd:
.sidebar { background: linear-gradient(to bottom, #6A4D79, #493558, #2D1B30, #0D0711); } .sidebar { background: linear-gradient(to bottom, #6A4D79, #493558, #2D1B30, #0D0711); }
cm: cm:
ui.bannercontent: "KubeZero v1.31 - Release notes" ui.bannercontent: "KubeZero v1.32 - Release notes"
ui.bannerurl: "https://kubezero.com/releases/v1.31" ui.bannerurl: "https://kubezero.com/releases/v1.32"
ui.bannerpermanent: "true" ui.bannerpermanent: "true"
ui.bannerposition: "bottom" ui.bannerposition: "bottom"
@ -59,9 +59,9 @@ argo-cd:
timeout.reconciliation: 300s timeout.reconciliation: 300s
application.resourceTrackingMethod: annotation
installationID: "KubeZero-ArgoCD" installationID: "KubeZero-ArgoCD"
application.instanceLabelKey: Null application.instanceLabelKey: Null
server.rbac.log.enforce.enable: Null
resource.customizations: | resource.customizations: |
argoproj.io/Application: argoproj.io/Application:
@ -89,7 +89,6 @@ argo-cd:
extraHosts: "git.zero-downtime.net ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7UgK7Z4dDcuIW1uMOsuwhrqdkJCvYG/ZjHtLM7WaKFxVRnzNnNkQJNncWIGNDUQ1xxrbsoSNRZDtk0NlOjNtx2aApSWl4iWghkpXELvsZtOZ7I9FSC/E6ImLC3KWfK7P0mhZaF6kHPfpu8Y6pjUyLBTpV1AaVwr0I8onyqGazJOVotTFaBFEi/sT0O2FUk7agwZYfj61w3JGOy3c+fmBcK3lXf/QM90tosOpJNuJ7n5Vk5FDDLkl9rO4XR/+mXHFvITiWb8F5C50YAwjYcy36yWSSryUAAHAuqpgotwh65vSG6fZvFhmEwO2BrCkOV5+k8iRfhy/yZODJzZ5V/5cbMbdZrY6lm/p5/S1wv8BEyPekBGdseqQjEO0IQiQHcMrfgTrrQ7ndbZzVZRByZI+wbGFkBCzNSJcNsoiHjs2EblxYyuW0qUvvrBxLnySvaxyPm4BOukSAZAOEaUrajpQlnHdnY1CGcgbwxw0LNv3euKQ3tDJSUlKO0Wd8d85PRv1THW4Ui9Lhsmv+BPA2vJZDOkx/n0oyPFAB0oyd5JNM38eFxLCmPC2OE63gDP+WmzVO61YCVTnvhpQjEOLawEWVFsk0y25R5z5BboDqJaOFnZF6i517O96cn17z3Ls4hxw3+0rlKczYRoyfUHs7KQENa4mY8YlJweNTBgld//RMUQ==" extraHosts: "git.zero-downtime.net ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7UgK7Z4dDcuIW1uMOsuwhrqdkJCvYG/ZjHtLM7WaKFxVRnzNnNkQJNncWIGNDUQ1xxrbsoSNRZDtk0NlOjNtx2aApSWl4iWghkpXELvsZtOZ7I9FSC/E6ImLC3KWfK7P0mhZaF6kHPfpu8Y6pjUyLBTpV1AaVwr0I8onyqGazJOVotTFaBFEi/sT0O2FUk7agwZYfj61w3JGOy3c+fmBcK3lXf/QM90tosOpJNuJ7n5Vk5FDDLkl9rO4XR/+mXHFvITiWb8F5C50YAwjYcy36yWSSryUAAHAuqpgotwh65vSG6fZvFhmEwO2BrCkOV5+k8iRfhy/yZODJzZ5V/5cbMbdZrY6lm/p5/S1wv8BEyPekBGdseqQjEO0IQiQHcMrfgTrrQ7ndbZzVZRByZI+wbGFkBCzNSJcNsoiHjs2EblxYyuW0qUvvrBxLnySvaxyPm4BOukSAZAOEaUrajpQlnHdnY1CGcgbwxw0LNv3euKQ3tDJSUlKO0Wd8d85PRv1THW4Ui9Lhsmv+BPA2vJZDOkx/n0oyPFAB0oyd5JNM38eFxLCmPC2OE63gDP+WmzVO61YCVTnvhpQjEOLawEWVFsk0y25R5z5BboDqJaOFnZF6i517O96cn17z3Ls4hxw3+0rlKczYRoyfUHs7KQENa4mY8YlJweNTBgld//RMUQ=="
params: params:
controller.resource.health.persist: "false"
controller.diff.server.side: "true" controller.diff.server.side: "true"
controller.sync.timeout.seconds: 1800 controller.sync.timeout.seconds: 1800

4
charts/kubezero-auth/Chart.yaml
View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-auth name: kubezero-auth
description: KubeZero umbrella chart for all things Authentication and Identity management description: KubeZero umbrella chart for all things Authentication and Identity management
type: application type: application
version: 0.6.2 version: 0.6.3
appVersion: 26.0.5 appVersion: 26.0.5
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
@ -18,6 +18,6 @@ dependencies:
repository: https://cdn.zero-downtime.net/charts/ repository: https://cdn.zero-downtime.net/charts/
- name: keycloak - name: keycloak
repository: "oci://registry-1.docker.io/bitnamicharts" repository: "oci://registry-1.docker.io/bitnamicharts"
version: 24.6.1 version: 24.7.1
condition: keycloak.enabled condition: keycloak.enabled
kubeVersion: ">= 1.30.0-0" kubeVersion: ">= 1.30.0-0"

4
charts/kubezero-auth/README.md
View File

@ -1,6 +1,6 @@
# kubezero-auth # kubezero-auth
![Version: 0.6.2](https://img.shields.io/badge/Version-0.6.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 26.0.5](https://img.shields.io/badge/AppVersion-26.0.5-informational?style=flat-square) ![Version: 0.6.3](https://img.shields.io/badge/Version-0.6.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 26.0.5](https://img.shields.io/badge/AppVersion-26.0.5-informational?style=flat-square)
KubeZero umbrella chart for all things Authentication and Identity management KubeZero umbrella chart for all things Authentication and Identity management
@ -19,7 +19,7 @@ Kubernetes: `>= 1.30.0-0`
| Repository | Name | Version | | Repository | Name | Version |
|------------|------|---------| |------------|------|---------|
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 |
| oci://registry-1.docker.io/bitnamicharts | keycloak | 24.6.1 | | oci://registry-1.docker.io/bitnamicharts | keycloak | 24.7.1 |
# Keycloak # Keycloak

10
charts/kubezero-ci/Chart.yaml
View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-ci name: kubezero-ci
description: KubeZero umbrella chart for all things CI description: KubeZero umbrella chart for all things CI
type: application type: application
version: 0.8.21 version: 0.8.23
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -18,19 +18,19 @@ dependencies:
version: 0.2.1 version: 0.2.1
repository: https://cdn.zero-downtime.net/charts/ repository: https://cdn.zero-downtime.net/charts/
- name: gitea - name: gitea
version: 11.0.0 version: 12.0.0
repository: https://dl.gitea.io/charts/ repository: https://dl.gitea.io/charts/
condition: gitea.enabled condition: gitea.enabled
- name: jenkins - name: jenkins
version: 5.8.18 version: 5.8.48
repository: https://charts.jenkins.io repository: https://charts.jenkins.io
condition: jenkins.enabled condition: jenkins.enabled
- name: trivy - name: trivy
version: 0.12.0 version: 0.14.1
repository: https://aquasecurity.github.io/helm-charts/ repository: https://aquasecurity.github.io/helm-charts/
condition: trivy.enabled condition: trivy.enabled
- name: renovate - name: renovate
version: 39.200.0 version: 40.22.1
repository: https://docs.renovatebot.com/helm-charts repository: https://docs.renovatebot.com/helm-charts
condition: renovate.enabled condition: renovate.enabled
kubeVersion: ">= 1.25.0" kubeVersion: ">= 1.25.0"

11
charts/kubezero-ci/README.md
View File

@ -1,6 +1,6 @@
# kubezero-ci # kubezero-ci
![Version: 0.8.21](https://img.shields.io/badge/Version-0.8.21-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.8.23](https://img.shields.io/badge/Version-0.8.23-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero umbrella chart for all things CI KubeZero umbrella chart for all things CI
@ -18,11 +18,11 @@ Kubernetes: `>= 1.25.0`
| Repository | Name | Version | | Repository | Name | Version |
|------------|------|---------| |------------|------|---------|
| https://aquasecurity.github.io/helm-charts/ | trivy | 0.12.0 | | https://aquasecurity.github.io/helm-charts/ | trivy | 0.14.1 |
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 |
| https://charts.jenkins.io | jenkins | 5.8.18 | | https://charts.jenkins.io | jenkins | 5.8.48 |
| https://dl.gitea.io/charts/ | gitea | 11.0.0 | | https://dl.gitea.io/charts/ | gitea | 12.0.0 |
| https://docs.renovatebot.com/helm-charts | renovate | 39.200.0 | | https://docs.renovatebot.com/helm-charts | renovate | 40.22.1 |
# Jenkins # Jenkins
- default build retention 10 builds, 32days - default build retention 10 builds, 32days
@ -68,7 +68,6 @@ Kubernetes: `>= 1.25.0`
| gitea.gitea.metrics.enabled | bool | `false` | | | gitea.gitea.metrics.enabled | bool | `false` | |
| gitea.gitea.metrics.serviceMonitor.enabled | bool | `true` | | | gitea.gitea.metrics.serviceMonitor.enabled | bool | `true` | |
| gitea.image.rootless | bool | `true` | | | gitea.image.rootless | bool | `true` | |
| gitea.image.tag | string | `"1.23.5"` | |
| gitea.istio.blockApi | bool | `false` | | | gitea.istio.blockApi | bool | `false` | |
| gitea.istio.enabled | bool | `false` | | | gitea.istio.enabled | bool | `false` | |
| gitea.istio.gateway | string | `"istio-ingress/private-ingressgateway"` | | | gitea.istio.gateway | string | `"istio-ingress/private-ingressgateway"` | |

320
charts/kubezero-ci/charts/jenkins/CHANGELOG.md
View File

@ -5,13 +5,133 @@ The release numbering uses [semantic versioning](http://semver.org).
Use the following links to reference issues, PRs, and commits prior to v2.6.0. Use the following links to reference issues, PRs, and commits prior to v2.6.0.
* Issue: `https://github.com/helm/charts/issues/[issue#]` - Issue: `https://github.com/helm/charts/issues/[issue#]`
* PR: `https://github.com/helm/charts/pull/[pr#]` - PR: `https://github.com/helm/charts/pull/[pr#]`
* Commit: `https://github.com/helm/charts/commit/[commit]/stable/jenkins` - Commit: `https://github.com/helm/charts/commit/[commit]/stable/jenkins`
The changelog until v1.5.7 was auto-generated based on git commits. The changelog until v1.5.7 was auto-generated based on git commits.
Those entries include a reference to the git commit to be able to get more details. Those entries include a reference to the git commit to be able to get more details.
## 5.8.48
Update `docker.io/bats/bats` to version `1.12.0`
## 5.8.47
Fix code styling for super-linter 7 upgrade
## 5.8.46
Update `kubernetes` to version `4340.v345364d31a_2a_`
## 5.8.45
Update `jenkins/inbound-agent` to version `3309.v27b_9314fd1a_4-2`
## 5.8.44
Fix the default value for `controller.sidecars.configAutoReload.env` (change from `{}` to `[]`) to address `coalesce.go:286: warning: cannot overwrite table with non table`.
## 5.8.43
Update `configuration-as-code` to version `1967.va_968e15fd05b_`
## 5.8.42
Update `kubernetes` to version `4336.v55d9a_494db_38`
## 5.8.41
Update `jenkins/inbound-agent` to version `3309.v27b_9314fd1a_4-1`
## 5.8.40
Update `kubernetes` to version `4334.v32b_f157682d6`
## 5.8.39
Update `configuration-as-code` to version `1963.v24e046127a_3f`
## 5.8.38
Update `jenkins/jenkins` to version `2.504.1-jdk21`
## 5.8.37
Update `jenkins/inbound-agent` to version `3307.v632ed11b_3a_c7-2`
## 5.8.36
Update `configuration-as-code` to version `1958.vddc0d369b_e16`
## 5.8.35
Support .Values.agent.garbageCollection also in secondary clouds
## 5.8.34
Added .Values.agent.instanceCap to limit number of agents of each type.
## 5.8.33
Update `configuration-as-code` to version `1953.v148f87d74b_1e`
## 5.8.32
Update `jenkins/jenkins` to version `2.492.3-jdk21`
## 5.8.31
Update `jenkins/jenkins` to version `2.492.3-jdk17`
## 5.8.30
Update `jenkins/inbound-agent` to version `3301.v4363ddcca_4e7-3`
## 5.8.29
Update `docker.io/kiwigrid/k8s-sidecar` to version `1.30.3`
## 5.8.28
Update `jenkins/inbound-agent` to version `3301.v4363ddcca_4e7-2`
## 5.8.27
Update `jenkins/inbound-agent` to version `3301.v4363ddcca_4e7-1`
## 5.8.26
Update `jenkins/inbound-agent` to version `3299.v0d0d06908537-2`
## 5.8.25
Fix indentation in `values.yaml`
## 5.8.24
Update `workflow-aggregator` to version `608.v67378e9d3db_1`
## 5.8.23
Update `configuration-as-code` to version `1947.v7d33fe23569c`
## 5.8.22
Update `jenkins/inbound-agent` to version `3299.v0d0d06908537-1`
## 5.8.21
Update `kubernetes` to version `4324.vfec199a_33512`
## 5.8.20
Update `jenkins/inbound-agent` to version `3291.vb_131b_dc231fa_-1`
## 5.8.19
Update `docker.io/kiwigrid/k8s-sidecar` to version `1.30.2`
## 5.8.18 ## 5.8.18
Update `jenkins/jenkins` to version `2.492.2-jdk17` Update `jenkins/jenkins` to version `2.492.2-jdk17`
@ -134,7 +254,7 @@ Update `docker.io/bats/bats` to version `1.11.1`
## 5.7.16 ## 5.7.16
Add tpl support for persistence.storageClassName in home-pvc.yaml and tpl support in controller.ingress parameters(ingressClassName, annotations, hostname) in jenkins-controller-ingress.yaml Add tpl support for persistence.storageClassName in home-pvc.yaml and tpl support in controller.ingress parameters(ingressClassName, annotations, hostname) in jenkins-controller-ingress.yaml
## 5.7.15 ## 5.7.15
@ -289,7 +409,6 @@ Update `kubernetes` to version `4265.v78b_d4a_1c864a_`
Introduce capability of set skipTlsVerify and usageRestricted flags in additionalClouds Introduce capability of set skipTlsVerify and usageRestricted flags in additionalClouds
## 5.4.4 ## 5.4.4
Update CHANGELOG.md, README.md, and UPGRADING.md for linting Update CHANGELOG.md, README.md, and UPGRADING.md for linting
@ -321,6 +440,7 @@ Update `kubernetes` to version `4253.v7700d91739e5`
## 5.3.4 ## 5.3.4
Update `jenkins/jenkins` to version `2.452.3-jdk17` Update `jenkins/jenkins` to version `2.452.3-jdk17`
## 5.3.3 ## 5.3.3
Update `jenkins/inbound-agent` to version `3256.v88a_f6e922152-1` Update `jenkins/inbound-agent` to version `3256.v88a_f6e922152-1`
@ -501,7 +621,6 @@ Enable support for deleting plugin configuration files at startup.
Fixed changelog entries for previous version bumps Fixed changelog entries for previous version bumps
## 5.0.14 ## 5.0.14
Update `jenkins/jenkins` to version `2.440.1-jdk17` Update `jenkins/jenkins` to version `2.440.1-jdk17`
@ -516,8 +635,8 @@ Fix controller.sidecars.additionalSidecarContainers renaming and add tests
## 5.0.11 ## 5.0.11
* Add controller.sidecars.configAutoReload.scheme to specify protocol scheme when connecting Jenkins configuration-as-code reload endpoint - Add controller.sidecars.configAutoReload.scheme to specify protocol scheme when connecting Jenkins configuration-as-code reload endpoint
* Add controller.sidecars.configAutoReload.skipTlsVerify to force the k8s-sidecar container to skip TLS verification when connecting to an HTTPS Jenkins configuration-as-code reload endpoint - Add controller.sidecars.configAutoReload.skipTlsVerify to force the k8s-sidecar container to skip TLS verification when connecting to an HTTPS Jenkins configuration-as-code reload endpoint
## 5.0.10 ## 5.0.10
@ -557,8 +676,8 @@ Update `docker.io/bats/bats` to version `v1.10.0`
## 5.0.0 ## 5.0.0
> [!CAUTION] > [!CAUTION]
> Several fields have been renamed or removed. See [UPGRADING.md](./UPGRADING.md#to-500) > Several fields have been renamed or removed. See [UPGRADING.md](./UPGRADING.md#to-500)
The Helm Chart is now updated automatically via [Renovate](https://docs.renovatebot.com/) The Helm Chart is now updated automatically via [Renovate](https://docs.renovatebot.com/)
@ -571,7 +690,7 @@ Update Jenkins image and appVersion to jenkins lts release version 2.426.3
Add support for [generic ephemeral storage](https://github.com/jenkinsci/kubernetes-plugin/pull/1489) in `agent.volumes` and `agents.workspaceVolume`. Add support for [generic ephemeral storage](https://github.com/jenkinsci/kubernetes-plugin/pull/1489) in `agent.volumes` and `agents.workspaceVolume`.
| plugin | old version | new version | | plugin | old version | new version |
|------------|---------------------|--------------------| | ---------- | ------------------- | ------------------ |
| kubernetes | 4029.v5712230ccb_f8 | 4174.v4230d0ccd951 | | kubernetes | 4029.v5712230ccb_f8 | 4174.v4230d0ccd951 |
## 4.11.2 ## 4.11.2
@ -594,8 +713,8 @@ Bumped Jenkins inbound agent from 3107.v665000b_51092-15 to 3192.v713e3b_039fb_e
Update Jenkins image and appVersion to jenkins lts release version 2.426.2 Update Jenkins image and appVersion to jenkins lts release version 2.426.2
Notes about [Artifact Hub](https://artifacthub.io/packages/helm/jenkinsci/jenkins?modal=changelog) changelog processing: Notes about [Artifact Hub](https://artifacthub.io/packages/helm/jenkinsci/jenkins?modal=changelog) changelog processing:
- Remove empty lines - Remove empty lines
- Keep only ASCII characters (no emojis) - Keep only ASCII characters (no emojis)
- One change per line - One change per line
@ -691,7 +810,6 @@ Added `.Values.controller.httpsKeyStore.jenkinsHttpsJksPasswordSecretKey` to all
Update Jenkins image and appVersion to jenkins lts release version 2.414.1 Update Jenkins image and appVersion to jenkins lts release version 2.414.1
## 4.5.0 ## 4.5.0
Added `.Values.persistence.dataSource` to allow cloning home PVC from existing dataSource. Added `.Values.persistence.dataSource` to allow cloning home PVC from existing dataSource.
@ -700,7 +818,6 @@ Added `.Values.persistence.dataSource` to allow cloning home PVC from existing d
Update Jenkins image and appVersion to jenkins lts release version 2.401.3 Update Jenkins image and appVersion to jenkins lts release version 2.401.3
## 4.4.1 ## 4.4.1
Added `.Values.agent.jnlpregistry` to allow agents to be configured with private registry. Added `.Values.agent.jnlpregistry` to allow agents to be configured with private registry.
@ -709,7 +826,6 @@ Added `.Values.agent.jnlpregistry` to allow agents to be configured with private
Add config keys for liveness probes on agent containers. Add config keys for liveness probes on agent containers.
## 4.3.30 ## 4.3.30
Update Jenkins version in controller test matching LTS version Update Jenkins version in controller test matching LTS version
@ -718,7 +834,6 @@ Update Jenkins version in controller test matching LTS version
Update Jenkins image and appVersion to jenkins lts release version 2.401.2 Update Jenkins image and appVersion to jenkins lts release version 2.401.2
## 4.3.28 ## 4.3.28
Allow the kubernetes API server URL to be configurable. Allow the kubernetes API server URL to be configurable.
@ -734,8 +849,8 @@ Fix various typos in the chart documentation.
## 4.3.25 ## 4.3.25
| plugin | old version | new version | | plugin | old version | new version |
|-----------------------|----------------------|-----------------------| | --------------------- | -------------------- | --------------------- |
| kubernetes | 3900.va_dce992317b_4 | 3937.vd7b_82db_e347b_ | | kubernetes | 3900.va_dce992317b_4 | 3937.vd7b*82db_e347b* |
| configuration-as-code | 1625.v27444588cc3d | 1647.ve39ca_b_829b_42 | | configuration-as-code | 1625.v27444588cc3d | 1647.ve39ca_b_829b_42 |
| git | 5.0.0 | 5.1.0 | | git | 5.0.0 | 5.1.0 |
| ldap | 671.v2a_9192a_7419d | 682.v7b_544c9d1512 | | ldap | 671.v2a_9192a_7419d | 682.v7b_544c9d1512 |
@ -744,46 +859,38 @@ Fix various typos in the chart documentation.
Update Jenkins image and appVersion to jenkins lts release version 2.401.1 Update Jenkins image and appVersion to jenkins lts release version 2.401.1
## 4.3.23 ## 4.3.23
Update Jenkins image and appVersion to jenkins lts release version 2.387.3 Update Jenkins image and appVersion to jenkins lts release version 2.387.3
## 4.3.22 ## 4.3.22
Bump chart version. Bump chart version.
## 4.3.21 ## 4.3.21
Document building charts for weekly releases. Document building charts for weekly releases.
## 4.3.20 ## 4.3.20
Enhance repository appearance and miscellaneous cleanup. Enhance repository appearance and miscellaneous cleanup.
## 4.3.19 ## 4.3.19
Comply with superlinter rules and address ShellCheck issues. Comply with superlinter rules and address ShellCheck issues.
## 4.3.18 ## 4.3.18
Bump kiwigrid/k8s-sidecar from 1.15.0 to 1.23.1. Bump kiwigrid/k8s-sidecar from 1.15.0 to 1.23.1.
## 4.3.17 ## 4.3.17
Bump jenkins/inbound-agent from 4.11.2-4 to 3107.v665000b_51092-5. Bump jenkins/inbound-agent from 4.11.2-4 to 3107.v665000b_51092-5.
## 4.3.16 ## 4.3.16
Update bundled plugins: Update bundled plugins:
- [ldap](https://plugins.jenkins.io/ldap/): From 2.5 to 671.v2a_9192a_7419d - [ldap](https://plugins.jenkins.io/ldap/): From 2.5 to 671.v2a_9192a_7419d
- [kubernetes](https://plugins.jenkins.io/kubernetes/): From 3734.v562b_b_a_627ea_c to 3900.va_dce992317b_4 - [kubernetes](https://plugins.jenkins.io/kubernetes/): From 3734.v562b_b_a_627ea_c to 3900.va_dce992317b_4
- [workflow-aggregator](https://plugins.jenkins.io/workflow-aggregator/): From 590.v6a_d052e5a_a_b_5 to 590.v6a_d052e5a_a_b_5 - [workflow-aggregator](https://plugins.jenkins.io/workflow-aggregator/): From 590.v6a_d052e5a_a_b_5 to 590.v6a_d052e5a_a_b_5
@ -791,29 +898,24 @@ Update bundled plugins:
## 4.3.15 ## 4.3.15
Update bats from 1.2.1 to 1.9.0. Update bats from 1.2.1 to 1.9.0.
## 4.3.14 ## 4.3.14
Update various GH actions, typo fixes, and miscellaneous chores. Update various GH actions, typo fixes, and miscellaneous chores.
## 4.3.13 ## 4.3.13
Bump helm-unittest from 0.2.8 to 0.2.11. Bump helm-unittest from 0.2.8 to 0.2.11.
## 4.3.12 ## 4.3.12
Update wording in values.yml. Update wording in values.yml.
## 4.3.11 ## 4.3.11
Update Jenkins image and appVersion to jenkins lts release version 2.387.2 Update Jenkins image and appVersion to jenkins lts release version 2.387.2
## 4.3.10 ## 4.3.10
Correct incorrect env var definition Correct incorrect env var definition
@ -845,7 +947,6 @@ Added `.Values.helmtest.bats.image` and `.Values.helmtest.bats.image` to allow u
Update Jenkins image and appVersion to jenkins lts release version 2.375.3 Update Jenkins image and appVersion to jenkins lts release version 2.375.3
## 4.3.3 ## 4.3.3
Removed hardcoding of chart version in tests to make maintenance easier Removed hardcoding of chart version in tests to make maintenance easier
@ -855,7 +956,6 @@ Removed hardcoding of chart version in tests to make maintenance easier
Added `.Values.serviceAccount.extraLabels` on Service Account Added `.Values.serviceAccount.extraLabels` on Service Account
Added `.Values.serviceAccountAgent.extraLabels` on Agent's Service Account Added `.Values.serviceAccountAgent.extraLabels` on Agent's Service Account
## 4.3.0 ## 4.3.0
Moved use of `.Values.containerEnv` within `jenkins` Container to top of `env` block to allow for subsequent Environment Variables to reference these additional ones. Moved use of `.Values.containerEnv` within `jenkins` Container to top of `env` block to allow for subsequent Environment Variables to reference these additional ones.
@ -864,7 +964,6 @@ Moved use of `.Values.containerEnv` within `jenkins` Container to top of `env` b
Update Jenkins image and appVersion to jenkins lts release version 2.375.2 Update Jenkins image and appVersion to jenkins lts release version 2.375.2
## 4.2.20 ## 4.2.20
Fixed the `controller.prometheus.metricRelabelings` being unable to convert the value to the ServiceMonitor. Fixed the `controller.prometheus.metricRelabelings` being unable to convert the value to the ServiceMonitor.
@ -883,7 +982,6 @@ Added option to set secretEnvVars.
Update Jenkins image and appVersion to jenkins lts release version 2.375.1 Update Jenkins image and appVersion to jenkins lts release version 2.375.1
## 4.2.16 ## 4.2.16
Fixed chart notes not rendering Jenkins URL with prefix when `controller.jenkinsUriPrefix` is set. Fixed chart notes not rendering Jenkins URL with prefix when `controller.jenkinsUriPrefix` is set.
@ -906,43 +1004,49 @@ Adding `tpl` to `controller.additionalExistingSecrets`
Update Jenkins image and appVersion to jenkins lts release version 2.361.3 Update Jenkins image and appVersion to jenkins lts release version 2.361.3
## 4.2.11 ## 4.2.11
Update default plugin versions Update default plugin versions
| plugin | old version | new version | | plugin | old version | new version |
|-----------------------|-----------------------|------------------------| | --------------------- | ------------------- | ---------------------- |
| kubernetes | 3706.vdfb_d599579f3 | 3734.v562b_b_a_627ea_c | | kubernetes | 3706.vdfb_d599579f3 | 3734.v562b_b_a_627ea_c |
| git | 4.11.5 | 4.13.0 | | git | 4.11.5 | 4.13.0 |
| configuration-as-code | 1512.vb_79d418d5fc8 | 1569.vb_72405b_80249 | | configuration-as-code | 1512.vb_79d418d5fc8 | 1569.vb_72405b_80249 |
## 4.2.10 ## 4.2.10
Fix grammar and typos Fix grammar and typos
## 4.2.9 ## 4.2.9
Update Jenkins image and appVersion to jenkins lts release version 2.361.2 Update Jenkins image and appVersion to jenkins lts release version 2.361.2
## 4.2.8 ## 4.2.8
Modify the condition to trigger copying jenkins_config files when configAutoReload option is disabled during Jenkins initialization Modify the condition to trigger copying jenkins_config files when configAutoReload option is disabled during Jenkins initialization
## 4.2.7 ## 4.2.7
Support for remote URL for configuration Support for remote URL for configuration
## 4.2.6 ## 4.2.6
Add option to set hostnetwork for agents Add option to set hostnetwork for agents
## 4.2.5 ## 4.2.5
Add an extra optional argument to extraPorts in order to specify targetPort Add an extra optional argument to extraPorts in order to specify targetPort
## 4.2.4 ## 4.2.4
Remove k8s capibility requirements when setting priority class for controller Remove k8s capibility requirements when setting priority class for controller
## 4.2.3 Update plugin versions ## 4.2.3 Update plugin versions
| plugin | old version | new version | | plugin | old version | new version |
| --------------------- | --------------------- | --------------------- | | --------------------- | --------------------- | --------------------- |
| kubernetes | 3600.v144b_cd192ca_a_ | 3706.vdfb_d599579f3 | | kubernetes | 3600.v144b*cd192ca_a* | 3706.vdfb_d599579f3 |
| workflow-aggregator | 581.v0c46fa_697ffd | 590.v6a_d052e5a_a_b_5 | | workflow-aggregator | 581.v0c46fa_697ffd | 590.v6a_d052e5a_a_b_5 |
| configuration-as-code | 1429.v09b_044a_c93de | 1512.vb_79d418d5fc8 | | configuration-as-code | 1429.v09b_044a_c93de | 1512.vb_79d418d5fc8 |
| git | 4.11.3 | 4.11.5 | | git | 4.11.3 | 4.11.5 |
@ -966,17 +1070,14 @@ Add option to provide additional containers to agents
Update Jenkins image and appVersion to jenkins lts release version 2.361.1 Update Jenkins image and appVersion to jenkins lts release version 2.361.1
## 4.1.17 ## 4.1.17
Update Jenkins casc default settings to allow `security` configs to be provided Update Jenkins casc default settings to allow `security` configs to be provided
## 4.1.16 ## 4.1.16
Update Jenkins image and appVersion to jenkins lts release version 2.346.3 Update Jenkins image and appVersion to jenkins lts release version 2.346.3
## 4.1.15 ## 4.1.15
`projectNamingStrategy` is configurable in default config. `projectNamingStrategy` is configurable in default config.
@ -989,7 +1090,6 @@ If `installPlugins` is disabled, don't create unused plugins volume.
Update Jenkins image and appVersion to jenkins lts release version 2.346.2 Update Jenkins image and appVersion to jenkins lts release version 2.346.2
## 4.1.12 ## 4.1.12
If keystore is defined, it is now also made available in the initContainer. If keystore is defined, it is now also made available in the initContainer.
@ -1002,7 +1102,6 @@ JCasC ConfigMaps now generate their name from the `jenkins.casc.configName` help
Update Jenkins image and appVersion to jenkins lts release version 2.346.1 Update Jenkins image and appVersion to jenkins lts release version 2.346.1
## 4.1.9 ## 4.1.9
Allow setting `imagePullSecret` for backup job via `backup.imagePullSecretName` Allow setting `imagePullSecret` for backup job via `backup.imagePullSecretName`
@ -1024,12 +1123,15 @@ project adminSecret, additionalSecrets and additionalExistingSecrets instead of
Update readme to fix `JAVA_OPTS` name. Update readme to fix `JAVA_OPTS` name.
## 4.1.4 ## 4.1.4
Update plugins Update plugins
## 4.1.3 ## 4.1.3
Update jenkins-controller-statefulset projected volumes definition Update jenkins-controller-statefulset projected volumes definition
## 4.1.1 ## 4.1.1
Added 'controller.prometheus.metricRelabelings' to allow relabling and dropping unused prometheus metrics Added 'controller.prometheus.metricRelabelings' to allow relabling and dropping unused prometheus metrics
## 4.1.0 ## 4.1.0
@ -1062,9 +1164,9 @@ Update Jenkins image and appVersion to jenkins lts release version 2.332.2
## 3.11.9 Bump configuration-as-code plugin version ## 3.11.9 Bump configuration-as-code plugin version
| plugin | old version | new version | | plugin | old version | new version |
| --------------------- | ----------- | ----------- | | --------------------- | ----------- | ------------------ |
| configuration-as-code | 1.51 | 1414.v878271fc496f | | configuration-as-code | 1.51 | 1414.v878271fc496f |
## 3.11.8 ## 3.11.8
@ -1078,7 +1180,6 @@ Removed Configuration as Code `remotingSecurity` section for Jenkins 2.326 or ne
Update Jenkins image and appVersion to jenkins lts release version 2.332.1 Update Jenkins image and appVersion to jenkins lts release version 2.332.1
## 3.11.5 ## 3.11.5
Change Backup Role name function call to match the RoleDef function call in the Backup RoleBinding Change Backup Role name function call to match the RoleDef function call in the Backup RoleBinding
@ -1087,7 +1188,6 @@ Change Backup Role name function call to match the RoleDef function call in the
Update Jenkins image and appVersion to jenkins lts release version 2.319.3 Update Jenkins image and appVersion to jenkins lts release version 2.319.3
## 3.11.3 ## 3.11.3
Update kiwigrid/k8s-sidecar:1.15.0 Update kiwigrid/k8s-sidecar:1.15.0
@ -1101,21 +1201,19 @@ Improve example for workspaceVolume. Clarify that this is not a list.
Update configuration-as-code plugin to 1.55.1 Update configuration-as-code plugin to 1.55.1
## 3.11.0 ## 3.11.0
Update default plugin versions Update default plugin versions
| plugin | old version | new version | | plugin | old version | new version |
| --------------------- | ----------- | ----------- | | ---------- | ----------- | ----------- |
| kubernetes | 1.31.1 | 1.31.3 | | kubernetes | 1.31.1 | 1.31.3 |
| git | 4.10.1 | 4.10.2 | | git | 4.10.1 | 4.10.2 |
## 3.10.3 ## 3.10.3
Update Jenkins image and appVersion to jenkins lts release version 2.319.2 Update Jenkins image and appVersion to jenkins lts release version 2.319.2
## 3.10.2 ## 3.10.2
Fix definition of startupProbe when deploying on a Kubernetes cluster < 1.16 Fix definition of startupProbe when deploying on a Kubernetes cluster < 1.16
@ -1147,9 +1245,9 @@ Fix config reload request URL when httpsKeystore in use
Update Jenkins image and appVersion to jenkins lts release version 2.319.1 Update Jenkins image and appVersion to jenkins lts release version 2.319.1
Update following plugins: Update following plugins:
* kubernetes:1.30.11 - kubernetes:1.30.11
* git:4.10.0 - git:4.10.0
* configuration-as-code:1.54 - configuration-as-code:1.54
## 3.9.1 ## 3.9.1
@ -1215,33 +1313,39 @@ Fix httpsKeyStore mount when `controller.httpsKeyStore.enable` is `true`
Update Jenkins image and appVersion to jenkins lts release version 2.303.2 Update Jenkins image and appVersion to jenkins lts release version 2.303.2
## 3.6.0 ## 3.6.0
Support custom agent pod labels Support custom agent pod labels
## 3.5.20 ## 3.5.20
Disallow ingress on port 50000 when agent listener is disabled Disallow ingress on port 50000 when agent listener is disabled
## 3.5.19 ## 3.5.19
Add support for specifying termination-log behaviour for Jenkins controller Add support for specifying termination-log behaviour for Jenkins controller
## 3.5.18 ## 3.5.18
Add support for creating a Pod Disruption Budget for Jenkins controller Add support for creating a Pod Disruption Budget for Jenkins controller
## 3.5.17 ## 3.5.17
Update workdingDir to `/home/jenkins/agent` Update workdingDir to `/home/jenkins/agent`
## 3.5.16 ## 3.5.16
Update location of icon (wiki.jenkins.io is down) Update location of icon (wiki.jenkins.io is down)
## 3.5.15 ## 3.5.15
Add support for adding labels to the Jenkins home Persistent Volume Claim (pvc) Add support for adding labels to the Jenkins home Persistent Volume Claim (pvc)
## 3.5.14 ## 3.5.14
* Updated versions of default plugins - Updated versions of default plugins
* Use verbose logging during plugin installation - Use verbose logging during plugin installation
* download the latest version of all plugin dependencies (Fixes #442) - download the latest version of all plugin dependencies (Fixes #442)
## 3.5.13 ## 3.5.13
@ -1263,7 +1367,6 @@ Fixed `controller.customJenkinsLabels` not getting templated into the controller
Update Jenkins image and appVersion to jenkins lts release version 2.289.3 Update Jenkins image and appVersion to jenkins lts release version 2.289.3
## 3.5.8 ## 3.5.8
Add parameter `backup.serviceAccount.create` to disable service account creation for backup service and `backup.serviceAccount.name` to allow change of the SA name. Add parameter `backup.serviceAccount.create` to disable service account creation for backup service and `backup.serviceAccount.name` to allow change of the SA name.
@ -1294,6 +1397,7 @@ Update Jenkins image and appVersion to jenkins lts release version 2.289.2
Enable setting `controller.installLatestSpecifiedPlugins` to set whether to download the latest dependencies of any plugin that is requested to have the latest version. Enable setting `controller.installLatestSpecifiedPlugins` to set whether to download the latest dependencies of any plugin that is requested to have the latest version.
## 3.5.1 ## 3.5.1
Fix activeDeadlineSeconds wrong type bug in jenkins-backup-cronjob template Fix activeDeadlineSeconds wrong type bug in jenkins-backup-cronjob template
## 3.5.0 ## 3.5.0
@ -1317,43 +1421,56 @@ Make `controller.ingress.resourceRootUrl` compatible with API version networking
Update Jenkins image and appVersion to jenkins lts release version 2.289.1 Update Jenkins image and appVersion to jenkins lts release version 2.289.1
## 3.3.21 ## 3.3.21
`persistence.mounts` additionally mount to init container to allow custom CA certificate keystore `persistence.mounts` additionally mount to init container to allow custom CA certificate keystore
## 3.3.18 ## 3.3.18
Added `controller.overrideArgs` so any cli argument can be passed to the WAR. Added `controller.overrideArgs` so any cli argument can be passed to the WAR.
## 3.3.17 ## 3.3.17
Correct docs on disabling plugin installation Correct docs on disabling plugin installation
## 3.3.16 ## 3.3.16
Support generating `SecretClaim` resources in order to read secrets from HashiCorp Vault into Kubernetes using `kube-vault-controller`. Support generating `SecretClaim` resources in order to read secrets from HashiCorp Vault into Kubernetes using `kube-vault-controller`.
## 3.3.15 ## 3.3.15
Prevent `controller.httpsKeyStore` from improperly being quoted, leading to an invalid location on disk Prevent `controller.httpsKeyStore` from improperly being quoted, leading to an invalid location on disk
## 3.3.14 ## 3.3.14
Correct docs on disabling plugin installation Correct docs on disabling plugin installation
## 3.3.13 ## 3.3.13
Update plugins Update plugins
## 3.3.12 ## 3.3.12
Add `controller.additionalExistingSecrets` property Add `controller.additionalExistingSecrets` property
## 3.3.11 ## 3.3.11
Add support for disabling the Agent listener service via `controller.agentListenerEnabled`. Add support for disabling the Agent listener service via `controller.agentListenerEnabled`.
## 3.3.10 ## 3.3.10
Update Jenkins image and appVersion to jenkins lts release version 2.277.4 Update Jenkins image and appVersion to jenkins lts release version 2.277.4
## 3.3.9 ## 3.3.9
* Change helper template so user defined `agent.jenkinsUrl` value will always be used, if set
* Simplify logic for `jenkinsUrl` and `jenkinsTunnel` generation: always use fully qualified address - Change helper template so user defined `agent.jenkinsUrl` value will always be used, if set
- Simplify logic for `jenkinsUrl` and `jenkinsTunnel` generation: always use fully qualified address
## 3.3.8 ## 3.3.8
Update Jenkins image and appVersion to jenkins lts release version 2.277.3 Update Jenkins image and appVersion to jenkins lts release version 2.277.3
## 3.3.7 ## 3.3.7
fix controller-ingress line feed bug fix controller-ingress line feed bug
## 3.3.6 ## 3.3.6
@ -1369,7 +1486,6 @@ Use tpl function for environment vars. Fixes [https://github.com/jenkinsci/helm-
Update Jenkins image and appVersion to jenkins lts release version 2.277.2 Update Jenkins image and appVersion to jenkins lts release version 2.277.2
## 3.3.3 ## 3.3.3
Enable setting `controller.installLatestPlugins` to set whether to download the minimum required version of all dependencies. Enable setting `controller.installLatestPlugins` to set whether to download the minimum required version of all dependencies.
@ -1395,6 +1511,7 @@ Add missing `controller.jenkinsUrlProtocol` property
Add additional metadata `artifacthub.io/images` for artifacthub Add additional metadata `artifacthub.io/images` for artifacthub
## 3.2.4 ## 3.2.4
Update Jenkins image and appVersion to jenkins lts release version 2.277.1 Update Jenkins image and appVersion to jenkins lts release version 2.277.1
Update Git plugin version to v4.6.0 Update Git plugin version to v4.6.0
Update kubernetes plugin version to v1.29.2 Update kubernetes plugin version to v1.29.2
@ -1477,8 +1594,8 @@ Update Jenkins image and appVersion to jenkins lts release version 2.263.2
## 3.1.0 ## 3.1.0
* Added `.Values.controller.podSecurityContextOverride` and `.Values.backup.podSecurityContextOverride`. - Added `.Values.controller.podSecurityContextOverride` and `.Values.backup.podSecurityContextOverride`.
* Added simple default values tests for `jenkins-backup-cronjob.yaml`. - Added simple default values tests for `jenkins-backup-cronjob.yaml`.
## 3.0.14 ## 3.0.14
@ -1506,11 +1623,11 @@ Added support for backing up to Azure Blob Storage.
## 3.0.8 ## 3.0.8
* Typo in documentation - Typo in documentation
## 3.0.7 ## 3.0.7
* Add support for setting default agent workspaceVolume - Add support for setting default agent workspaceVolume
## 3.0.6 ## 3.0.6
@ -1518,47 +1635,47 @@ Use 2.263.1 image
## 3.0.5 ## 3.0.5
* Update appVersion to reflect new jenkins lts release version 2.263.1 - Update appVersion to reflect new jenkins lts release version 2.263.1
## 3.0.4 ## 3.0.4
* Fix documentation for additional secret mounts - Fix documentation for additional secret mounts
## 3.0.3 ## 3.0.3
* Update `README.md` with explanation on how to mount additional secrets - Update `README.md` with explanation on how to mount additional secrets
## 3.0.2 ## 3.0.2
* Fix `.Values.controller.tolerations` and `.Values.controller.nodeSelector` variable names in templates\jenkins-backup-cronjob.yaml - Fix `.Values.controller.tolerations` and `.Values.controller.nodeSelector` variable names in templates\jenkins-backup-cronjob.yaml
## 3.0.1 ## 3.0.1
* added 'runAsNonroot' to security context - added 'runAsNonroot' to security context
## 3.0.0 ## 3.0.0
* Chart uses StatefulSet instead of Deployment - Chart uses StatefulSet instead of Deployment
* XML configuration was removed in favor of JCasC - XML configuration was removed in favor of JCasC
* chart migrated to helm 3.0.0 (apiVersion v2) - chart migrated to helm 3.0.0 (apiVersion v2)
* offending terms have been removed - offending terms have been removed
* values have been renamed and re-ordered to make it easier to use - values have been renamed and re-ordered to make it easier to use
* already deprecated items have been removed - already deprecated items have been removed
* componentName for the controller is now `jenkins-controller` - componentName for the controller is now `jenkins-controller`
* componentName for the agent is now `jenkins-agent` - componentName for the agent is now `jenkins-agent`
* container names are now - container names are now
* `init` for the init container which downloads Jenkins plugins - `init` for the init container which downloads Jenkins plugins
* `jenkins` for the Jenkins controller - `jenkins` for the Jenkins controller
* `config-reload` for the sidecar container which automatically reloads JCasC - `config-reload` for the sidecar container which automatically reloads JCasC
* Updated UI tests to use official `bats/bats` image instead of `dduportal/bats` - Updated UI tests to use official `bats/bats` image instead of `dduportal/bats`
For migration instructions from previous versions and additional information check README.md. For migration instructions from previous versions and additional information check README.md.
## 2.19.0 ## 2.19.0
* Use lts version 2.249.3 - Use lts version 2.249.3
* Update kubernetes, workflow-aggregator, git and configuration-as-code plugins. - Update kubernetes, workflow-aggregator, git and configuration-as-code plugins.
* Fail apply_config.sh script if an error occurs. - Fail apply_config.sh script if an error occurs.
## 2.18.2 ## 2.18.2
@ -1958,7 +2075,7 @@ Update docs for Helm 3
Make `jenkins-home` attachable to Azure Disks without pvc Make `jenkins-home` attachable to Azure Disks without pvc
```yaml ```yaml
volumes: volumes:
- name: jenkins-home - name: jenkins-home
azureDisk: azureDisk:
kind: Managed kind: Managed
@ -1987,6 +2104,7 @@ Scriptapprovals are overwritten when overwriteConfig is enabled
Added documentation for `persistence.storageClass`. Added documentation for `persistence.storageClass`.
## 1.9.9 ## 1.9.9
Make `master.deploymentAnnotation` configurable. Make `master.deploymentAnnotation` configurable.
## 1.9.8 ## 1.9.8
@ -1996,7 +2114,7 @@ Make `agent.slaveConnectTimeout` configurable: by increasing this value Jenkins
## 1.9.7 Update plugin versions ## 1.9.7 Update plugin versions
| plugin | old version | new version | | plugin | old version | new version |
|-----------------------|-------------|-------------| | --------------------- | ----------- | ----------- |
| kubernetes | 1.18.2 | 1.21.2 | | kubernetes | 1.18.2 | 1.21.2 |
| workflow-job | 2.33 | 2.36 | | workflow-job | 2.33 | 2.36 |
| credentials-binding | 1.19 | 1.20 | | credentials-binding | 1.19 | 1.20 |
@ -2016,9 +2134,9 @@ Enables jenkins to use keystore inorder to have native ssl support #17790 <https
Google application credentials are kept in a file, which has to be mounted to a pod. You can set `gcpcredentials` in `existingSecret` as follows: Google application credentials are kept in a file, which has to be mounted to a pod. You can set `gcpcredentials` in `existingSecret` as follows:
```yaml ```yaml
existingSecret: existingSecret:
jenkins-service-account: jenkins-service-account:
gcpcredentials: application_default_credentials.json gcpcredentials: application_default_credentials.json
``` ```
Helm template then creates the necessary volume mounts and `GOOGLE_APPLICATION_CREDENTIALS` environmental variable. Helm template then creates the necessary volume mounts and `GOOGLE_APPLICATION_CREDENTIALS` environmental variable.
@ -2437,7 +2555,7 @@ commit: b02ae3f48
### Breaking changes ### Breaking changes
- values have been renamed to follow helm chart best practices for naming conventions so - values have been renamed to follow helm chart best practices for naming conventions so
that all variables start with a lowercase letter and words are separated with camelcase that all variables start with a lowercase letter and words are separated with camelCase
<https://helm.sh/docs/chart_best_practices/#naming-conventions> <https://helm.sh/docs/chart_best_practices/#naming-conventions>
- all resources are now using recommended standard labels - all resources are now using recommended standard labels
<https://helm.sh/docs/chart_best_practices/#standard-labels> <https://helm.sh/docs/chart_best_practices/#standard-labels>

12
charts/kubezero-ci/charts/jenkins/Chart.yaml
View File

@ -1,14 +1,14 @@
annotations: annotations:
artifacthub.io/category: integration-delivery artifacthub.io/category: integration-delivery
artifacthub.io/changes: | artifacthub.io/changes: |
- Update `jenkins/jenkins` to version `2.492.2-jdk17` - Update `docker.io/bats/bats` to version `1.12.0`
artifacthub.io/images: | artifacthub.io/images: |
- name: jenkins - name: jenkins
image: docker.io/jenkins/jenkins:2.492.2-jdk17 image: docker.io/jenkins/jenkins:2.504.1-jdk21
- name: k8s-sidecar - name: k8s-sidecar
image: docker.io/kiwigrid/k8s-sidecar:1.30.1 image: docker.io/kiwigrid/k8s-sidecar:1.30.3
- name: inbound-agent - name: inbound-agent
image: jenkins/inbound-agent:3283.v92c105e0f819-9 image: jenkins/inbound-agent:3309.v27b_9314fd1a_4-2
artifacthub.io/license: Apache-2.0 artifacthub.io/license: Apache-2.0
artifacthub.io/links: | artifacthub.io/links: |
- name: Chart Source - name: Chart Source
@ -18,7 +18,7 @@ annotations:
- name: support - name: support
url: https://github.com/jenkinsci/helm-charts/issues url: https://github.com/jenkinsci/helm-charts/issues
apiVersion: v2 apiVersion: v2
appVersion: 2.492.2 appVersion: 2.504.1
description: 'Jenkins - Build great things at any scale! As the leading open source description: 'Jenkins - Build great things at any scale! As the leading open source
automation server, Jenkins provides over 2000 plugins to support building, deploying automation server, Jenkins provides over 2000 plugins to support building, deploying
and automating any project. ' and automating any project. '
@ -46,4 +46,4 @@ sources:
- https://github.com/maorfr/kube-tasks - https://github.com/maorfr/kube-tasks
- https://github.com/jenkinsci/configuration-as-code-plugin - https://github.com/jenkinsci/configuration-as-code-plugin
type: application type: application
version: 5.8.18 version: 5.8.48

92
charts/kubezero-ci/charts/jenkins/README.md
View File

@ -227,8 +227,8 @@ Further JCasC examples can be found [here](https://github.com/jenkinsci/configur
#### Breaking out large Config as Code scripts #### Breaking out large Config as Code scripts
Jenkins Config as Code scripts can become quite large, and maintaining all of your scripts within one yaml file can be difficult. The Config as Code plugin itself suggests updating the `CASC_JENKINS_CONFIG` environment variable to be a comma separated list of paths for the plugin to traverse, picking up the yaml files as needed. Jenkins Config as Code scripts can become quite large, and maintaining all of your scripts within one yaml file can be difficult. The Config as Code plugin itself suggests updating the `CASC_JENKINS_CONFIG` environment variable to be a comma separated list of paths for the plugin to traverse, picking up the yaml files as needed.
However, under the Jenkins helm chart, this `CASC_JENKINS_CONFIG` value is maintained through the templates. A better solution is to split your `controller.JCasC.configScripts` into separate values files, and provide each file during the helm install. However, under the Jenkins helm chart, this `CASC_JENKINS_CONFIG` value is maintained through the templates. A better solution is to split your `controller.JCasC.configScripts` into separate values files, and provide each file during the helm install.
For example, you can have a values file (e.g values_main.yaml) that defines the values described in the `VALUES_SUMMARY.md` for your Jenkins configuration: For example, you can have a values file (e.g values_main.yaml) that defines the values described in the `VALUES_SUMMARY.md` for your Jenkins configuration:
@ -247,7 +247,7 @@ jenkins:
controller: controller:
JCasC: JCasC:
configScripts: configScripts:
jenkinsCasc: | jenkinsCasc: |
jenkins: jenkins:
disableRememberMe: false disableRememberMe: false
mode: NORMAL mode: NORMAL
@ -268,7 +268,7 @@ jenkins:
... ...
``` ```
When installing, you provide all relevant yaml files (e.g `helm install -f values_main.yaml -f values_jenkins_casc.yaml -f values_jenkins_unclassified.yaml ...`). Instead of updating the `CASC_JENKINS_CONFIG` environment variable to include multiple paths, multiple CasC yaml files will be created in the same path `var/jenkins_home/casc_configs`. When installing, you provide all relevant yaml files (e.g `helm install -f values_main.yaml -f values_jenkins_casc.yaml -f values_jenkins_unclassified.yaml ...`). Instead of updating the `CASC_JENKINS_CONFIG` environment variable to include multiple paths, multiple CasC yaml files will be created in the same path `var/jenkins_home/casc_configs`.
#### Config as Code With or Without Auto-Reload #### Config as Code With or Without Auto-Reload
@ -295,27 +295,36 @@ This option requires installation of the [OWASP Markup Formatter Plugin (antisam
This plugin is **not** installed by default but may be added to `controller.additionalPlugins`. This plugin is **not** installed by default but may be added to `controller.additionalPlugins`.
### Change max connections to Kubernetes API ### Change max connections to Kubernetes API
When using agents with containers other than JNLP, The kubernetes plugin will communicate with those containers using the Kubernetes API. this changes the maximum concurrent connections When using agents with containers other than JNLP, The kubernetes plugin will communicate with those containers using the Kubernetes API. this changes the maximum concurrent connections
```yaml ```yaml
agent: agent:
maxRequestsPerHostStr: "32" maxRequestsPerHostStr: "32"
``` ```
This will change the configuration of the kubernetes "cloud" (as called by jenkins) that is created automatically as part of this helm chart. This will change the configuration of the kubernetes "cloud" (as called by jenkins) that is created automatically as part of this helm chart.
### Change container cleanup timeout API ### Change container cleanup timeout API
For tasks that use very large images, this timeout can be increased to avoid early termination of the task while the Kubernetes pod is still deploying. For tasks that use very large images, this timeout can be increased to avoid early termination of the task while the Kubernetes pod is still deploying.
```yaml ```yaml
agent: agent:
retentionTimeout: "32" retentionTimeout: "32"
``` ```
This will change the configuration of the kubernetes "cloud" (as called by jenkins) that is created automatically as part of this helm chart. This will change the configuration of the kubernetes "cloud" (as called by jenkins) that is created automatically as part of this helm chart.
### Change seconds to wait for pod to be running ### Change seconds to wait for pod to be running
This will change how long Jenkins will wait (seconds) for pod to be in running state. This will change how long Jenkins will wait (seconds) for pod to be in running state.
```yaml ```yaml
agent: agent:
waitForPodSec: "32" waitForPodSec: "32"
``` ```
This will change the configuration of the kubernetes "cloud" (as called by jenkins) that is created automatically as part of this helm chart. This will change the configuration of the kubernetes "cloud" (as called by jenkins) that is created automatically as part of this helm chart.
### Mounting Volumes into Agent Pods ### Mounting Volumes into Agent Pods
@ -325,9 +334,9 @@ Your Jenkins Agents will run as pods, and it's possible to inject volumes where
```yaml ```yaml
agent: agent:
volumes: volumes:
- type: Secret - type: Secret
secretName: jenkins-mysecrets secretName: jenkins-mysecrets
mountPath: /var/run/secrets/jenkins-mysecrets mountPath: /var/run/secrets/jenkins-mysecrets
``` ```
The supported volume types are: `ConfigMap`, `EmptyDir`, `HostPath`, `Nfs`, `PVC`, `Secret`. The supported volume types are: `ConfigMap`, `EmptyDir`, `HostPath`, `Nfs`, `PVC`, `Secret`.
@ -380,11 +389,11 @@ See additional `persistence` values using [configuration commands](#configuratio
2. Create the PersistentVolumeClaim 2. Create the PersistentVolumeClaim
3. [Install](#install-chart) the chart, setting `persistence.existingClaim` to `PVC_NAME` 3. [Install](#install-chart) the chart, setting `persistence.existingClaim` to `PVC_NAME`
#### Long Volume Attach/Mount Times #### Long Volume Attach-/Mount Times
Certain volume type and filesystem format combinations may experience long Certain volume type and filesystem format combinations may experience long
attach/mount times, [10 or more minutes][K8S_VOLUME_TIMEOUT], when using attach/mount times, [10 or more minutes][K8S_VOLUME_TIMEOUT], when using
`fsGroup`. This issue may result in the following entries in the pod's event `fsGroup`. This issue may result in the following entries in the pod's event
history: history:
```console ```console
@ -392,7 +401,7 @@ Warning FailedMount 38m kubelet, aks-default-41587790-2 Unable
``` ```
In these cases, experiment with replacing `fsGroup` with In these cases, experiment with replacing `fsGroup` with
`supplementalGroups` in the pod's `securityContext`. This can be achieved by `supplementalGroups` in the pod's `securityContext`. This can be achieved by
setting the `controller.podSecurityContextOverride` Helm chart value to setting the `controller.podSecurityContextOverride` Helm chart value to
something like: something like:
@ -424,6 +433,7 @@ A common use case might be identity provider credentials if using an external LD
The secret may then be referenced in JCasC configuration (see [JCasC configuration](#configuration-as-code)). The secret may then be referenced in JCasC configuration (see [JCasC configuration](#configuration-as-code)).
`values.yaml` controller section, referencing mounted secrets: `values.yaml` controller section, referencing mounted secrets:
```yaml ```yaml
controller: controller:
# the 'name' and 'keyName' are concatenated with a '-' in between, so for example: # the 'name' and 'keyName' are concatenated with a '-' in between, so for example:
@ -433,7 +443,7 @@ controller:
# existingSecret existing secret "secret-credentials" and a key inside it named "github-username" should be used in Jcasc as ${github-username} # existingSecret existing secret "secret-credentials" and a key inside it named "github-username" should be used in Jcasc as ${github-username}
# When using existingSecret no need to specify the keyName under additionalExistingSecrets. # When using existingSecret no need to specify the keyName under additionalExistingSecrets.
existingSecret: secret-credentials existingSecret: secret-credentials
additionalExistingSecrets: additionalExistingSecrets:
- name: secret-credentials - name: secret-credentials
keyName: github-username keyName: github-username
@ -441,7 +451,7 @@ controller:
keyName: github-password keyName: github-password
- name: secret-credentials - name: secret-credentials
keyName: token keyName: token
additionalSecrets: additionalSecrets:
- name: client_id - name: client_id
value: abc123 value: abc123
@ -481,6 +491,7 @@ It's possible for this chart to generate `SecretClaim` resources in order to aut
These `Secrets` can then be referenced in the same manner as Additional Secrets above. These `Secrets` can then be referenced in the same manner as Additional Secrets above.
This can be achieved by defining required Secret Claims within `controller.secretClaims`, as follows: This can be achieved by defining required Secret Claims within `controller.secretClaims`, as follows:
```yaml ```yaml
controller: controller:
secretClaims: secretClaims:
@ -574,11 +585,11 @@ The simplest configuration looks like the following:
```yaml ```yaml
controller: controller:
ingress: ingress:
enabled: true enabled: true
paths: [] paths: []
apiVersion: "extensions/v1beta1" apiVersion: "extensions/v1beta1"
hostName: jenkins.example.com hostName: jenkins.example.com
``` ```
This snippet configures an ingress rule for exposing jenkins at `jenkins.example.com` This snippet configures an ingress rule for exposing jenkins at `jenkins.example.com`
@ -593,20 +604,20 @@ The secondaryingress doesn't expose anything by default and has to be configured
```yaml ```yaml
controller: controller:
ingress: ingress:
enabled: true enabled: true
apiVersion: "extensions/v1beta1" apiVersion: "extensions/v1beta1"
hostName: "jenkins.internal.example.com" hostName: "jenkins.internal.example.com"
annotations: annotations:
kubernetes.io/ingress.class: "internal" kubernetes.io/ingress.class: "internal"
secondaryingress: secondaryingress:
enabled: true enabled: true
apiVersion: "extensions/v1beta1" apiVersion: "extensions/v1beta1"
hostName: "jenkins-scm.example.com" hostName: "jenkins-scm.example.com"
annotations: annotations:
kubernetes.io/ingress.class: "public" kubernetes.io/ingress.class: "public"
paths: paths:
- /github-webhook - /github-webhook
``` ```
## Prometheus Metrics ## Prometheus Metrics
@ -660,15 +671,16 @@ and `https-jks-password` (or override the key name using `jenkinsHttpsJksPasswor
```yaml ```yaml
controller: controller:
httpsKeyStore: httpsKeyStore:
enable: true enable: true
jenkinsHttpsJksSecretName: '' jenkinsHttpsJksSecretName: ""
httpPort: 8081 httpPort: 8081
path: "/var/jenkins_keystore" path: "/var/jenkins_keystore"
fileName: "keystore.jks" fileName: "keystore.jks"
password: "changeit" password: "changeit"
jenkinsKeyStoreBase64Encoded: '' jenkinsKeyStoreBase64Encoded: ""
``` ```
### AWS Security Group Policies ### AWS Security Group Policies
To create SecurityGroupPolicies set `awsSecurityGroupPolicies.enabled` to true and add your policies. Each policy requires a `name`, array of `securityGroupIds` and a `podSelector`. Example: To create SecurityGroupPolicies set `awsSecurityGroupPolicies.enabled` to true and add your policies. Each policy requires a `name`, array of `securityGroupIds` and a `podSelector`. Example:
@ -678,7 +690,7 @@ awsSecurityGroupPolicies:
enabled: true enabled: true
policies: policies:
- name: "jenkins-controller" - name: "jenkins-controller"
securityGroupIds: securityGroupIds:
- sg-123456789 - sg-123456789
podSelector: podSelector:
matchExpressions: matchExpressions:

59
charts/kubezero-ci/charts/jenkins/UPGRADING.md
View File

@ -1,6 +1,7 @@
# Upgrade Notes # Upgrade Notes
## To 5.0.0 ## To 5.0.0
- `controller.image`, `controller.tag`, and `controller.tagLabel` have been removed. If you want to overwrite the image you now need to configure any or all of: - `controller.image`, `controller.tag`, and `controller.tagLabel` have been removed. If you want to overwrite the image you now need to configure any or all of:
- `controller.image.registry` - `controller.image.registry`
- `controller.image.repository` - `controller.image.repository`
@ -31,38 +32,40 @@
- `backup.*` was unmaintained and has thus been removed. See the following page for alternatives: [Kubernetes Backup and Migrations](https://nubenetes.com/kubernetes-backup-migrations/). - `backup.*` was unmaintained and has thus been removed. See the following page for alternatives: [Kubernetes Backup and Migrations](https://nubenetes.com/kubernetes-backup-migrations/).
## To 4.0.0 ## To 4.0.0
Removes automatic `remotingSecurity` setting when using a container tag older than `2.326` (introduced in [`3.11.7`](./CHANGELOG.md#3117)). If you're using a version older than `2.326`, you should explicitly set `.controller.legacyRemotingSecurityEnabled` to `true`. Removes automatic `remotingSecurity` setting when using a container tag older than `2.326` (introduced in [`3.11.7`](./CHANGELOG.md#3117)). If you're using a version older than `2.326`, you should explicitly set `.controller.legacyRemotingSecurityEnabled` to `true`.
## To 3.0.0 ## To 3.0.0
* Check `securityRealm` and `authorizationStrategy` and adjust it. - Check `securityRealm` and `authorizationStrategy` and adjust it.
Otherwise, your configured users and permissions will be overridden. Otherwise, your configured users and permissions will be overridden.
* You need to use helm version 3 as the `Chart.yaml` uses `apiVersion: v2`. - You need to use helm version 3 as the `Chart.yaml` uses `apiVersion: v2`.
* All XML configuration options have been removed. - All XML configuration options have been removed.
In case those are still in use you need to migrate to configuration as code. In case those are still in use you need to migrate to configuration as code.
Upgrade guide to 2.0.0 contains pointers how to do that. Upgrade guide to 2.0.0 contains pointers how to do that.
* Jenkins is now using a `StatefulSet` instead of a `Deployment` - Jenkins is now using a `StatefulSet` instead of a `Deployment`
* terminology has been adjusted that's also reflected in values.yaml - terminology has been adjusted that's also reflected in values.yaml
The following values from `values.yaml` have been renamed: The following values from `values.yaml` have been renamed:
* `master` => `controller` - `master` => `controller`
* `master.useSecurity` => `controller.adminSecret` - `master.useSecurity` => `controller.adminSecret`
* `master.slaveListenerPort` => `controller.agentListenerPort` - `master.slaveListenerPort` => `controller.agentListenerPort`
* `master.slaveHostPort` => `controller.agentListenerHostPort` - `master.slaveHostPort` => `controller.agentListenerHostPort`
* `master.slaveKubernetesNamespace` => `agent.namespace` - `master.slaveKubernetesNamespace` => `agent.namespace`
* `master.slaveDefaultsProviderTemplate` => `agent.defaultsProviderTemplate` - `master.slaveDefaultsProviderTemplate` => `agent.defaultsProviderTemplate`
* `master.slaveJenkinsUrl` => `agent.jenkinsUrl` - `master.slaveJenkinsUrl` => `agent.jenkinsUrl`
* `master.slaveJenkinsTunnel` => `agent.jenkinsTunnel` - `master.slaveJenkinsTunnel` => `agent.jenkinsTunnel`
* `master.slaveConnectTimeout` => `agent.kubernetesConnectTimeout` - `master.slaveConnectTimeout` => `agent.kubernetesConnectTimeout`
* `master.slaveReadTimeout` => `agent.kubernetesReadTimeout` - `master.slaveReadTimeout` => `agent.kubernetesReadTimeout`
* `master.slaveListenerServiceAnnotations` => `controller.agentListenerServiceAnnotations` - `master.slaveListenerServiceAnnotations` => `controller.agentListenerServiceAnnotations`
* `master.slaveListenerServiceType` => `controller.agentListenerServiceType` - `master.slaveListenerServiceType` => `controller.agentListenerServiceType`
* `master.slaveListenerLoadBalancerIP` => `controller.agentListenerLoadBalancerIP` - `master.slaveListenerLoadBalancerIP` => `controller.agentListenerLoadBalancerIP`
* `agent.slaveConnectTimeout` => `agent.connectTimeout` - `agent.slaveConnectTimeout` => `agent.connectTimeout`
* Removed values:
* `master.imageTag`: use `controller.image` and `controller.tag` instead - Removed values:
* `slave.imageTag`: use `agent.image` and `agent.tag` instead
- `master.imageTag`: use `controller.image` and `controller.tag` instead
- `slave.imageTag`: use `agent.image` and `agent.tag` instead
## To 2.0.0 ## To 2.0.0
@ -95,14 +98,14 @@ Here we show which values have changed and the previous default values:
```yaml ```yaml
controller: controller:
runAsUser: 1000 # was unset before runAsUser: 1000 # was unset before
fsGroup: 1000 # was unset before fsGroup: 1000 # was unset before
JCasC: JCasC:
enabled: true # was false enabled: true # was false
defaultConfig: true # was false defaultConfig: true # was false
sidecars: sidecars:
configAutoReload: configAutoReload:
enabled: true # was false enabled: true # was false
``` ```
### Migration steps ### Migration steps
@ -135,7 +138,7 @@ So think of the list below more as a general guideline of what should be done.
Breaking changes: Breaking changes:
- Values have been renamed to follow [helm recommended naming conventions](https://helm.sh/docs/chart_best_practices/#naming-conventions) so that all variables start with a lowercase letter and words are separated with camelcase - Values have been renamed to follow [helm recommended naming conventions](https://helm.sh/docs/chart_best_practices/#naming-conventions) so that all variables start with a lowercase letter and words are separated with camelCase
- All resources are now using [helm recommended standard labels](https://helm.sh/docs/chart_best_practices/#standard-labels) - All resources are now using [helm recommended standard labels](https://helm.sh/docs/chart_best_practices/#standard-labels)
As a result of the label changes also the selectors of the deployment have been updated. As a result of the label changes also the selectors of the deployment have been updated.

585
charts/kubezero-ci/charts/jenkins/VALUES.md
View File

@ -8,314 +8,315 @@ The following tables list the configurable parameters of the Jenkins chart and t
| Key | Type | Description | Default | | Key | Type | Description | Default |
|:----|:-----|:---------|:------------| |:----|:-----|:---------|:------------|
| [additionalAgents](./values.yaml#L1199) | object | Configure additional | `{}` | | [additionalAgents](./values.yaml#L1202) | object | Configure additional | `{}` |
| [additionalClouds](./values.yaml#L1224) | object | | `{}` | | [additionalClouds](./values.yaml#L1227) | object | | `{}` |
| [agent.TTYEnabled](./values.yaml#L1105) | bool | Allocate pseudo tty to the side container | `false` | | [agent.TTYEnabled](./values.yaml#L1107) | bool | Allocate pseudo tty to the side container | `false` |
| [agent.additionalContainers](./values.yaml#L1152) | list | Add additional containers to the agents | `[]` | | [agent.additionalContainers](./values.yaml#L1155) | list | Add additional containers to the agents | `[]` |
| [agent.alwaysPullImage](./values.yaml#L998) | bool | Always pull agent container image before build | `false` | | [agent.alwaysPullImage](./values.yaml#L1000) | bool | Always pull agent container image before build | `false` |
| [agent.annotations](./values.yaml#L1148) | object | Annotations to apply to the pod | `{}` | | [agent.annotations](./values.yaml#L1151) | object | Annotations to apply to the pod | `{}` |
| [agent.args](./values.yaml#L1099) | string | Arguments passed to command to execute | `"${computer.jnlpmac} ${computer.name}"` | | [agent.args](./values.yaml#L1101) | string | Arguments passed to command to execute | `"${computer.jnlpmac} ${computer.name}"` |
| [agent.command](./values.yaml#L1097) | string | Command to execute when side container starts | `nil` | | [agent.command](./values.yaml#L1099) | string | Command to execute when side container starts | `nil` |
| [agent.componentName](./values.yaml#L966) | string | | `"jenkins-agent"` | | [agent.componentName](./values.yaml#L968) | string | | `"jenkins-agent"` |
| [agent.connectTimeout](./values.yaml#L1146) | int | Timeout in seconds for an agent to be online | `100` | | [agent.connectTimeout](./values.yaml#L1149) | int | Timeout in seconds for an agent to be online | `100` |
| [agent.containerCap](./values.yaml#L1107) | int | Max number of agents to launch | `10` | | [agent.containerCap](./values.yaml#L1109) | int | Max number of agents to launch for a whole cluster. | `10` |
| [agent.customJenkinsLabels](./values.yaml#L963) | list | Append Jenkins labels to the agent | `[]` | | [agent.customJenkinsLabels](./values.yaml#L965) | list | Append Jenkins labels to the agent | `[]` |
| [agent.defaultsProviderTemplate](./values.yaml#L917) | string | The name of the pod template to use for providing default values | `""` | | [agent.defaultsProviderTemplate](./values.yaml#L919) | string | The name of the pod template to use for providing default values | `""` |
| [agent.directConnection](./values.yaml#L969) | bool | | `false` | | [agent.directConnection](./values.yaml#L971) | bool | | `false` |
| [agent.disableDefaultAgent](./values.yaml#L1170) | bool | Disable the default Jenkins Agent configuration | `false` | | [agent.disableDefaultAgent](./values.yaml#L1173) | bool | Disable the default Jenkins Agent configuration | `false` |
| [agent.enabled](./values.yaml#L915) | bool | Enable Kubernetes plugin jnlp-agent podTemplate | `true` | | [agent.enabled](./values.yaml#L917) | bool | Enable Kubernetes plugin jnlp-agent podTemplate | `true` |
| [agent.envVars](./values.yaml#L1080) | list | Environment variables for the agent Pod | `[]` | | [agent.envVars](./values.yaml#L1082) | list | Environment variables for the agent Pod | `[]` |
| [agent.garbageCollection.enabled](./values.yaml#L1114) | bool | When enabled, Jenkins will periodically check for orphan pods that have not been touched for the given timeout period and delete them. | `false` | | [agent.garbageCollection.enabled](./values.yaml#L1118) | bool | When enabled, Jenkins will periodically check for orphan pods that have not been touched for the given timeout period and delete them. | `false` |
| [agent.garbageCollection.namespaces](./values.yaml#L1116) | string | Namespaces to look at for garbage collection, in addition to the default namespace defined for the cloud. One namespace per line. | `""` | | [agent.garbageCollection.namespaces](./values.yaml#L1120) | string | Namespaces to look at for garbage collection, in addition to the default namespace defined for the cloud. One namespace per line. | `""` |
| [agent.garbageCollection.timeout](./values.yaml#L1121) | int | Timeout value for orphaned pods | `300` | | [agent.garbageCollection.timeout](./values.yaml#L1125) | int | Timeout value for orphaned pods | `300` |
| [agent.hostNetworking](./values.yaml#L977) | bool | Enables the agent to use the host network | `false` | | [agent.hostNetworking](./values.yaml#L979) | bool | Enables the agent to use the host network | `false` |
| [agent.idleMinutes](./values.yaml#L1124) | int | Allows the Pod to remain active for reuse until the configured number of minutes has passed since the last step was executed on it | `0` | | [agent.idleMinutes](./values.yaml#L1128) | int | Allows the Pod to remain active for reuse until the configured number of minutes has passed since the last step was executed on it | `0` |
| [agent.image.repository](./values.yaml#L956) | string | Repository to pull the agent jnlp image from | `"jenkins/inbound-agent"` | | [agent.image.repository](./values.yaml#L958) | string | Repository to pull the agent jnlp image from | `"jenkins/inbound-agent"` |
| [agent.image.tag](./values.yaml#L958) | string | Tag of the image to pull | `"3283.v92c105e0f819-9"` | | [agent.image.tag](./values.yaml#L960) | string | Tag of the image to pull | `"3309.v27b_9314fd1a_4-2"` |
| [agent.imagePullSecretName](./values.yaml#L965) | string | Name of the secret to be used to pull the image | `nil` | | [agent.imagePullSecretName](./values.yaml#L967) | string | Name of the secret to be used to pull the image | `nil` |
| [agent.inheritYamlMergeStrategy](./values.yaml#L1144) | bool | Controls whether the defined yaml merge strategy will be inherited if another defined pod template is configured to inherit from the current one | `false` | | [agent.inheritYamlMergeStrategy](./values.yaml#L1147) | bool | Controls whether the defined yaml merge strategy will be inherited if another defined pod template is configured to inherit from the current one | `false` |
| [agent.jenkinsTunnel](./values.yaml#L933) | string | Overrides the Kubernetes Jenkins tunnel | `nil` | | [agent.instanceCap](./values.yaml#L1111) | int | Max number of agents to launch for this type of agent | `2147483647` |
| [agent.jenkinsUrl](./values.yaml#L929) | string | Overrides the Kubernetes Jenkins URL | `nil` | | [agent.jenkinsTunnel](./values.yaml#L935) | string | Overrides the Kubernetes Jenkins tunnel | `nil` |
| [agent.jnlpregistry](./values.yaml#L953) | string | Custom registry used to pull the agent jnlp image from | `nil` | | [agent.jenkinsUrl](./values.yaml#L931) | string | Overrides the Kubernetes Jenkins URL | `nil` |
| [agent.kubernetesConnectTimeout](./values.yaml#L939) | int | The connection timeout in seconds for connections to Kubernetes API. The minimum value is 5 | `5` | | [agent.jnlpregistry](./values.yaml#L955) | string | Custom registry used to pull the agent jnlp image from | `nil` |
| [agent.kubernetesReadTimeout](./values.yaml#L941) | int | The read timeout in seconds for connections to Kubernetes API. The minimum value is 15 | `15` | | [agent.kubernetesConnectTimeout](./values.yaml#L941) | int | The connection timeout in seconds for connections to Kubernetes API. The minimum value is 5 | `5` |
| [agent.livenessProbe](./values.yaml#L988) | object | | `{}` | | [agent.kubernetesReadTimeout](./values.yaml#L943) | int | The read timeout in seconds for connections to Kubernetes API. The minimum value is 15 | `15` |
| [agent.maxRequestsPerHostStr](./values.yaml#L943) | string | The maximum concurrent connections to Kubernetes API | `"32"` | | [agent.livenessProbe](./values.yaml#L990) | object | | `{}` |
| [agent.namespace](./values.yaml#L949) | string | Namespace in which the Kubernetes agents should be launched | `nil` | | [agent.maxRequestsPerHostStr](./values.yaml#L945) | string | The maximum concurrent connections to Kubernetes API | `"32"` |
| [agent.nodeSelector](./values.yaml#L1091) | object | Node labels for pod assignment | `{}` | | [agent.namespace](./values.yaml#L951) | string | Namespace in which the Kubernetes agents should be launched | `nil` |
| [agent.nodeUsageMode](./values.yaml#L961) | string | | `"NORMAL"` | | [agent.nodeSelector](./values.yaml#L1093) | object | Node labels for pod assignment | `{}` |
| [agent.podLabels](./values.yaml#L951) | object | Custom Pod labels (an object with `label-key: label-value` pairs) | `{}` | | [agent.nodeUsageMode](./values.yaml#L963) | string | | `"NORMAL"` |
| [agent.podName](./values.yaml#L1109) | string | Agent Pod base name | `"default"` | | [agent.podLabels](./values.yaml#L953) | object | Custom Pod labels (an object with `label-key: label-value` pairs) | `{}` |
| [agent.podRetention](./values.yaml#L1007) | string | | `"Never"` | | [agent.podName](./values.yaml#L1113) | string | Agent Pod base name | `"default"` |
| [agent.podTemplates](./values.yaml#L1180) | object | Configures extra pod templates for the default kubernetes cloud | `{}` | | [agent.podRetention](./values.yaml#L1009) | string | | `"Never"` |
| [agent.privileged](./values.yaml#L971) | bool | Agent privileged container | `false` | | [agent.podTemplates](./values.yaml#L1183) | object | Configures extra pod templates for the default kubernetes cloud | `{}` |
| [agent.resources](./values.yaml#L979) | object | Resources allocation (Requests and Limits) | `{"limits":{"cpu":"512m","memory":"512Mi"},"requests":{"cpu":"512m","memory":"512Mi"}}` | | [agent.privileged](./values.yaml#L973) | bool | Agent privileged container | `false` |
| [agent.restrictedPssSecurityContext](./values.yaml#L1004) | bool | Set a restricted securityContext on jnlp containers | `false` | | [agent.resources](./values.yaml#L981) | object | Resources allocation (Requests and Limits) | `{"limits":{"cpu":"512m","memory":"512Mi"},"requests":{"cpu":"512m","memory":"512Mi"}}` |
| [agent.retentionTimeout](./values.yaml#L945) | int | Time in minutes after which the Kubernetes cloud plugin will clean up an idle worker that has not already terminated | `5` | | [agent.restrictedPssSecurityContext](./values.yaml#L1006) | bool | Set a restricted securityContext on jnlp containers | `false` |
| [agent.runAsGroup](./values.yaml#L975) | string | Configure container group | `nil` | | [agent.retentionTimeout](./values.yaml#L947) | int | Time in minutes after which the Kubernetes cloud plugin will clean up an idle worker that has not already terminated | `5` |
| [agent.runAsUser](./values.yaml#L973) | string | Configure container user | `nil` | | [agent.runAsGroup](./values.yaml#L977) | string | Configure container group | `nil` |
| [agent.secretEnvVars](./values.yaml#L1084) | list | Mount a secret as environment variable | `[]` | | [agent.runAsUser](./values.yaml#L975) | string | Configure container user | `nil` |
| [agent.serviceAccount](./values.yaml#L925) | string | Override the default service account | `serviceAccountAgent.name` if `agent.useDefaultServiceAccount` is `true` | | [agent.secretEnvVars](./values.yaml#L1086) | list | Mount a secret as environment variable | `[]` |
| [agent.showRawYaml](./values.yaml#L1011) | bool | | `true` | | [agent.serviceAccount](./values.yaml#L927) | string | Override the default service account | `serviceAccountAgent.name` if `agent.useDefaultServiceAccount` is `true` |
| [agent.sideContainerName](./values.yaml#L1101) | string | Side container name | `"jnlp"` | | [agent.showRawYaml](./values.yaml#L1013) | bool | | `true` |
| [agent.skipTlsVerify](./values.yaml#L935) | bool | Disables the verification of the controller certificate on remote connection. This flag correspond to the "Disable https certificate check" flag in kubernetes plugin UI | `false` | | [agent.sideContainerName](./values.yaml#L1103) | string | Side container name | `"jnlp"` |
| [agent.usageRestricted](./values.yaml#L937) | bool | Enable the possibility to restrict the usage of this agent to specific folder. This flag correspond to the "Restrict pipeline support to authorized folders" flag in kubernetes plugin UI | `false` | | [agent.skipTlsVerify](./values.yaml#L937) | bool | Disables the verification of the controller certificate on remote connection. This flag correspond to the "Disable https certificate check" flag in kubernetes plugin UI | `false` |
| [agent.useDefaultServiceAccount](./values.yaml#L921) | bool | Use `serviceAccountAgent.name` as the default value for defaults template `serviceAccount` | `true` | | [agent.usageRestricted](./values.yaml#L939) | bool | Enable the possibility to restrict the usage of this agent to specific folder. This flag correspond to the "Restrict pipeline support to authorized folders" flag in kubernetes plugin UI | `false` |
| [agent.volumes](./values.yaml#L1018) | list | Additional volumes | `[]` | | [agent.useDefaultServiceAccount](./values.yaml#L923) | bool | Use `serviceAccountAgent.name` as the default value for defaults template `serviceAccount` | `true` |
| [agent.waitForPodSec](./values.yaml#L947) | int | Seconds to wait for pod to be running | `600` | | [agent.volumes](./values.yaml#L1020) | list | Additional volumes | `[]` |
| [agent.websocket](./values.yaml#L968) | bool | Enables agent communication via websockets | `false` | | [agent.waitForPodSec](./values.yaml#L949) | int | Seconds to wait for pod to be running | `600` |
| [agent.workingDir](./values.yaml#L960) | string | Configure working directory for default agent | `"/home/jenkins/agent"` | | [agent.websocket](./values.yaml#L970) | bool | Enables agent communication via websockets | `false` |
| [agent.workspaceVolume](./values.yaml#L1053) | object | Workspace volume (defaults to EmptyDir) | `{}` | | [agent.workingDir](./values.yaml#L962) | string | Configure working directory for default agent | `"/home/jenkins/agent"` |
| [agent.yamlMergeStrategy](./values.yaml#L1142) | string | Defines how the raw yaml field gets merged with yaml definitions from inherited pod templates. Possible values: "merge" or "override" | `"override"` | | [agent.workspaceVolume](./values.yaml#L1055) | object | Workspace volume (defaults to EmptyDir) | `{}` |
| [agent.yamlTemplate](./values.yaml#L1131) | string | The raw yaml of a Pod API Object to merge into the agent spec | `""` | | [agent.yamlMergeStrategy](./values.yaml#L1145) | string | Defines how the raw yaml field gets merged with yaml definitions from inherited pod templates. Possible values: "merge" or "override" | `"override"` |
| [awsSecurityGroupPolicies.enabled](./values.yaml#L1356) | bool | | `false` | | [agent.yamlTemplate](./values.yaml#L1134) | string | The raw yaml of a Pod API Object to merge into the agent spec | `""` |
| [awsSecurityGroupPolicies.policies[0].name](./values.yaml#L1358) | string | | `""` | | [awsSecurityGroupPolicies.enabled](./values.yaml#L1360) | bool | | `false` |
| [awsSecurityGroupPolicies.policies[0].podSelector](./values.yaml#L1360) | object | | `{}` | | [awsSecurityGroupPolicies.policies[0].name](./values.yaml#L1362) | string | | `""` |
| [awsSecurityGroupPolicies.policies[0].securityGroupIds](./values.yaml#L1359) | list | | `[]` | | [awsSecurityGroupPolicies.policies[0].podSelector](./values.yaml#L1364) | object | | `{}` |
| [checkDeprecation](./values.yaml#L1353) | bool | Checks if any deprecated values are used | `true` | | [awsSecurityGroupPolicies.policies[0].securityGroupIds](./values.yaml#L1363) | list | | `[]` |
| [checkDeprecation](./values.yaml#L1357) | bool | Checks if any deprecated values are used | `true` |
| [clusterZone](./values.yaml#L21) | string | Override the cluster name for FQDN resolving | `"cluster.local"` | | [clusterZone](./values.yaml#L21) | string | Override the cluster name for FQDN resolving | `"cluster.local"` |
| [controller.JCasC.authorizationStrategy](./values.yaml#L543) | string | Jenkins Config as Code Authorization Strategy-section | `"loggedInUsersCanDoAnything:\n allowAnonymousRead: false"` | | [controller.JCasC.authorizationStrategy](./values.yaml#L542) | string | Jenkins Config as Code Authorization Strategy-section | `"loggedInUsersCanDoAnything:\n allowAnonymousRead: false"` |
| [controller.JCasC.configMapAnnotations](./values.yaml#L548) | object | Annotations for the JCasC ConfigMap | `{}` | | [controller.JCasC.configMapAnnotations](./values.yaml#L547) | object | Annotations for the JCasC ConfigMap | `{}` |
| [controller.JCasC.configScripts](./values.yaml#L517) | object | List of Jenkins Config as Code scripts | `{}` | | [controller.JCasC.configScripts](./values.yaml#L516) | object | List of Jenkins Config as Code scripts | `{}` |
| [controller.JCasC.configUrls](./values.yaml#L514) | list | Remote URLs for configuration files. | `[]` | | [controller.JCasC.configUrls](./values.yaml#L513) | list | Remote URLs for configuration files. | `[]` |
| [controller.JCasC.defaultConfig](./values.yaml#L508) | bool | Enables default Jenkins configuration via configuration as code plugin | `true` | | [controller.JCasC.defaultConfig](./values.yaml#L507) | bool | Enables default Jenkins configuration via configuration as code plugin | `true` |
| [controller.JCasC.overwriteConfiguration](./values.yaml#L512) | bool | Whether Jenkins Config as Code should overwrite any existing configuration | `false` | | [controller.JCasC.overwriteConfiguration](./values.yaml#L511) | bool | Whether Jenkins Config as Code should overwrite any existing configuration | `false` |
| [controller.JCasC.security](./values.yaml#L524) | object | Jenkins Config as Code security-section | `{"apiToken":{"creationOfLegacyTokenEnabled":false,"tokenGenerationOnCreationEnabled":false,"usageStatisticsEnabled":true}}` | | [controller.JCasC.security](./values.yaml#L523) | object | Jenkins Config as Code security-section | `{"apiToken":{"creationOfLegacyTokenEnabled":false,"tokenGenerationOnCreationEnabled":false,"usageStatisticsEnabled":true}}` |
| [controller.JCasC.securityRealm](./values.yaml#L532) | string | Jenkins Config as Code Security Realm-section | `"local:\n allowsSignup: false\n enableCaptcha: false\n users:\n - id: \"${chart-admin-username}\"\n name: \"Jenkins Admin\"\n password: \"${chart-admin-password}\""` | | [controller.JCasC.securityRealm](./values.yaml#L531) | string | Jenkins Config as Code Security Realm-section | `"local:\n allowsSignup: false\n enableCaptcha: false\n users:\n - id: \"${chart-admin-username}\"\n name: \"Jenkins Admin\"\n password: \"${chart-admin-password}\""` |
| [controller.additionalExistingSecrets](./values.yaml#L469) | list | List of additional existing secrets to mount | `[]` | | [controller.additionalExistingSecrets](./values.yaml#L468) | list | List of additional existing secrets to mount | `[]` |
| [controller.additionalPlugins](./values.yaml#L419) | list | List of plugins to install in addition to those listed in controller.installPlugins | `[]` | | [controller.additionalPlugins](./values.yaml#L418) | list | List of plugins to install in addition to those listed in controller.installPlugins | `[]` |
| [controller.additionalSecrets](./values.yaml#L478) | list | List of additional secrets to create and mount | `[]` | | [controller.additionalSecrets](./values.yaml#L477) | list | List of additional secrets to create and mount | `[]` |
| [controller.admin.createSecret](./values.yaml#L91) | bool | Create secret for admin user | `true` | | [controller.admin.createSecret](./values.yaml#L90) | bool | Create secret for admin user | `true` |
| [controller.admin.existingSecret](./values.yaml#L94) | string | The name of an existing secret containing the admin credentials | `""` | | [controller.admin.existingSecret](./values.yaml#L93) | string | The name of an existing secret containing the admin credentials | `""` |
| [controller.admin.password](./values.yaml#L81) | string | Admin password created as a secret if `controller.admin.createSecret` is true | `<random password>` | | [controller.admin.password](./values.yaml#L80) | string | Admin password created as a secret if `controller.admin.createSecret` is true | `<random password>` |
| [controller.admin.passwordKey](./values.yaml#L86) | string | The key in the existing admin secret containing the password | `"jenkins-admin-password"` | | [controller.admin.passwordKey](./values.yaml#L85) | string | The key in the existing admin secret containing the password | `"jenkins-admin-password"` |
| [controller.admin.userKey](./values.yaml#L84) | string | The key in the existing admin secret containing the username | `"jenkins-admin-user"` | | [controller.admin.userKey](./values.yaml#L83) | string | The key in the existing admin secret containing the username | `"jenkins-admin-user"` |
| [controller.admin.username](./values.yaml#L78) | string | Admin username created as a secret if `controller.admin.createSecret` is true | `"admin"` | | [controller.admin.username](./values.yaml#L77) | string | Admin username created as a secret if `controller.admin.createSecret` is true | `"admin"` |
| [controller.affinity](./values.yaml#L670) | object | Affinity settings | `{}` | | [controller.affinity](./values.yaml#L671) | object | Affinity settings | `{}` |
| [controller.agentListenerEnabled](./values.yaml#L328) | bool | Create Agent listener service | `true` | | [controller.agentListenerEnabled](./values.yaml#L327) | bool | Create Agent listener service | `true` |
| [controller.agentListenerExternalTrafficPolicy](./values.yaml#L338) | string | Traffic Policy of for the agentListener service | `nil` | | [controller.agentListenerExternalTrafficPolicy](./values.yaml#L337) | string | Traffic Policy of for the agentListener service | `nil` |
| [controller.agentListenerHostPort](./values.yaml#L332) | string | Host port to listen for agents | `nil` | | [controller.agentListenerHostPort](./values.yaml#L331) | string | Host port to listen for agents | `nil` |
| [controller.agentListenerLoadBalancerIP](./values.yaml#L368) | string | Static IP for the agentListener LoadBalancer | `nil` | | [controller.agentListenerLoadBalancerIP](./values.yaml#L367) | string | Static IP for the agentListener LoadBalancer | `nil` |
| [controller.agentListenerLoadBalancerSourceRanges](./values.yaml#L340) | list | Allowed inbound IP for the agentListener service | `["0.0.0.0/0"]` | | [controller.agentListenerLoadBalancerSourceRanges](./values.yaml#L339) | list | Allowed inbound IP for the agentListener service | `["0.0.0.0/0"]` |
| [controller.agentListenerNodePort](./values.yaml#L334) | string | Node port to listen for agents | `nil` | | [controller.agentListenerNodePort](./values.yaml#L333) | string | Node port to listen for agents | `nil` |
| [controller.agentListenerPort](./values.yaml#L330) | int | Listening port for agents | `50000` | | [controller.agentListenerPort](./values.yaml#L329) | int | Listening port for agents | `50000` |
| [controller.agentListenerServiceAnnotations](./values.yaml#L363) | object | Annotations for the agentListener service | `{}` | | [controller.agentListenerServiceAnnotations](./values.yaml#L362) | object | Annotations for the agentListener service | `{}` |
| [controller.agentListenerServiceType](./values.yaml#L360) | string | Defines how to expose the agentListener service | `"ClusterIP"` | | [controller.agentListenerServiceType](./values.yaml#L359) | string | Defines how to expose the agentListener service | `"ClusterIP"` |
| [controller.backendconfig.annotations](./values.yaml#L773) | object | backendconfig annotations | `{}` | | [controller.backendconfig.annotations](./values.yaml#L775) | object | backendconfig annotations | `{}` |
| [controller.backendconfig.apiVersion](./values.yaml#L767) | string | backendconfig API version | `"extensions/v1beta1"` | | [controller.backendconfig.apiVersion](./values.yaml#L769) | string | backendconfig API version | `"extensions/v1beta1"` |
| [controller.backendconfig.enabled](./values.yaml#L765) | bool | Enables backendconfig | `false` | | [controller.backendconfig.enabled](./values.yaml#L767) | bool | Enables backendconfig | `false` |
| [controller.backendconfig.labels](./values.yaml#L771) | object | backendconfig labels | `{}` | | [controller.backendconfig.labels](./values.yaml#L773) | object | backendconfig labels | `{}` |
| [controller.backendconfig.name](./values.yaml#L769) | string | backendconfig name | `nil` | | [controller.backendconfig.name](./values.yaml#L771) | string | backendconfig name | `nil` |
| [controller.backendconfig.spec](./values.yaml#L775) | object | backendconfig spec | `{}` | | [controller.backendconfig.spec](./values.yaml#L777) | object | backendconfig spec | `{}` |
| [controller.cloudName](./values.yaml#L497) | string | Name of default cloud configuration. | `"kubernetes"` | | [controller.cloudName](./values.yaml#L496) | string | Name of default cloud configuration. | `"kubernetes"` |
| [controller.clusterIp](./values.yaml#L223) | string | k8s service clusterIP. Only used if serviceType is ClusterIP | `nil` | | [controller.clusterIp](./values.yaml#L222) | string | k8s service clusterIP. Only used if serviceType is ClusterIP | `nil` |
| [controller.componentName](./values.yaml#L34) | string | Used for label app.kubernetes.io/component | `"jenkins-controller"` | | [controller.componentName](./values.yaml#L34) | string | Used for label app.kubernetes.io/component | `"jenkins-controller"` |
| [controller.containerEnv](./values.yaml#L156) | list | Environment variables for Jenkins Container | `[]` | | [controller.containerEnv](./values.yaml#L155) | list | Environment variables for Jenkins Container | `[]` |
| [controller.containerEnvFrom](./values.yaml#L153) | list | Environment variable sources for Jenkins Container | `[]` | | [controller.containerEnvFrom](./values.yaml#L152) | list | Environment variable sources for Jenkins Container | `[]` |
| [controller.containerSecurityContext](./values.yaml#L211) | object | Allow controlling the securityContext for the jenkins container | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":1000,"runAsUser":1000}` | | [controller.containerSecurityContext](./values.yaml#L210) | object | Allow controlling the securityContext for the jenkins container | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":1000,"runAsUser":1000}` |
| [controller.csrf.defaultCrumbIssuer.enabled](./values.yaml#L349) | bool | Enable the default CSRF Crumb issuer | `true` | | [controller.csrf.defaultCrumbIssuer.enabled](./values.yaml#L348) | bool | Enable the default CSRF Crumb issuer | `true` |
| [controller.csrf.defaultCrumbIssuer.proxyCompatability](./values.yaml#L351) | bool | Enable proxy compatibility | `true` | | [controller.csrf.defaultCrumbIssuer.proxyCompatability](./values.yaml#L350) | bool | Enable proxy compatibility | `true` |
| [controller.customInitContainers](./values.yaml#L551) | list | Custom init-container specification in raw-yaml format | `[]` | | [controller.customInitContainers](./values.yaml#L550) | list | Custom init-container specification in raw-yaml format | `[]` |
| [controller.customJenkinsLabels](./values.yaml#L68) | list | Append Jenkins labels to the controller | `[]` | | [controller.customJenkinsLabels](./values.yaml#L68) | list | Append Jenkins labels to the controller | `[]` |
| [controller.disableRememberMe](./values.yaml#L59) | bool | Disable use of remember me | `false` | | [controller.disableRememberMe](./values.yaml#L59) | bool | Disable use of remember me | `false` |
| [controller.disabledAgentProtocols](./values.yaml#L343) | list | Disabled agent protocols | `["JNLP-connect","JNLP2-connect"]` | | [controller.disabledAgentProtocols](./values.yaml#L342) | list | Disabled agent protocols | `["JNLP-connect","JNLP2-connect"]` |
| [controller.enableRawHtmlMarkupFormatter](./values.yaml#L439) | bool | Enable HTML parsing using OWASP Markup Formatter Plugin (antisamy-markup-formatter) | `false` | | [controller.enableRawHtmlMarkupFormatter](./values.yaml#L438) | bool | Enable HTML parsing using OWASP Markup Formatter Plugin (antisamy-markup-formatter) | `false` |
| [controller.enableServiceLinks](./values.yaml#L130) | bool | | `false` | | [controller.enableServiceLinks](./values.yaml#L129) | bool | | `false` |
| [controller.executorMode](./values.yaml#L65) | string | Sets the executor mode of the Jenkins node. Possible values are "NORMAL" or "EXCLUSIVE" | `"NORMAL"` | | [controller.executorMode](./values.yaml#L65) | string | Sets the executor mode of the Jenkins node. Possible values are "NORMAL" or "EXCLUSIVE" | `"NORMAL"` |
| [controller.existingSecret](./values.yaml#L466) | string | | `nil` | | [controller.existingSecret](./values.yaml#L465) | string | | `nil` |
| [controller.extraPorts](./values.yaml#L398) | list | Optionally configure other ports to expose in the controller container | `[]` | | [controller.extraPorts](./values.yaml#L397) | list | Optionally configure other ports to expose in the controller container | `[]` |
| [controller.fsGroup](./values.yaml#L192) | int | Deprecated in favor of `controller.podSecurityContextOverride`. uid that will be used for persistent volume. | `1000` | | [controller.fsGroup](./values.yaml#L191) | int | Deprecated in favor of `controller.podSecurityContextOverride`. uid that will be used for persistent volume. | `1000` |
| [controller.googlePodMonitor.enabled](./values.yaml#L836) | bool | | `false` | | [controller.googlePodMonitor.enabled](./values.yaml#L838) | bool | | `false` |
| [controller.googlePodMonitor.scrapeEndpoint](./values.yaml#L841) | string | | `"/prometheus"` | | [controller.googlePodMonitor.scrapeEndpoint](./values.yaml#L843) | string | | `"/prometheus"` |
| [controller.googlePodMonitor.scrapeInterval](./values.yaml#L839) | string | | `"60s"` | | [controller.googlePodMonitor.scrapeInterval](./values.yaml#L841) | string | | `"60s"` |
| [controller.healthProbes](./values.yaml#L258) | bool | Enable Kubernetes Probes configuration configured in `controller.probes` | `true` | | [controller.healthProbes](./values.yaml#L257) | bool | Enable Kubernetes Probes configuration configured in `controller.probes` | `true` |
| [controller.hostAliases](./values.yaml#L789) | list | Allows for adding entries to Pod /etc/hosts | `[]` | | [controller.hostAliases](./values.yaml#L791) | list | Allows for adding entries to Pod /etc/hosts | `[]` |
| [controller.hostNetworking](./values.yaml#L70) | bool | | `false` | | [controller.hostNetworking](./values.yaml#L70) | bool | | `false` |
| [controller.httpsKeyStore.disableSecretMount](./values.yaml#L857) | bool | | `false` | | [controller.httpsKeyStore.disableSecretMount](./values.yaml#L859) | bool | | `false` |
| [controller.httpsKeyStore.enable](./values.yaml#L848) | bool | Enables HTTPS keystore on jenkins controller | `false` | | [controller.httpsKeyStore.enable](./values.yaml#L850) | bool | Enables HTTPS keystore on jenkins controller | `false` |
| [controller.httpsKeyStore.fileName](./values.yaml#L865) | string | Jenkins keystore filename which will appear under controller.httpsKeyStore.path | `"keystore.jks"` | | [controller.httpsKeyStore.fileName](./values.yaml#L867) | string | Jenkins keystore filename which will appear under controller.httpsKeyStore.path | `"keystore.jks"` |
| [controller.httpsKeyStore.httpPort](./values.yaml#L861) | int | HTTP Port that Jenkins should listen to along with HTTPS, it also serves as the liveness and readiness probes port. | `8081` | | [controller.httpsKeyStore.httpPort](./values.yaml#L863) | int | HTTP Port that Jenkins should listen to along with HTTPS, it also serves as the liveness and readiness probes port. | `8081` |
| [controller.httpsKeyStore.jenkinsHttpsJksPasswordSecretKey](./values.yaml#L856) | string | Name of the key in the secret that contains the JKS password | `"https-jks-password"` | | [controller.httpsKeyStore.jenkinsHttpsJksPasswordSecretKey](./values.yaml#L858) | string | Name of the key in the secret that contains the JKS password | `"https-jks-password"` |
| [controller.httpsKeyStore.jenkinsHttpsJksPasswordSecretName](./values.yaml#L854) | string | Name of the secret that contains the JKS password, if it is not in the same secret as the JKS file | `""` | | [controller.httpsKeyStore.jenkinsHttpsJksPasswordSecretName](./values.yaml#L856) | string | Name of the secret that contains the JKS password, if it is not in the same secret as the JKS file | `""` |
| [controller.httpsKeyStore.jenkinsHttpsJksSecretKey](./values.yaml#L852) | string | Name of the key in the secret that already has ssl keystore | `"jenkins-jks-file"` | | [controller.httpsKeyStore.jenkinsHttpsJksSecretKey](./values.yaml#L854) | string | Name of the key in the secret that already has ssl keystore | `"jenkins-jks-file"` |
| [controller.httpsKeyStore.jenkinsHttpsJksSecretName](./values.yaml#L850) | string | Name of the secret that already has ssl keystore | `""` | | [controller.httpsKeyStore.jenkinsHttpsJksSecretName](./values.yaml#L852) | string | Name of the secret that already has ssl keystore | `""` |
| [controller.httpsKeyStore.jenkinsKeyStoreBase64Encoded](./values.yaml#L870) | string | Base64 encoded Keystore content. Keystore must be converted to base64 then being pasted here | `nil` | | [controller.httpsKeyStore.jenkinsKeyStoreBase64Encoded](./values.yaml#L872) | string | Base64 encoded Keystore content. Keystore must be converted to base64 then being pasted here | `nil` |
| [controller.httpsKeyStore.password](./values.yaml#L867) | string | Jenkins keystore password | `"password"` | | [controller.httpsKeyStore.password](./values.yaml#L869) | string | Jenkins keystore password | `"password"` |
| [controller.httpsKeyStore.path](./values.yaml#L863) | string | Path of HTTPS keystore file | `"/var/jenkins_keystore"` | | [controller.httpsKeyStore.path](./values.yaml#L865) | string | Path of HTTPS keystore file | `"/var/jenkins_keystore"` |
| [controller.image.pullPolicy](./values.yaml#L47) | string | Controller image pull policy | `"Always"` | | [controller.image.pullPolicy](./values.yaml#L47) | string | Controller image pull policy | `"Always"` |
| [controller.image.registry](./values.yaml#L37) | string | Controller image registry | `"docker.io"` | | [controller.image.registry](./values.yaml#L37) | string | Controller image registry | `"docker.io"` |
| [controller.image.repository](./values.yaml#L39) | string | Controller image repository | `"jenkins/jenkins"` | | [controller.image.repository](./values.yaml#L39) | string | Controller image repository | `"jenkins/jenkins"` |
| [controller.image.tag](./values.yaml#L42) | string | Controller image tag override; i.e., tag: "2.440.1-jdk17" | `nil` | | [controller.image.tag](./values.yaml#L42) | string | Controller image tag override; i.e., tag: "2.440.1-jdk21" | `nil` |
| [controller.image.tagLabel](./values.yaml#L45) | string | Controller image tag label | `"jdk17"` | | [controller.image.tagLabel](./values.yaml#L45) | string | Controller image tag label | `"jdk21"` |
| [controller.imagePullSecretName](./values.yaml#L49) | string | Controller image pull secret | `nil` | | [controller.imagePullSecretName](./values.yaml#L49) | string | Controller image pull secret | `nil` |
| [controller.ingress.annotations](./values.yaml#L712) | object | Ingress annotations | `{}` | | [controller.ingress.annotations](./values.yaml#L713) | object | Ingress annotations | `{}` |
| [controller.ingress.apiVersion](./values.yaml#L708) | string | Ingress API version | `"extensions/v1beta1"` | | [controller.ingress.apiVersion](./values.yaml#L709) | string | Ingress API version | `"extensions/v1beta1"` |
| [controller.ingress.enabled](./values.yaml#L691) | bool | Enables ingress | `false` | | [controller.ingress.enabled](./values.yaml#L692) | bool | Enables ingress | `false` |
| [controller.ingress.hostName](./values.yaml#L725) | string | Ingress hostname | `nil` | | [controller.ingress.hostName](./values.yaml#L727) | string | Ingress hostname | `nil` |
| [controller.ingress.labels](./values.yaml#L710) | object | Ingress labels | `{}` | | [controller.ingress.labels](./values.yaml#L711) | object | Ingress labels | `{}` |
| [controller.ingress.path](./values.yaml#L721) | string | Ingress path | `nil` | | [controller.ingress.path](./values.yaml#L723) | string | Ingress path | `nil` |
| [controller.ingress.paths](./values.yaml#L695) | list | Override for the default Ingress paths | `[]` | | [controller.ingress.paths](./values.yaml#L696) | list | Override for the default Ingress paths | `[]` |
| [controller.ingress.resourceRootUrl](./values.yaml#L727) | string | Hostname to serve assets from | `nil` | | [controller.ingress.resourceRootUrl](./values.yaml#L729) | string | Hostname to serve assets from | `nil` |
| [controller.ingress.tls](./values.yaml#L729) | list | Ingress TLS configuration | `[]` | | [controller.ingress.tls](./values.yaml#L731) | list | Ingress TLS configuration | `[]` |
| [controller.initConfigMap](./values.yaml#L456) | string | Name of the existing ConfigMap that contains init scripts | `nil` | | [controller.initConfigMap](./values.yaml#L455) | string | Name of the existing ConfigMap that contains init scripts | `nil` |
| [controller.initContainerEnv](./values.yaml#L147) | list | Environment variables for Init Container | `[]` | | [controller.initContainerEnv](./values.yaml#L146) | list | Environment variables for Init Container | `[]` |
| [controller.initContainerEnvFrom](./values.yaml#L143) | list | Environment variable sources for Init Container | `[]` | | [controller.initContainerEnvFrom](./values.yaml#L142) | list | Environment variable sources for Init Container | `[]` |
| [controller.initContainerResources](./values.yaml#L134) | object | Resources allocation (Requests and Limits) for Init Container | `{}` | | [controller.initContainerResources](./values.yaml#L133) | object | Resources allocation (Requests and Limits) for Init Container | `{}` |
| [controller.initScripts](./values.yaml#L452) | object | Map of groovy init scripts to be executed during Jenkins controller start | `{}` | | [controller.initScripts](./values.yaml#L451) | object | Map of groovy init scripts to be executed during Jenkins controller start | `{}` |
| [controller.initializeOnce](./values.yaml#L424) | bool | Initialize only on first installation. Ensures plugins do not get updated inadvertently. Requires `persistence.enabled` to be set to `true` | `false` | | [controller.initializeOnce](./values.yaml#L423) | bool | Initialize only on first installation. Ensures plugins do not get updated inadvertently. Requires `persistence.enabled` to be set to `true` | `false` |
| [controller.installLatestPlugins](./values.yaml#L413) | bool | Download the minimum required version or latest version of all dependencies | `true` | | [controller.installLatestPlugins](./values.yaml#L412) | bool | Download the minimum required version or latest version of all dependencies | `true` |
| [controller.installLatestSpecifiedPlugins](./values.yaml#L416) | bool | Set to true to download the latest version of any plugin that is requested to have the latest version | `false` | | [controller.installLatestSpecifiedPlugins](./values.yaml#L415) | bool | Set to true to download the latest version of any plugin that is requested to have the latest version | `false` |
| [controller.installPlugins](./values.yaml#L405) | list | List of Jenkins plugins to install. If you don't want to install plugins, set it to `false` | `["kubernetes:4314.v5b_846cf499eb_","workflow-aggregator:600.vb_57cdd26fdd7","git:5.7.0","configuration-as-code:1932.v75cb_b_f1b_698d"]` | | [controller.installPlugins](./values.yaml#L404) | list | List of Jenkins plugins to install. If you don't want to install plugins, set it to `false` | `["kubernetes:4340.v345364d31a_2a_","workflow-aggregator:608.v67378e9d3db_1","git:5.7.0","configuration-as-code:1967.va_968e15fd05b_"]` |
| [controller.javaOpts](./values.yaml#L162) | string | Append to `JAVA_OPTS` env var | `nil` | | [controller.javaOpts](./values.yaml#L161) | string | Append to `JAVA_OPTS` env var | `nil` |
| [controller.jenkinsAdminEmail](./values.yaml#L96) | string | Email address for the administrator of the Jenkins instance | `nil` | | [controller.jenkinsAdminEmail](./values.yaml#L95) | string | Email address for the administrator of the Jenkins instance | `nil` |
| [controller.jenkinsHome](./values.yaml#L101) | string | Custom Jenkins home path | `"/var/jenkins_home"` | | [controller.jenkinsHome](./values.yaml#L100) | string | Custom Jenkins home path | `"/var/jenkins_home"` |
| [controller.jenkinsOpts](./values.yaml#L164) | string | Append to `JENKINS_OPTS` env var | `nil` | | [controller.jenkinsOpts](./values.yaml#L163) | string | Append to `JENKINS_OPTS` env var | `nil` |
| [controller.jenkinsRef](./values.yaml#L106) | string | Custom Jenkins reference path | `"/usr/share/jenkins/ref"` | | [controller.jenkinsRef](./values.yaml#L105) | string | Custom Jenkins reference path | `"/usr/share/jenkins/ref"` |
| [controller.jenkinsUriPrefix](./values.yaml#L179) | string | Root URI Jenkins will be served on | `nil` | | [controller.jenkinsUriPrefix](./values.yaml#L178) | string | Root URI Jenkins will be served on | `nil` |
| [controller.jenkinsUrl](./values.yaml#L174) | string | Set Jenkins URL if you are not using the ingress definitions provided by the chart | `nil` | | [controller.jenkinsUrl](./values.yaml#L173) | string | Set Jenkins URL if you are not using the ingress definitions provided by the chart | `nil` |
| [controller.jenkinsUrlProtocol](./values.yaml#L171) | string | Set protocol for Jenkins URL; `https` if `controller.ingress.tls`, `http` otherwise | `nil` | | [controller.jenkinsUrlProtocol](./values.yaml#L170) | string | Set protocol for Jenkins URL; `https` if `controller.ingress.tls`, `http` otherwise | `nil` |
| [controller.jenkinsWar](./values.yaml#L109) | string | | `"/usr/share/jenkins/jenkins.war"` | | [controller.jenkinsWar](./values.yaml#L108) | string | | `"/usr/share/jenkins/jenkins.war"` |
| [controller.jmxPort](./values.yaml#L395) | string | Open a port, for JMX stats | `nil` | | [controller.jmxPort](./values.yaml#L394) | string | Open a port, for JMX stats | `nil` |
| [controller.legacyRemotingSecurityEnabled](./values.yaml#L371) | bool | Whether legacy remoting security should be enabled | `false` | | [controller.legacyRemotingSecurityEnabled](./values.yaml#L370) | bool | Whether legacy remoting security should be enabled | `false` |
| [controller.lifecycle](./values.yaml#L51) | object | Lifecycle specification for controller-container | `{}` | | [controller.lifecycle](./values.yaml#L51) | object | Lifecycle specification for controller-container | `{}` |
| [controller.loadBalancerIP](./values.yaml#L386) | string | Optionally assign a known public LB IP | `nil` | | [controller.loadBalancerIP](./values.yaml#L385) | string | Optionally assign a known public LB IP | `nil` |
| [controller.loadBalancerSourceRanges](./values.yaml#L382) | list | Allowed inbound IP addresses | `["0.0.0.0/0"]` | | [controller.loadBalancerSourceRanges](./values.yaml#L381) | list | Allowed inbound IP addresses | `["0.0.0.0/0"]` |
| [controller.markupFormatter](./values.yaml#L443) | string | Yaml of the markup formatter to use | `"plainText"` | | [controller.markupFormatter](./values.yaml#L442) | string | Yaml of the markup formatter to use | `"plainText"` |
| [controller.nodePort](./values.yaml#L229) | string | k8s node port. Only used if serviceType is NodePort | `nil` | | [controller.nodePort](./values.yaml#L228) | string | k8s node port. Only used if serviceType is NodePort | `nil` |
| [controller.nodeSelector](./values.yaml#L657) | object | Node labels for pod assignment | `{}` | | [controller.nodeSelector](./values.yaml#L658) | object | Node labels for pod assignment | `{}` |
| [controller.numExecutors](./values.yaml#L62) | int | Set Number of executors | `0` | | [controller.numExecutors](./values.yaml#L62) | int | Set Number of executors | `0` |
| [controller.overwritePlugins](./values.yaml#L428) | bool | Overwrite installed plugins on start | `false` | | [controller.overwritePlugins](./values.yaml#L427) | bool | Overwrite installed plugins on start | `false` |
| [controller.overwritePluginsFromImage](./values.yaml#L432) | bool | Overwrite plugins that are already installed in the controller image | `true` | | [controller.overwritePluginsFromImage](./values.yaml#L431) | bool | Overwrite plugins that are already installed in the controller image | `true` |
| [controller.podAnnotations](./values.yaml#L678) | object | Annotations for controller pod | `{}` | | [controller.podAnnotations](./values.yaml#L679) | object | Annotations for controller pod | `{}` |
| [controller.podDisruptionBudget.annotations](./values.yaml#L322) | object | | `{}` | | [controller.podDisruptionBudget.annotations](./values.yaml#L321) | object | | `{}` |
| [controller.podDisruptionBudget.apiVersion](./values.yaml#L320) | string | Policy API version | `"policy/v1beta1"` | | [controller.podDisruptionBudget.apiVersion](./values.yaml#L319) | string | Policy API version | `"policy/v1beta1"` |
| [controller.podDisruptionBudget.enabled](./values.yaml#L315) | bool | Enable Kubernetes Pod Disruption Budget configuration | `false` | | [controller.podDisruptionBudget.enabled](./values.yaml#L314) | bool | Enable Kubernetes Pod Disruption Budget configuration | `false` |
| [controller.podDisruptionBudget.labels](./values.yaml#L323) | object | | `{}` | | [controller.podDisruptionBudget.labels](./values.yaml#L322) | object | | `{}` |
| [controller.podDisruptionBudget.maxUnavailable](./values.yaml#L325) | string | Number of pods that can be unavailable. Either an absolute number or a percentage | `"0"` | | [controller.podDisruptionBudget.maxUnavailable](./values.yaml#L324) | string | Number of pods that can be unavailable. Either an absolute number or a percentage | `"0"` |
| [controller.podLabels](./values.yaml#L251) | object | Custom Pod labels (an object with `label-key: label-value` pairs) | `{}` | | [controller.podLabels](./values.yaml#L250) | object | Custom Pod labels (an object with `label-key: label-value` pairs) | `{}` |
| [controller.podSecurityContextOverride](./values.yaml#L208) | string | Completely overwrites the contents of the pod security context, ignoring the values provided for `runAsUser`, `fsGroup`, and `securityContextCapabilities` | `nil` | | [controller.podSecurityContextOverride](./values.yaml#L207) | string | Completely overwrites the contents of the pod security context, ignoring the values provided for `runAsUser`, `fsGroup`, and `securityContextCapabilities` | `nil` |
| [controller.priorityClassName](./values.yaml#L675) | string | The name of a `priorityClass` to apply to the controller pod | `nil` | | [controller.priorityClassName](./values.yaml#L676) | string | The name of a `priorityClass` to apply to the controller pod | `nil` |
| [controller.probes.livenessProbe.failureThreshold](./values.yaml#L276) | int | Set the failure threshold for the liveness probe | `5` | | [controller.probes.livenessProbe.failureThreshold](./values.yaml#L275) | int | Set the failure threshold for the liveness probe | `5` |
| [controller.probes.livenessProbe.httpGet.path](./values.yaml#L279) | string | Set the Pod's HTTP path for the liveness probe | `"{{ default \"\" .Values.controller.jenkinsUriPrefix }}/login"` | | [controller.probes.livenessProbe.httpGet.path](./values.yaml#L278) | string | Set the Pod's HTTP path for the liveness probe | `"{{ default \"\" .Values.controller.jenkinsUriPrefix }}/login"` |
| [controller.probes.livenessProbe.httpGet.port](./values.yaml#L281) | string | Set the Pod's HTTP port to use for the liveness probe | `"http"` | | [controller.probes.livenessProbe.httpGet.port](./values.yaml#L280) | string | Set the Pod's HTTP port to use for the liveness probe | `"http"` |
| [controller.probes.livenessProbe.initialDelaySeconds](./values.yaml#L290) | string | Set the initial delay for the liveness probe in seconds | `nil` | | [controller.probes.livenessProbe.initialDelaySeconds](./values.yaml#L289) | string | Set the initial delay for the liveness probe in seconds | `nil` |
| [controller.probes.livenessProbe.periodSeconds](./values.yaml#L283) | int | Set the time interval between two liveness probes executions in seconds | `10` | | [controller.probes.livenessProbe.periodSeconds](./values.yaml#L282) | int | Set the time interval between two liveness probes executions in seconds | `10` |
| [controller.probes.livenessProbe.timeoutSeconds](./values.yaml#L285) | int | Set the timeout for the liveness probe in seconds | `5` | | [controller.probes.livenessProbe.timeoutSeconds](./values.yaml#L284) | int | Set the timeout for the liveness probe in seconds | `5` |
| [controller.probes.readinessProbe.failureThreshold](./values.yaml#L294) | int | Set the failure threshold for the readiness probe | `3` | | [controller.probes.readinessProbe.failureThreshold](./values.yaml#L293) | int | Set the failure threshold for the readiness probe | `3` |
| [controller.probes.readinessProbe.httpGet.path](./values.yaml#L297) | string | Set the Pod's HTTP path for the liveness probe | `"{{ default \"\" .Values.controller.jenkinsUriPrefix }}/login"` | | [controller.probes.readinessProbe.httpGet.path](./values.yaml#L296) | string | Set the Pod's HTTP path for the liveness probe | `"{{ default \"\" .Values.controller.jenkinsUriPrefix }}/login"` |
| [controller.probes.readinessProbe.httpGet.port](./values.yaml#L299) | string | Set the Pod's HTTP port to use for the readiness probe | `"http"` | | [controller.probes.readinessProbe.httpGet.port](./values.yaml#L298) | string | Set the Pod's HTTP port to use for the readiness probe | `"http"` |
| [controller.probes.readinessProbe.initialDelaySeconds](./values.yaml#L308) | string | Set the initial delay for the readiness probe in seconds | `nil` | | [controller.probes.readinessProbe.initialDelaySeconds](./values.yaml#L307) | string | Set the initial delay for the readiness probe in seconds | `nil` |
| [controller.probes.readinessProbe.periodSeconds](./values.yaml#L301) | int | Set the time interval between two readiness probes executions in seconds | `10` | | [controller.probes.readinessProbe.periodSeconds](./values.yaml#L300) | int | Set the time interval between two readiness probes executions in seconds | `10` |
| [controller.probes.readinessProbe.timeoutSeconds](./values.yaml#L303) | int | Set the timeout for the readiness probe in seconds | `5` | | [controller.probes.readinessProbe.timeoutSeconds](./values.yaml#L302) | int | Set the timeout for the readiness probe in seconds | `5` |
| [controller.probes.startupProbe.failureThreshold](./values.yaml#L263) | int | Set the failure threshold for the startup probe | `12` | | [controller.probes.startupProbe.failureThreshold](./values.yaml#L262) | int | Set the failure threshold for the startup probe | `12` |
| [controller.probes.startupProbe.httpGet.path](./values.yaml#L266) | string | Set the Pod's HTTP path for the startup probe | `"{{ default \"\" .Values.controller.jenkinsUriPrefix }}/login"` | | [controller.probes.startupProbe.httpGet.path](./values.yaml#L265) | string | Set the Pod's HTTP path for the startup probe | `"{{ default \"\" .Values.controller.jenkinsUriPrefix }}/login"` |
| [controller.probes.startupProbe.httpGet.port](./values.yaml#L268) | string | Set the Pod's HTTP port to use for the startup probe | `"http"` | | [controller.probes.startupProbe.httpGet.port](./values.yaml#L267) | string | Set the Pod's HTTP port to use for the startup probe | `"http"` |
| [controller.probes.startupProbe.periodSeconds](./values.yaml#L270) | int | Set the time interval between two startup probes executions in seconds | `10` | | [controller.probes.startupProbe.periodSeconds](./values.yaml#L269) | int | Set the time interval between two startup probes executions in seconds | `10` |
| [controller.probes.startupProbe.timeoutSeconds](./values.yaml#L272) | int | Set the timeout for the startup probe in seconds | `5` | | [controller.probes.startupProbe.timeoutSeconds](./values.yaml#L271) | int | Set the timeout for the startup probe in seconds | `5` |
| [controller.projectNamingStrategy](./values.yaml#L435) | string | | `"standard"` | | [controller.projectNamingStrategy](./values.yaml#L434) | string | | `"standard"` |
| [controller.prometheus.alertingRulesAdditionalLabels](./values.yaml#L822) | object | Additional labels to add to the PrometheusRule object | `{}` | | [controller.prometheus.alertingRulesAdditionalLabels](./values.yaml#L824) | object | Additional labels to add to the PrometheusRule object | `{}` |
| [controller.prometheus.alertingrules](./values.yaml#L820) | list | Array of prometheus alerting rules | `[]` | | [controller.prometheus.alertingrules](./values.yaml#L822) | list | Array of prometheus alerting rules | `[]` |
| [controller.prometheus.enabled](./values.yaml#L805) | bool | Enables prometheus service monitor | `false` | | [controller.prometheus.enabled](./values.yaml#L807) | bool | Enables prometheus service monitor | `false` |
| [controller.prometheus.metricRelabelings](./values.yaml#L832) | list | | `[]` | | [controller.prometheus.metricRelabelings](./values.yaml#L834) | list | | `[]` |
| [controller.prometheus.prometheusRuleNamespace](./values.yaml#L824) | string | Set a custom namespace where to deploy PrometheusRule resource | `""` | | [controller.prometheus.prometheusRuleNamespace](./values.yaml#L826) | string | Set a custom namespace where to deploy PrometheusRule resource | `""` |
| [controller.prometheus.relabelings](./values.yaml#L830) | list | | `[]` | | [controller.prometheus.relabelings](./values.yaml#L832) | list | | `[]` |
| [controller.prometheus.scrapeEndpoint](./values.yaml#L815) | string | The endpoint prometheus should get metrics from | `"/prometheus"` | | [controller.prometheus.scrapeEndpoint](./values.yaml#L817) | string | The endpoint prometheus should get metrics from | `"/prometheus"` |
| [controller.prometheus.scrapeInterval](./values.yaml#L811) | string | How often prometheus should scrape metrics | `"60s"` | | [controller.prometheus.scrapeInterval](./values.yaml#L813) | string | How often prometheus should scrape metrics | `"60s"` |
| [controller.prometheus.serviceMonitorAdditionalLabels](./values.yaml#L807) | object | Additional labels to add to the service monitor object | `{}` | | [controller.prometheus.serviceMonitorAdditionalLabels](./values.yaml#L809) | object | Additional labels to add to the service monitor object | `{}` |
| [controller.prometheus.serviceMonitorNamespace](./values.yaml#L809) | string | Set a custom namespace where to deploy ServiceMonitor resource | `nil` | | [controller.prometheus.serviceMonitorNamespace](./values.yaml#L811) | string | Set a custom namespace where to deploy ServiceMonitor resource | `nil` |
| [controller.publishNotReadyAddresses](./values.yaml#L237) | string | | `nil` | | [controller.publishNotReadyAddresses](./values.yaml#L236) | string | | `nil` |
| [controller.resources](./values.yaml#L115) | object | Resource allocation (Requests and Limits) | `{"limits":{"cpu":"2000m","memory":"4096Mi"},"requests":{"cpu":"50m","memory":"256Mi"}}` | | [controller.resources](./values.yaml#L114) | object | Resource allocation (Requests and Limits) | `{"limits":{"cpu":"2000m","memory":"4096Mi"},"requests":{"cpu":"50m","memory":"256Mi"}}` |
| [controller.route.annotations](./values.yaml#L784) | object | Route annotations | `{}` | | [controller.route.annotations](./values.yaml#L786) | object | Route annotations | `{}` |
| [controller.route.enabled](./values.yaml#L780) | bool | Enables openshift route | `false` | | [controller.route.enabled](./values.yaml#L782) | bool | Enables openshift route | `false` |
| [controller.route.labels](./values.yaml#L782) | object | Route labels | `{}` | | [controller.route.labels](./values.yaml#L784) | object | Route labels | `{}` |
| [controller.route.path](./values.yaml#L786) | string | Route path | `nil` | | [controller.route.path](./values.yaml#L788) | string | Route path | `nil` |
| [controller.runAsUser](./values.yaml#L189) | int | Deprecated in favor of `controller.podSecurityContextOverride`. uid that jenkins runs with. | `1000` | | [controller.runAsUser](./values.yaml#L188) | int | Deprecated in favor of `controller.podSecurityContextOverride`. uid that jenkins runs with. | `1000` |
| [controller.schedulerName](./values.yaml#L653) | string | Name of the Kubernetes scheduler to use | `""` | | [controller.schedulerName](./values.yaml#L654) | string | Name of the Kubernetes scheduler to use | `""` |
| [controller.scriptApproval](./values.yaml#L447) | list | List of groovy functions to approve | `[]` | | [controller.scriptApproval](./values.yaml#L446) | list | List of groovy functions to approve | `[]` |
| [controller.secondaryingress.annotations](./values.yaml#L747) | object | | `{}` | | [controller.secondaryingress.annotations](./values.yaml#L749) | object | | `{}` |
| [controller.secondaryingress.apiVersion](./values.yaml#L745) | string | | `"extensions/v1beta1"` | | [controller.secondaryingress.apiVersion](./values.yaml#L747) | string | | `"extensions/v1beta1"` |
| [controller.secondaryingress.enabled](./values.yaml#L739) | bool | | `false` | | [controller.secondaryingress.enabled](./values.yaml#L741) | bool | | `false` |
| [controller.secondaryingress.hostName](./values.yaml#L754) | string | | `nil` | | [controller.secondaryingress.hostName](./values.yaml#L756) | string | | `nil` |
| [controller.secondaryingress.labels](./values.yaml#L746) | object | | `{}` | | [controller.secondaryingress.labels](./values.yaml#L748) | object | | `{}` |
| [controller.secondaryingress.paths](./values.yaml#L742) | list | | `[]` | | [controller.secondaryingress.paths](./values.yaml#L744) | list | | `[]` |
| [controller.secondaryingress.tls](./values.yaml#L755) | string | | `nil` | | [controller.secondaryingress.tls](./values.yaml#L757) | string | | `nil` |
| [controller.secretClaims](./values.yaml#L490) | list | List of `SecretClaim` resources to create | `[]` | | [controller.secretClaims](./values.yaml#L489) | list | List of `SecretClaim` resources to create | `[]` |
| [controller.securityContextCapabilities](./values.yaml#L198) | object | | `{}` | | [controller.securityContextCapabilities](./values.yaml#L197) | object | | `{}` |
| [controller.serviceAnnotations](./values.yaml#L240) | object | Jenkins controller service annotations | `{}` | | [controller.serviceAnnotations](./values.yaml#L239) | object | Jenkins controller service annotations | `{}` |
| [controller.serviceExternalTrafficPolicy](./values.yaml#L233) | string | | `nil` | | [controller.serviceExternalTrafficPolicy](./values.yaml#L232) | string | | `nil` |
| [controller.serviceLabels](./values.yaml#L246) | object | Labels for the Jenkins controller-service | `{}` | | [controller.serviceLabels](./values.yaml#L245) | object | Labels for the Jenkins controller-service | `{}` |
| [controller.servicePort](./values.yaml#L225) | int | k8s service port | `8080` | | [controller.servicePort](./values.yaml#L224) | int | k8s service port | `8080` |
| [controller.serviceType](./values.yaml#L220) | string | k8s service type | `"ClusterIP"` | | [controller.serviceType](./values.yaml#L219) | string | k8s service type | `"ClusterIP"` |
| [controller.shareProcessNamespace](./values.yaml#L124) | bool | | `false` | | [controller.shareProcessNamespace](./values.yaml#L123) | bool | | `false` |
| [controller.sidecars.additionalSidecarContainers](./values.yaml#L635) | list | Configures additional sidecar container(s) for the Jenkins controller | `[]` | | [controller.sidecars.additionalSidecarContainers](./values.yaml#L636) | list | Configures additional sidecar container(s) for the Jenkins controller | `[]` |
| [controller.sidecars.configAutoReload.additionalVolumeMounts](./values.yaml#L581) | list | Enables additional volume mounts for the config auto-reload container | `[]` | | [controller.sidecars.configAutoReload.additionalVolumeMounts](./values.yaml#L581) | list | Enables additional volume mounts for the config auto-reload container | `[]` |
| [controller.sidecars.configAutoReload.containerSecurityContext](./values.yaml#L630) | object | Enable container security context | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true}` | | [controller.sidecars.configAutoReload.containerSecurityContext](./values.yaml#L631) | object | Enable container security context | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true}` |
| [controller.sidecars.configAutoReload.enabled](./values.yaml#L564) | bool | Enables Jenkins Config as Code auto-reload | `true` | | [controller.sidecars.configAutoReload.enabled](./values.yaml#L563) | bool | Enable Jenkins Config as Code auto-reload | `true` |
| [controller.sidecars.configAutoReload.env](./values.yaml#L612) | object | Environment variables for the Jenkins Config as Code auto-reload container | `{}` | | [controller.sidecars.configAutoReload.env](./values.yaml#L613) | list | Environment variables for the Jenkins Config as Code auto-reload container | `[]` |
| [controller.sidecars.configAutoReload.envFrom](./values.yaml#L610) | list | Environment variable sources for the Jenkins Config as Code auto-reload container | `[]` | | [controller.sidecars.configAutoReload.envFrom](./values.yaml#L611) | list | Environment variable sources for the Jenkins Config as Code auto-reload container | `[]` |
| [controller.sidecars.configAutoReload.folder](./values.yaml#L623) | string | | `"/var/jenkins_home/casc_configs"` | | [controller.sidecars.configAutoReload.folder](./values.yaml#L624) | string | | `"/var/jenkins_home/casc_configs"` |
| [controller.sidecars.configAutoReload.image.registry](./values.yaml#L567) | string | Registry for the image that triggers the reload | `"docker.io"` | | [controller.sidecars.configAutoReload.image.registry](./values.yaml#L566) | string | Registry for the image that triggers the reload | `"docker.io"` |
| [controller.sidecars.configAutoReload.image.repository](./values.yaml#L569) | string | Repository of the image that triggers the reload | `"kiwigrid/k8s-sidecar"` | | [controller.sidecars.configAutoReload.image.repository](./values.yaml#L568) | string | Repository of the image that triggers the reload | `"kiwigrid/k8s-sidecar"` |
| [controller.sidecars.configAutoReload.image.tag](./values.yaml#L571) | string | Tag for the image that triggers the reload | `"1.30.1"` | | [controller.sidecars.configAutoReload.image.tag](./values.yaml#L570) | string | Tag for the image that triggers the reload | `"1.30.3"` |
| [controller.sidecars.configAutoReload.imagePullPolicy](./values.yaml#L572) | string | | `"IfNotPresent"` | | [controller.sidecars.configAutoReload.imagePullPolicy](./values.yaml#L571) | string | | `"IfNotPresent"` |
| [controller.sidecars.configAutoReload.logging](./values.yaml#L587) | object | Config auto-reload logging settings | `{"configuration":{"backupCount":3,"formatter":"JSON","logLevel":"INFO","logToConsole":true,"logToFile":false,"maxBytes":1024,"override":false}}` | | [controller.sidecars.configAutoReload.logging](./values.yaml#L588) | object | Config auto-reload logging settings | `{"configuration":{"backupCount":3,"formatter":"JSON","logLevel":"INFO","logToConsole":true,"logToFile":false,"maxBytes":1024,"override":false}}` |
| [controller.sidecars.configAutoReload.logging.configuration.override](./values.yaml#L591) | bool | Enables custom log config utilizing using the settings below. | `false` | | [controller.sidecars.configAutoReload.logging.configuration.override](./values.yaml#L592) | bool | Enables custom log config utilizing using the settings below. | `false` |
| [controller.sidecars.configAutoReload.reqRetryConnect](./values.yaml#L605) | int | How many connection-related errors to retry on | `10` | | [controller.sidecars.configAutoReload.reqRetryConnect](./values.yaml#L606) | int | How many connection-related errors to retry on | `10` |
| [controller.sidecars.configAutoReload.resources](./values.yaml#L573) | object | | `{}` | | [controller.sidecars.configAutoReload.resources](./values.yaml#L572) | object | | `{}` |
| [controller.sidecars.configAutoReload.scheme](./values.yaml#L600) | string | The scheme to use when connecting to the Jenkins configuration as code endpoint | `"http"` | | [controller.sidecars.configAutoReload.scheme](./values.yaml#L601) | string | The scheme to use when connecting to the Jenkins configuration as code endpoint | `"http"` |
| [controller.sidecars.configAutoReload.skipTlsVerify](./values.yaml#L602) | bool | Skip TLS verification when connecting to the Jenkins configuration as code endpoint | `false` | | [controller.sidecars.configAutoReload.skipTlsVerify](./values.yaml#L603) | bool | Skip TLS verification when connecting to the Jenkins configuration as code endpoint | `false` |
| [controller.sidecars.configAutoReload.sleepTime](./values.yaml#L607) | string | How many seconds to wait before updating config-maps/secrets (sets METHOD=SLEEP on the sidecar) | `nil` | | [controller.sidecars.configAutoReload.sleepTime](./values.yaml#L608) | string | How many seconds to wait before updating config-maps/secrets (sets METHOD=SLEEP on the sidecar) | `nil` |
| [controller.sidecars.configAutoReload.sshTcpPort](./values.yaml#L621) | int | | `1044` | | [controller.sidecars.configAutoReload.sshTcpPort](./values.yaml#L622) | int | | `1044` |
| [controller.statefulSetAnnotations](./values.yaml#L680) | object | Annotations for controller StatefulSet | `{}` | | [controller.statefulSetAnnotations](./values.yaml#L681) | object | Annotations for controller StatefulSet | `{}` |
| [controller.statefulSetLabels](./values.yaml#L242) | object | Jenkins controller custom labels for the StatefulSet | `{}` | | [controller.statefulSetLabels](./values.yaml#L241) | object | Jenkins controller custom labels for the StatefulSet | `{}` |
| [controller.targetPort](./values.yaml#L227) | int | k8s target port | `8080` | | [controller.targetPort](./values.yaml#L226) | int | k8s target port | `8080` |
| [controller.terminationGracePeriodSeconds](./values.yaml#L663) | string | Set TerminationGracePeriodSeconds | `nil` | | [controller.terminationGracePeriodSeconds](./values.yaml#L664) | string | Set TerminationGracePeriodSeconds | `nil` |
| [controller.terminationMessagePath](./values.yaml#L665) | string | Set the termination message path | `nil` | | [controller.terminationMessagePath](./values.yaml#L666) | string | Set the termination message path | `nil` |
| [controller.terminationMessagePolicy](./values.yaml#L667) | string | Set the termination message policy | `nil` | | [controller.terminationMessagePolicy](./values.yaml#L668) | string | Set the termination message policy | `nil` |
| [controller.testEnabled](./values.yaml#L844) | bool | Can be used to disable rendering controller test resources when using helm template | `true` | | [controller.testEnabled](./values.yaml#L846) | bool | Can be used to disable rendering controller test resources when using helm template | `true` |
| [controller.tolerations](./values.yaml#L661) | list | Toleration labels for pod assignment | `[]` | | [controller.tolerations](./values.yaml#L662) | list | Toleration labels for pod assignment | `[]` |
| [controller.topologySpreadConstraints](./values.yaml#L687) | object | Topology spread constraints | `{}` | | [controller.topologySpreadConstraints](./values.yaml#L688) | object | Topology spread constraints | `{}` |
| [controller.updateStrategy](./values.yaml#L684) | object | Update strategy for StatefulSet | `{}` | | [controller.updateStrategy](./values.yaml#L685) | object | Update strategy for StatefulSet | `{}` |
| [controller.usePodSecurityContext](./values.yaml#L182) | bool | Enable pod security context (must be `true` if podSecurityContextOverride, runAsUser or fsGroup are set) | `true` | | [controller.usePodSecurityContext](./values.yaml#L181) | bool | Enable pod security context (must be `true` if podSecurityContextOverride, runAsUser or fsGroup are set) | `true` |
| [credentialsId](./values.yaml#L27) | string | The Jenkins credentials to access the Kubernetes API server. For the default cluster it is not needed. | `nil` | | [credentialsId](./values.yaml#L27) | string | The Jenkins credentials to access the Kubernetes API server. For the default cluster it is not needed. | `nil` |
| [fullnameOverride](./values.yaml#L13) | string | Override the full resource names | `jenkins-(release-name)` or `jenkins` if the release-name is `jenkins` | | [fullnameOverride](./values.yaml#L13) | string | Override the full resource names | `jenkins-(release-name)` or `jenkins` if the release-name is `jenkins` |
| [helmtest.bats.image.registry](./values.yaml#L1369) | string | Registry of the image used to test the framework | `"docker.io"` | | [helmtest.bats.image.registry](./values.yaml#L1373) | string | Registry of the image used to test the framework | `"docker.io"` |
| [helmtest.bats.image.repository](./values.yaml#L1371) | string | Repository of the image used to test the framework | `"bats/bats"` | | [helmtest.bats.image.repository](./values.yaml#L1375) | string | Repository of the image used to test the framework | `"bats/bats"` |
| [helmtest.bats.image.tag](./values.yaml#L1373) | string | Tag of the image to test the framework | `"1.11.1"` | | [helmtest.bats.image.tag](./values.yaml#L1377) | string | Tag of the image to test the framework | `"1.12.0"` |
| [kubernetesURL](./values.yaml#L24) | string | The URL of the Kubernetes API server | `"https://kubernetes.default"` | | [kubernetesURL](./values.yaml#L24) | string | The URL of the Kubernetes API server | `"https://kubernetes.default"` |
| [nameOverride](./values.yaml#L10) | string | Override the resource name prefix | `Chart.Name` | | [nameOverride](./values.yaml#L10) | string | Override the resource name prefix | `Chart.Name` |
| [namespaceOverride](./values.yaml#L16) | string | Override the deployment namespace | `Release.Namespace` | | [namespaceOverride](./values.yaml#L16) | string | Override the deployment namespace | `Release.Namespace` |
| [networkPolicy.apiVersion](./values.yaml#L1293) | string | NetworkPolicy ApiVersion | `"networking.k8s.io/v1"` | | [networkPolicy.apiVersion](./values.yaml#L1296) | string | NetworkPolicy ApiVersion | `"networking.k8s.io/v1"` |
| [networkPolicy.enabled](./values.yaml#L1288) | bool | Enable the creation of NetworkPolicy resources | `false` | | [networkPolicy.enabled](./values.yaml#L1291) | bool | Enable the creation of NetworkPolicy resources | `false` |
| [networkPolicy.externalAgents.except](./values.yaml#L1307) | list | A list of IP sub-ranges to be excluded from the allowlisted IP range | `[]` | | [networkPolicy.externalAgents.except](./values.yaml#L1311) | list | A list of IP sub-ranges to be excluded from the allowlisted IP range | `[]` |
| [networkPolicy.externalAgents.ipCIDR](./values.yaml#L1305) | string | The IP range from which external agents are allowed to connect to controller, i.e., 172.17.0.0/16 | `nil` | | [networkPolicy.externalAgents.ipCIDR](./values.yaml#L1309) | string | The IP range from which external agents are allowed to connect to controller, i.e., 172.17.0.0/16 | `nil` |
| [networkPolicy.internalAgents.allowed](./values.yaml#L1297) | bool | Allow internal agents (from the same cluster) to connect to controller. Agent pods will be filtered based on PodLabels | `true` | | [networkPolicy.internalAgents.allowed](./values.yaml#L1300) | bool | Allow internal agents (from the same cluster) to connect to controller. Agent pods will be filtered based on PodLabels | `true` |
| [networkPolicy.internalAgents.namespaceLabels](./values.yaml#L1301) | object | A map of labels (keys/values) that agents namespaces must have to be able to connect to controller | `{}` | | [networkPolicy.internalAgents.namespaceLabels](./values.yaml#L1304) | object | A map of labels (keys/values) that agents namespaces must have to be able to connect to controller | `{}` |
| [networkPolicy.internalAgents.podLabels](./values.yaml#L1299) | object | A map of labels (keys/values) that agent pods must have to be able to connect to controller | `{}` | | [networkPolicy.internalAgents.podLabels](./values.yaml#L1302) | object | A map of labels (keys/values) that agent pods must have to be able to connect to controller | `{}` |
| [persistence.accessMode](./values.yaml#L1263) | string | The PVC access mode | `"ReadWriteOnce"` | | [persistence.accessMode](./values.yaml#L1266) | string | The PVC access mode | `"ReadWriteOnce"` |
| [persistence.annotations](./values.yaml#L1259) | object | Annotations for the PVC | `{}` | | [persistence.annotations](./values.yaml#L1262) | object | Annotations for the PVC | `{}` |
| [persistence.dataSource](./values.yaml#L1269) | object | Existing data source to clone PVC from | `{}` | | [persistence.dataSource](./values.yaml#L1272) | object | Existing data source to clone PVC from | `{}` |
| [persistence.enabled](./values.yaml#L1243) | bool | Enable the use of a Jenkins PVC | `true` | | [persistence.enabled](./values.yaml#L1246) | bool | Enable the use of a Jenkins PVC | `true` |
| [persistence.existingClaim](./values.yaml#L1249) | string | Provide the name of a PVC | `nil` | | [persistence.existingClaim](./values.yaml#L1252) | string | Provide the name of a PVC | `nil` |
| [persistence.labels](./values.yaml#L1261) | object | Labels for the PVC | `{}` | | [persistence.labels](./values.yaml#L1264) | object | Labels for the PVC | `{}` |
| [persistence.mounts](./values.yaml#L1281) | list | Additional mounts | `[]` | | [persistence.mounts](./values.yaml#L1284) | list | Additional mounts | `[]` |
| [persistence.size](./values.yaml#L1265) | string | The size of the PVC | `"8Gi"` | | [persistence.size](./values.yaml#L1268) | string | The size of the PVC | `"8Gi"` |
| [persistence.storageClass](./values.yaml#L1257) | string | Storage class for the PVC | `nil` | | [persistence.storageClass](./values.yaml#L1260) | string | Storage class for the PVC | `nil` |
| [persistence.subPath](./values.yaml#L1274) | string | SubPath for jenkins-home mount | `nil` | | [persistence.subPath](./values.yaml#L1277) | string | SubPath for jenkins-home mount | `nil` |
| [persistence.volumes](./values.yaml#L1276) | list | Additional volumes | `[]` | | [persistence.volumes](./values.yaml#L1279) | list | Additional volumes | `[]` |
| [rbac.create](./values.yaml#L1313) | bool | Whether RBAC resources are created | `true` | | [rbac.create](./values.yaml#L1318) | bool | Whether RBAC resources are created | `true` |
| [rbac.readSecrets](./values.yaml#L1315) | bool | Whether the Jenkins service account should be able to read Kubernetes secrets | `false` | | [rbac.readSecrets](./values.yaml#L1320) | bool | Whether the Jenkins service account should be able to read Kubernetes secrets | `false` |
| [rbac.useOpenShiftNonRootSCC](./values.yaml#L1317) | bool | Whether the Jenkins service account should be able to use the OpenShift "nonroot" Security Context Constraints | `false` | | [rbac.useOpenShiftNonRootSCC](./values.yaml#L1322) | bool | Whether the Jenkins service account should be able to use the OpenShift "nonroot" Security Context Constraints | `false` |
| [renderHelmLabels](./values.yaml#L30) | bool | Enables rendering of the helm.sh/chart label to the annotations | `true` | | [renderHelmLabels](./values.yaml#L30) | bool | Enables rendering of the helm.sh/chart label to the annotations | `true` |
| [serviceAccount.annotations](./values.yaml#L1327) | object | Configures annotations for the ServiceAccount | `{}` | | [serviceAccount.annotations](./values.yaml#L1332) | object | Configures annotations for the ServiceAccount | `{}` |
| [serviceAccount.automountServiceAccountToken](./values.yaml#L1333) | bool | Auto-mount ServiceAccount token | `true` | | [serviceAccount.automountServiceAccountToken](./values.yaml#L1338) | bool | Auto-mount ServiceAccount token | `true` |
| [serviceAccount.create](./values.yaml#L1321) | bool | Configures if a ServiceAccount with this name should be created | `true` | | [serviceAccount.create](./values.yaml#L1326) | bool | Configures if a ServiceAccount with this name should be created | `true` |
| [serviceAccount.extraLabels](./values.yaml#L1329) | object | Configures extra labels for the ServiceAccount | `{}` | | [serviceAccount.extraLabels](./values.yaml#L1334) | object | Configures extra labels for the ServiceAccount | `{}` |
| [serviceAccount.imagePullSecretName](./values.yaml#L1331) | string | Controller ServiceAccount image pull secret | `nil` | | [serviceAccount.imagePullSecretName](./values.yaml#L1336) | string | Controller ServiceAccount image pull secret | `nil` |
| [serviceAccount.name](./values.yaml#L1325) | string | | `nil` | | [serviceAccount.name](./values.yaml#L1330) | string | | `nil` |
| [serviceAccountAgent.annotations](./values.yaml#L1344) | object | Configures annotations for the agent ServiceAccount | `{}` | | [serviceAccountAgent.annotations](./values.yaml#L1348) | object | Configures annotations for the agent ServiceAccount | `{}` |
| [serviceAccountAgent.automountServiceAccountToken](./values.yaml#L1350) | bool | Auto-mount ServiceAccount token | `true` | | [serviceAccountAgent.automountServiceAccountToken](./values.yaml#L1354) | bool | Auto-mount ServiceAccount token | `true` |
| [serviceAccountAgent.create](./values.yaml#L1338) | bool | Configures if an agent ServiceAccount should be created | `false` | | [serviceAccountAgent.create](./values.yaml#L1342) | bool | Configures if an agent ServiceAccount should be created | `false` |
| [serviceAccountAgent.extraLabels](./values.yaml#L1346) | object | Configures extra labels for the agent ServiceAccount | `{}` | | [serviceAccountAgent.extraLabels](./values.yaml#L1350) | object | Configures extra labels for the agent ServiceAccount | `{}` |
| [serviceAccountAgent.imagePullSecretName](./values.yaml#L1348) | string | Agent ServiceAccount image pull secret | `nil` | | [serviceAccountAgent.imagePullSecretName](./values.yaml#L1352) | string | Agent ServiceAccount image pull secret | `nil` |
| [serviceAccountAgent.name](./values.yaml#L1342) | string | The name of the agent ServiceAccount to be used by access-controlled resources | `nil` | | [serviceAccountAgent.name](./values.yaml#L1346) | string | The name of the agent ServiceAccount to be used by access-controlled resources | `nil` |

10
charts/kubezero-ci/charts/jenkins/templates/_helpers.tpl
View File

@ -234,6 +234,14 @@ jenkins:
{{- with $newRoot}} {{- with $newRoot}}
- kubernetes: - kubernetes:
containerCapStr: "{{ .Values.agent.containerCap }}" containerCapStr: "{{ .Values.agent.containerCap }}"
{{- if .Values.agent.garbageCollection.enabled }}
garbageCollection:
{{- if .Values.agent.garbageCollection.namespaces }}
namespaces: |-
{{- .Values.agent.garbageCollection.namespaces | nindent 10 }}
{{- end }}
timeout: "{{ .Values.agent.garbageCollection.timeout }}"
{{- end }}
{{- if .Values.agent.jnlpregistry }} {{- if .Values.agent.jnlpregistry }}
jnlpregistry: "{{ .Values.agent.jnlpregistry }}" jnlpregistry: "{{ .Values.agent.jnlpregistry }}"
{{- end }} {{- end }}
@ -463,7 +471,7 @@ Returns kubernetes pod template configuration as code
{{- end }} {{- end }}
{{- end }} {{- end }}
idleMinutes: {{ .Values.agent.idleMinutes }} idleMinutes: {{ .Values.agent.idleMinutes }}
instanceCap: 2147483647 instanceCap: {{ int .Values.agent.instanceCap }}
{{- if .Values.agent.hostNetworking }} {{- if .Values.agent.hostNetworking }}
hostNetwork: {{ .Values.agent.hostNetworking }} hostNetwork: {{ .Values.agent.hostNetworking }}
{{- end }} {{- end }}

58
charts/kubezero-ci/charts/jenkins/values.yaml
View File

@ -38,11 +38,11 @@ controller:
# -- Controller image repository # -- Controller image repository
repository: "jenkins/jenkins" repository: "jenkins/jenkins"
# -- Controller image tag override; i.e., tag: "2.440.1-jdk17" # -- Controller image tag override; i.e., tag: "2.440.1-jdk21"
tag: tag:
# -- Controller image tag label # -- Controller image tag label
tagLabel: jdk17 tagLabel: jdk21
# -- Controller image pull policy # -- Controller image pull policy
pullPolicy: "Always" pullPolicy: "Always"
# -- Controller image pull secret # -- Controller image pull secret
@ -73,7 +73,6 @@ controller:
# If you disable the non-Jenkins identity store and instead use the Jenkins internal one, # If you disable the non-Jenkins identity store and instead use the Jenkins internal one,
# you should revert controller.admin.username to your preferred admin user: # you should revert controller.admin.username to your preferred admin user:
admin: admin:
# -- Admin username created as a secret if `controller.admin.createSecret` is true # -- Admin username created as a secret if `controller.admin.createSecret` is true
username: "admin" username: "admin"
# -- Admin password created as a secret if `controller.admin.createSecret` is true # -- Admin password created as a secret if `controller.admin.createSecret` is true
@ -338,7 +337,7 @@ controller:
agentListenerExternalTrafficPolicy: agentListenerExternalTrafficPolicy:
# -- Allowed inbound IP for the agentListener service # -- Allowed inbound IP for the agentListener service
agentListenerLoadBalancerSourceRanges: agentListenerLoadBalancerSourceRanges:
- 0.0.0.0/0 - 0.0.0.0/0
# -- Disabled agent protocols # -- Disabled agent protocols
disabledAgentProtocols: disabledAgentProtocols:
- JNLP-connect - JNLP-connect
@ -380,7 +379,7 @@ controller:
# set allowed inbound rules on the security group assigned to the controller load balancer # set allowed inbound rules on the security group assigned to the controller load balancer
# -- Allowed inbound IP addresses # -- Allowed inbound IP addresses
loadBalancerSourceRanges: loadBalancerSourceRanges:
- 0.0.0.0/0 - 0.0.0.0/0
# -- Optionally assign a known public LB IP # -- Optionally assign a known public LB IP
loadBalancerIP: loadBalancerIP:
@ -403,10 +402,10 @@ controller:
# Plugins will be installed during Jenkins controller start # Plugins will be installed during Jenkins controller start
# -- List of Jenkins plugins to install. If you don't want to install plugins, set it to `false` # -- List of Jenkins plugins to install. If you don't want to install plugins, set it to `false`
installPlugins: installPlugins:
- kubernetes:4314.v5b_846cf499eb_ - kubernetes:4340.v345364d31a_2a_
- workflow-aggregator:600.vb_57cdd26fdd7 - workflow-aggregator:608.v67378e9d3db_1
- git:5.7.0 - git:5.7.0
- configuration-as-code:1932.v75cb_b_f1b_698d - configuration-as-code:1967.va_968e15fd05b_
# If set to false, Jenkins will download the minimum required version of all dependencies. # If set to false, Jenkins will download the minimum required version of all dependencies.
# -- Download the minimum required version or latest version of all dependencies # -- Download the minimum required version or latest version of all dependencies
@ -560,7 +559,7 @@ controller:
# If false or not-specified, JCasC changes will cause a reboot and will only be applied at the subsequent start-up. # If false or not-specified, JCasC changes will cause a reboot and will only be applied at the subsequent start-up.
# Auto-reload uses the http://<jenkins_url>/reload-configuration-as-code endpoint to reapply config when changes to # Auto-reload uses the http://<jenkins_url>/reload-configuration-as-code endpoint to reapply config when changes to
# the configScripts are detected. # the configScripts are detected.
# -- Enables Jenkins Config as Code auto-reload # -- Enable Jenkins Config as Code auto-reload
enabled: true enabled: true
image: image:
# -- Registry for the image that triggers the reload # -- Registry for the image that triggers the reload
@ -568,9 +567,10 @@ controller:
# -- Repository of the image that triggers the reload # -- Repository of the image that triggers the reload
repository: kiwigrid/k8s-sidecar repository: kiwigrid/k8s-sidecar
# -- Tag for the image that triggers the reload # -- Tag for the image that triggers the reload
tag: 1.30.1 tag: 1.30.3
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
resources: {} resources:
{}
# limits: # limits:
# cpu: 100m # cpu: 100m
# memory: 100Mi # memory: 100Mi
@ -578,7 +578,8 @@ controller:
# cpu: 50m # cpu: 50m
# memory: 50Mi # memory: 50Mi
# -- Enables additional volume mounts for the config auto-reload container # -- Enables additional volume mounts for the config auto-reload container
additionalVolumeMounts: [] additionalVolumeMounts:
[]
# - name: auto-reload-config # - name: auto-reload-config
# mountPath: /var/config/logger # mountPath: /var/config/logger
# - name: auto-reload-logs # - name: auto-reload-logs
@ -609,7 +610,7 @@ controller:
# -- Environment variable sources for the Jenkins Config as Code auto-reload container # -- Environment variable sources for the Jenkins Config as Code auto-reload container
envFrom: [] envFrom: []
# -- Environment variables for the Jenkins Config as Code auto-reload container # -- Environment variables for the Jenkins Config as Code auto-reload container
env: {} env: []
# - name: REQ_TIMEOUT # - name: REQ_TIMEOUT
# value: "30" # value: "30"
@ -709,7 +710,8 @@ controller:
# -- Ingress labels # -- Ingress labels
labels: {} labels: {}
# -- Ingress annotations # -- Ingress annotations
annotations: {} annotations:
{}
# kubernetes.io/ingress.class: nginx # kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true" # kubernetes.io/tls-acme: "true"
# For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
@ -955,7 +957,7 @@ agent:
# -- Repository to pull the agent jnlp image from # -- Repository to pull the agent jnlp image from
repository: "jenkins/inbound-agent" repository: "jenkins/inbound-agent"
# -- Tag of the image to pull # -- Tag of the image to pull
tag: "3283.v92c105e0f819-9" tag: "3309.v27b_9314fd1a_4-2"
# -- Configure working directory for default agent # -- Configure working directory for default agent
workingDir: "/home/jenkins/agent" workingDir: "/home/jenkins/agent"
nodeUsageMode: "NORMAL" nodeUsageMode: "NORMAL"
@ -986,12 +988,12 @@ agent:
memory: "512Mi" memory: "512Mi"
# ephemeralStorage: # ephemeralStorage:
livenessProbe: {} livenessProbe: {}
# execArgs: "cat /tmp/healthy" # execArgs: "cat /tmp/healthy"
# failureThreshold: 3 # failureThreshold: 3
# initialDelaySeconds: 0 # initialDelaySeconds: 0
# periodSeconds: 10 # periodSeconds: 10
# successThreshold: 1 # successThreshold: 1
# timeoutSeconds: 1 # timeoutSeconds: 1
# You may want to change this to true while testing a new image # You may want to change this to true while testing a new image
# -- Always pull agent container image before build # -- Always pull agent container image before build
@ -1103,8 +1105,10 @@ agent:
# Doesn't allocate pseudo TTY by default # Doesn't allocate pseudo TTY by default
# -- Allocate pseudo tty to the side container # -- Allocate pseudo tty to the side container
TTYEnabled: false TTYEnabled: false
# -- Max number of agents to launch # -- Max number of agents to launch for a whole cluster.
containerCap: 10 containerCap: 10
# -- Max number of agents to launch for this type of agent
instanceCap: 2147483647
# -- Agent Pod base name # -- Agent Pod base name
podName: "default" podName: "default"
@ -1123,7 +1127,6 @@ agent:
# -- Allows the Pod to remain active for reuse until the configured number of minutes has passed since the last step was executed on it # -- Allows the Pod to remain active for reuse until the configured number of minutes has passed since the last step was executed on it
idleMinutes: 0 idleMinutes: 0
# The raw yaml of a Pod API Object, for example, this allows usage of toleration for agent pods. # The raw yaml of a Pod API Object, for example, this allows usage of toleration for agent pods.
# https://github.com/jenkinsci/kubernetes-plugin#using-yaml-to-define-pod-templates # https://github.com/jenkinsci/kubernetes-plugin#using-yaml-to-define-pod-templates
# https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ # https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
@ -1298,13 +1301,15 @@ networkPolicy:
# -- A map of labels (keys/values) that agent pods must have to be able to connect to controller # -- A map of labels (keys/values) that agent pods must have to be able to connect to controller
podLabels: {} podLabels: {}
# -- A map of labels (keys/values) that agents namespaces must have to be able to connect to controller # -- A map of labels (keys/values) that agents namespaces must have to be able to connect to controller
namespaceLabels: {} namespaceLabels:
{}
# project: myproject # project: myproject
externalAgents: externalAgents:
# -- The IP range from which external agents are allowed to connect to controller, i.e., 172.17.0.0/16 # -- The IP range from which external agents are allowed to connect to controller, i.e., 172.17.0.0/16
ipCIDR: ipCIDR:
# -- A list of IP sub-ranges to be excluded from the allowlisted IP range # -- A list of IP sub-ranges to be excluded from the allowlisted IP range
except: [] except:
[]
# - 172.17.1.0/24 # - 172.17.1.0/24
## Install Default RBAC roles and bindings ## Install Default RBAC roles and bindings
@ -1332,7 +1337,6 @@ serviceAccount:
# -- Auto-mount ServiceAccount token # -- Auto-mount ServiceAccount token
automountServiceAccountToken: true automountServiceAccountToken: true
serviceAccountAgent: serviceAccountAgent:
# -- Configures if an agent ServiceAccount should be created # -- Configures if an agent ServiceAccount should be created
create: false create: false
@ -1370,4 +1374,4 @@ helmtest:
# -- Repository of the image used to test the framework # -- Repository of the image used to test the framework
repository: "bats/bats" repository: "bats/bats"
# -- Tag of the image to test the framework # -- Tag of the image to test the framework
tag: "1.11.1" tag: "1.12.0"

8
charts/kubezero-ci/values.yaml
View File

@ -2,7 +2,7 @@ gitea:
enabled: false enabled: false
image: image:
tag: 1.23.5 # tag: 1.23.5
rootless: true rootless: true
repliaCount: 1 repliaCount: 1
@ -76,7 +76,9 @@ gitea:
ssh.minimum_key_sizes: ssh.minimum_key_sizes:
RSA: 2047 RSA: 2047
redis-cluster: valkey:
enabled: false
valkey-cluster:
enabled: false enabled: false
postgresql-ha: postgresql-ha:
enabled: false enabled: false
@ -188,7 +190,7 @@ jenkins:
agent: agent:
image: image:
repository: public.ecr.aws/zero-downtime/jenkins-podman repository: public.ecr.aws/zero-downtime/jenkins-podman
tag: v0.7.0 tag: v0.7.1
#alwaysPullImage: true #alwaysPullImage: true
podRetention: "Default" podRetention: "Default"
showRawYaml: false showRawYaml: false

4
charts/kubezero-istio-gateway/Chart.yaml
View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-istio-gateway name: kubezero-istio-gateway
description: KubeZero Umbrella Chart for Istio gateways description: KubeZero Umbrella Chart for Istio gateways
type: application type: application
version: 0.24.3 version: 0.24.6
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -17,6 +17,6 @@ dependencies:
version: 0.2.1 version: 0.2.1
repository: https://cdn.zero-downtime.net/charts/ repository: https://cdn.zero-downtime.net/charts/
- name: gateway - name: gateway
version: 1.24.3 version: 1.24.6
repository: https://istio-release.storage.googleapis.com/charts repository: https://istio-release.storage.googleapis.com/charts
kubeVersion: ">= 1.30.0-0" kubeVersion: ">= 1.30.0-0"

4
charts/kubezero-istio-gateway/README.md
View File

@ -1,6 +1,6 @@
# kubezero-istio-gateway # kubezero-istio-gateway
![Version: 0.24.3](https://img.shields.io/badge/Version-0.24.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.24.6](https://img.shields.io/badge/Version-0.24.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero Umbrella Chart for Istio gateways KubeZero Umbrella Chart for Istio gateways
@ -21,7 +21,7 @@ Kubernetes: `>= 1.30.0-0`
| Repository | Name | Version | | Repository | Name | Version |
|------------|------|---------| |------------|------|---------|
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 |
| https://istio-release.storage.googleapis.com/charts | gateway | 1.24.3 | | https://istio-release.storage.googleapis.com/charts | gateway | 1.24.6 |
## Values ## Values

4
charts/kubezero-istio-gateway/charts/gateway/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v2 apiVersion: v2
appVersion: 1.24.3 appVersion: 1.24.6
description: Helm chart for deploying Istio gateways description: Helm chart for deploying Istio gateways
icon: https://istio.io/latest/favicons/android-192x192.png icon: https://istio.io/latest/favicons/android-192x192.png
keywords: keywords:
@ -9,4 +9,4 @@ name: gateway
sources: sources:
- https://github.com/istio/istio - https://github.com/istio/istio
type: application type: application
version: 1.24.3 version: 1.24.6

30
charts/kubezero-istio-gateway/templates/envoyfilter-grpcweb.yaml Normal file
View File

@ -0,0 +1,30 @@
{{- if .Values.httpFilter.grpcWeb }}
# Inserts the grpcWeb filter into the http_connection mangager chain before the CORS filter
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: {{ include "gatewayName" . | trimPrefix "istio-" }}-grpcweb
namespace: {{ .Release.Namespace }}
labels:
{{ include "kubezero-lib.labels" . | nindent 4 }}
spec:
workloadSelector:
labels:
{{- include "gatewaySelectorLabels" . | nindent 6 }}
configPatches:
- applyTo: HTTP_FILTER
match:
context: GATEWAY
listener:
filterChain:
filter:
name: envoy.filters.network.http_connection_manager
subFilter:
name: envoy.filters.http.cors
patch:
operation: INSERT_BEFORE
value:
name: envoy.filters.http.grpc_web
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.grpc_web.v3.GrpcWeb
{{- end }}

36
charts/kubezero-istio-gateway/templates/envoyfilter-listener.yaml
View File

@ -1,7 +1,7 @@
apiVersion: networking.istio.io/v1alpha3 apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter kind: EnvoyFilter
metadata: metadata:
name: {{ include "gatewayName" . | trimPrefix "istio-" }}-proxy-protocol name: {{ include "gatewayName" . | trimPrefix "istio-" }}-listener
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
{{ include "kubezero-lib.labels" . | nindent 4 }} {{ include "kubezero-lib.labels" . | nindent 4 }}
@ -10,24 +10,20 @@ spec:
labels: labels:
{{- include "gatewaySelectorLabels" . | nindent 6 }} {{- include "gatewaySelectorLabels" . | nindent 6 }}
configPatches: configPatches:
- applyTo: LISTENER - applyTo: LISTENER_FILTER
match:
context: GATEWAY
listener:
portNumber: 8443
listenerFilter: "envoy.filters.listener.tls_inspector"
patch: patch:
operation: MERGE operation: REPLACE
value: value:
listener_filters: name: envoy.filters.listener.tls_inspector
{{- if .Values.proxyProtocol }} typed_config:
- name: envoy.filters.listener.proxy_protocol "@type": type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
typed_config: "initialReadBufferSize": 512
"@type": type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol filter_disabled:
filter_disabled: destination_port_range:
destination_port_range: start: 1025
start: 1025 end: 1026
end: 1026
{{- end }}
- name: envoy.filters.listener.tls_inspector
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
filter_disabled:
destination_port_range:
start: 1025
end: 1026

27
charts/kubezero-istio-gateway/templates/envoyfilter-proxyprotocol.yaml Normal file
View File

@ -0,0 +1,27 @@
{{- if .Values.proxyProtocol }}
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: {{ include "gatewayName" . | trimPrefix "istio-" }}-proxy-protocol
namespace: {{ .Release.Namespace }}
labels:
{{ include "kubezero-lib.labels" . | nindent 4 }}
spec:
workloadSelector:
labels:
{{- include "gatewaySelectorLabels" . | nindent 6 }}
configPatches:
- applyTo: LISTENER_FILTER
match:
context: GATEWAY
patch:
operation: INSERT_FIRST
value:
name: envoy.filters.listener.proxy_protocol
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol
filter_disabled:
destination_port_range:
start: 1025
end: 1026
{{- end }}

3
charts/kubezero-istio-gateway/values.yaml
View File

@ -44,3 +44,6 @@ hardening:
rejectUnderscoresHeaders: true rejectUnderscoresHeaders: true
unescapeSlashes: true unescapeSlashes: true
preserveExternalRequestId: false preserveExternalRequestId: false
httpFilter:
grpcWeb: false

6
charts/kubezero-istio/Chart.yaml
View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-istio name: kubezero-istio
description: KubeZero Umbrella Chart for Istio description: KubeZero Umbrella Chart for Istio
type: application type: application
version: 0.24.3 version: 0.24.6
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -20,10 +20,10 @@ dependencies:
repository: https://cdn.zero-downtime.net/charts/ repository: https://cdn.zero-downtime.net/charts/
condition: envoy-ratelimit.enabled condition: envoy-ratelimit.enabled
- name: base - name: base
version: 1.24.3 version: 1.24.6
repository: https://istio-release.storage.googleapis.com/charts repository: https://istio-release.storage.googleapis.com/charts
- name: istiod - name: istiod
version: 1.24.3 version: 1.24.6
repository: https://istio-release.storage.googleapis.com/charts repository: https://istio-release.storage.googleapis.com/charts
- name: kiali-server - name: kiali-server
version: "2.6.0" version: "2.6.0"

6
charts/kubezero-istio/README.md
View File

@ -1,6 +1,6 @@
# kubezero-istio # kubezero-istio
![Version: 0.24.3](https://img.shields.io/badge/Version-0.24.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.24.6](https://img.shields.io/badge/Version-0.24.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero Umbrella Chart for Istio KubeZero Umbrella Chart for Istio
@ -22,8 +22,8 @@ Kubernetes: `>= 1.30.0-0`
|------------|------|---------| |------------|------|---------|
| https://cdn.zero-downtime.net/charts/ | envoy-ratelimit | 0.1.2 | | https://cdn.zero-downtime.net/charts/ | envoy-ratelimit | 0.1.2 |
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 |
| https://istio-release.storage.googleapis.com/charts | base | 1.24.3 | | https://istio-release.storage.googleapis.com/charts | base | 1.24.6 |
| https://istio-release.storage.googleapis.com/charts | istiod | 1.24.3 | | https://istio-release.storage.googleapis.com/charts | istiod | 1.24.6 |
| https://kiali.org/helm-charts | kiali-server | 2.6.0 | | https://kiali.org/helm-charts | kiali-server | 2.6.0 |
## Values ## Values

2
charts/kubezero-metrics/Chart.yaml
View File

@ -26,7 +26,7 @@ dependencies:
repository: https://prometheus-community.github.io/helm-charts repository: https://prometheus-community.github.io/helm-charts
condition: prometheus-adapter.enabled condition: prometheus-adapter.enabled
- name: prometheus-pushgateway - name: prometheus-pushgateway
version: 3.2.0 version: 3.3.0
repository: https://prometheus-community.github.io/helm-charts repository: https://prometheus-community.github.io/helm-charts
condition: prometheus-pushgateway.enabled condition: prometheus-pushgateway.enabled
kubeVersion: ">= 1.30.0-0" kubeVersion: ">= 1.30.0-0"

15
charts/kubezero-operators/Chart.yaml
View File

@ -2,13 +2,12 @@ apiVersion: v2
name: kubezero-operators name: kubezero-operators
description: Various operators supported by KubeZero description: Various operators supported by KubeZero
type: application type: application
version: 0.2.0 version: 0.2.1
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
- kubezero - kubezero
- operators - operators
- opensearch
- postgres - postgres
- kafka - kafka
- rabbitmq - rabbitmq
@ -19,24 +18,20 @@ dependencies:
- name: kubezero-lib - name: kubezero-lib
version: 0.2.1 version: 0.2.1
repository: https://cdn.zero-downtime.net/charts/ repository: https://cdn.zero-downtime.net/charts/
- name: opensearch-operator
version: 2.7.0
repository: https://opensearch-project.github.io/opensearch-k8s-operator/
condition: opensearch-operator.enabled
- name: eck-operator - name: eck-operator
version: 2.16.1 version: 3.0.0
repository: https://helm.elastic.co repository: https://helm.elastic.co
condition: eck-operator.enabled condition: eck-operator.enabled
- name: cloudnative-pg - name: cloudnative-pg
version: 0.23.0 version: 0.23.2
repository: https://cloudnative-pg.github.io/charts repository: https://cloudnative-pg.github.io/charts
condition: cloudnative-pg.enabled condition: cloudnative-pg.enabled
- name: strimzi-kafka-operator - name: strimzi-kafka-operator
version: 0.45.0 version: 0.46.0
repository: "oci://quay.io/strimzi-helm" repository: "oci://quay.io/strimzi-helm"
condition: strimzi-kafka-operator.enabled condition: strimzi-kafka-operator.enabled
- name: rabbitmq-cluster-operator - name: rabbitmq-cluster-operator
version: 4.4.3 version: 4.4.11
repository: https://charts.bitnami.com/bitnami repository: https://charts.bitnami.com/bitnami
condition: rabbitmq-cluster-operator.enabled condition: rabbitmq-cluster-operator.enabled
kubeVersion: ">= 1.30.0-0" kubeVersion: ">= 1.30.0-0"

20
charts/kubezero-operators/README.md
View File

@ -1,6 +1,6 @@
# kubezero-operators # kubezero-operators
![Version: 0.2.0](https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.2.1](https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
Various operators supported by KubeZero Various operators supported by KubeZero
@ -18,12 +18,11 @@ Kubernetes: `>= 1.30.0-0`
| Repository | Name | Version | | Repository | Name | Version |
|------------|------|---------| |------------|------|---------|
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 |
| https://charts.bitnami.com/bitnami | rabbitmq-cluster-operator | 4.4.3 | | https://charts.bitnami.com/bitnami | rabbitmq-cluster-operator | 4.4.11 |
| https://cloudnative-pg.github.io/charts | cloudnative-pg | 0.23.0 | | https://cloudnative-pg.github.io/charts | cloudnative-pg | 0.23.2 |
| https://helm.elastic.co | eck-operator | 2.16.1 | | https://helm.elastic.co | eck-operator | 3.0.0 |
| https://opensearch-project.github.io/opensearch-k8s-operator/ | opensearch-operator | 2.7.0 | | oci://quay.io/strimzi-helm | strimzi-kafka-operator | 0.46.0 |
| oci://quay.io/strimzi-helm | strimzi-kafka-operator | 0.45.0 |
## Values ## Values
@ -34,11 +33,6 @@ Kubernetes: `>= 1.30.0-0`
| cloudnative-pg.monitoring.podMonitorEnabled | bool | `false` | | | cloudnative-pg.monitoring.podMonitorEnabled | bool | `false` | |
| eck-operator.enabled | bool | `false` | | | eck-operator.enabled | bool | `false` | |
| eck-operator.installCRDs | bool | `false` | | | eck-operator.installCRDs | bool | `false` | |
| opensearch-operator.enabled | bool | `false` | |
| opensearch-operator.fullnameOverride | string | `"opensearch-operator"` | |
| opensearch-operator.kubeRbacProxy.enable | bool | `false` | |
| opensearch-operator.manager.extraEnv[0].name | string | `"SKIP_INIT_CONTAINER"` | |
| opensearch-operator.manager.extraEnv[0].value | string | `"true"` | |
| rabbitmq-cluster-operator.clusterOperator.metrics.enabled | bool | `false` | | | rabbitmq-cluster-operator.clusterOperator.metrics.enabled | bool | `false` | |
| rabbitmq-cluster-operator.clusterOperator.metrics.serviceMonitor.enabled | bool | `true` | | | rabbitmq-cluster-operator.clusterOperator.metrics.serviceMonitor.enabled | bool | `true` | |
| rabbitmq-cluster-operator.enabled | bool | `false` | | | rabbitmq-cluster-operator.enabled | bool | `false` | |
@ -53,4 +47,4 @@ Kubernetes: `>= 1.30.0-0`
| strimzi-kafka-operator.watchAnyNamespace | bool | `true` | | | strimzi-kafka-operator.watchAnyNamespace | bool | `true` | |
---------------------------------------------- ----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.8.1](https://github.com/norwoodj/helm-docs/releases/v1.8.1) Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)

4
charts/kubezero-operators/charts/eck-operator/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v2 apiVersion: v2
appVersion: 2.16.1 appVersion: 3.0.0
description: Elastic Cloud on Kubernetes (ECK) operator description: Elastic Cloud on Kubernetes (ECK) operator
home: https://github.com/elastic/cloud-on-k8s home: https://github.com/elastic/cloud-on-k8s
icon: https://helm.elastic.co/icons/eck.png icon: https://helm.elastic.co/icons/eck.png
@ -18,4 +18,4 @@ maintainers:
name: Elastic name: Elastic
name: eck-operator name: eck-operator
type: application type: application
version: 2.16.1 version: 3.0.0

99
charts/kubezero-operators/charts/eck-operator/crds/all-crds.yaml
View File

@ -4,14 +4,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.16.5 controller-gen.kubebuilder.io/version: v0.17.2
helm.sh/resource-policy: keep helm.sh/resource-policy: keep
labels: labels:
app.kubernetes.io/instance: 'logging' app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds' app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.16.1' app.kubernetes.io/version: '3.0.0'
helm.sh/chart: 'eck-operator-crds-2.16.1' helm.sh/chart: 'eck-operator-crds-3.0.0'
name: agents.agent.k8s.elastic.co name: agents.agent.k8s.elastic.co
spec: spec:
group: agent.k8s.elastic.co group: agent.k8s.elastic.co
@ -638,7 +638,7 @@ spec:
not set, the implementation will apply its default routing strategy. If set not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone). topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature. This is a beta field and requires enabling ServiceTrafficDistribution feature.
type: string type: string
type: type:
description: |- description: |-
@ -1137,14 +1137,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.16.5 controller-gen.kubebuilder.io/version: v0.17.2
helm.sh/resource-policy: keep helm.sh/resource-policy: keep
labels: labels:
app.kubernetes.io/instance: 'logging' app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds' app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.16.1' app.kubernetes.io/version: '3.0.0'
helm.sh/chart: 'eck-operator-crds-2.16.1' helm.sh/chart: 'eck-operator-crds-3.0.0'
name: apmservers.apm.k8s.elastic.co name: apmservers.apm.k8s.elastic.co
spec: spec:
group: apm.k8s.elastic.co group: apm.k8s.elastic.co
@ -1589,7 +1589,7 @@ spec:
not set, the implementation will apply its default routing strategy. If set not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone). topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature. This is a beta field and requires enabling ServiceTrafficDistribution feature.
type: string type: string
type: type:
description: |- description: |-
@ -2217,7 +2217,7 @@ spec:
not set, the implementation will apply its default routing strategy. If set not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone). topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature. This is a beta field and requires enabling ServiceTrafficDistribution feature.
type: string type: string
type: type:
description: |- description: |-
@ -2372,14 +2372,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.16.5 controller-gen.kubebuilder.io/version: v0.17.2
helm.sh/resource-policy: keep helm.sh/resource-policy: keep
labels: labels:
app.kubernetes.io/instance: 'logging' app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds' app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.16.1' app.kubernetes.io/version: '3.0.0'
helm.sh/chart: 'eck-operator-crds-2.16.1' helm.sh/chart: 'eck-operator-crds-3.0.0'
name: beats.beat.k8s.elastic.co name: beats.beat.k8s.elastic.co
spec: spec:
group: beat.k8s.elastic.co group: beat.k8s.elastic.co
@ -2854,14 +2854,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.16.5 controller-gen.kubebuilder.io/version: v0.17.2
helm.sh/resource-policy: keep helm.sh/resource-policy: keep
labels: labels:
app.kubernetes.io/instance: 'logging' app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds' app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.16.1' app.kubernetes.io/version: '3.0.0'
helm.sh/chart: 'eck-operator-crds-2.16.1' helm.sh/chart: 'eck-operator-crds-3.0.0'
name: elasticmapsservers.maps.k8s.elastic.co name: elasticmapsservers.maps.k8s.elastic.co
spec: spec:
group: maps.k8s.elastic.co group: maps.k8s.elastic.co
@ -3318,7 +3318,7 @@ spec:
not set, the implementation will apply its default routing strategy. If set not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone). topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature. This is a beta field and requires enabling ServiceTrafficDistribution feature.
type: string type: string
type: type:
description: |- description: |-
@ -3459,14 +3459,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.16.5 controller-gen.kubebuilder.io/version: v0.17.2
helm.sh/resource-policy: keep helm.sh/resource-policy: keep
labels: labels:
app.kubernetes.io/instance: 'logging' app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds' app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.16.1' app.kubernetes.io/version: '3.0.0'
helm.sh/chart: 'eck-operator-crds-2.16.1' helm.sh/chart: 'eck-operator-crds-3.0.0'
name: elasticsearchautoscalers.autoscaling.k8s.elastic.co name: elasticsearchautoscalers.autoscaling.k8s.elastic.co
spec: spec:
group: autoscaling.k8s.elastic.co group: autoscaling.k8s.elastic.co
@ -3818,14 +3818,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.16.5 controller-gen.kubebuilder.io/version: v0.17.2
helm.sh/resource-policy: keep helm.sh/resource-policy: keep
labels: labels:
app.kubernetes.io/instance: 'logging' app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds' app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.16.1' app.kubernetes.io/version: '3.0.0'
helm.sh/chart: 'eck-operator-crds-2.16.1' helm.sh/chart: 'eck-operator-crds-3.0.0'
name: elasticsearches.elasticsearch.k8s.elastic.co name: elasticsearches.elasticsearch.k8s.elastic.co
spec: spec:
group: elasticsearch.k8s.elastic.co group: elasticsearch.k8s.elastic.co
@ -4267,7 +4267,7 @@ spec:
not set, the implementation will apply its default routing strategy. If set not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone). topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature. This is a beta field and requires enabling ServiceTrafficDistribution feature.
type: string type: string
type: type:
description: |- description: |-
@ -5332,7 +5332,7 @@ spec:
not set, the implementation will apply its default routing strategy. If set not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone). topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature. This is a beta field and requires enabling ServiceTrafficDistribution feature.
type: string type: string
type: type:
description: |- description: |-
@ -6036,7 +6036,7 @@ spec:
not set, the implementation will apply its default routing strategy. If set not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone). topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature. This is a beta field and requires enabling ServiceTrafficDistribution feature.
type: string type: string
type: type:
description: |- description: |-
@ -6619,14 +6619,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.16.5 controller-gen.kubebuilder.io/version: v0.17.2
helm.sh/resource-policy: keep helm.sh/resource-policy: keep
labels: labels:
app.kubernetes.io/instance: 'logging' app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds' app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.16.1' app.kubernetes.io/version: '3.0.0'
helm.sh/chart: 'eck-operator-crds-2.16.1' helm.sh/chart: 'eck-operator-crds-3.0.0'
name: enterprisesearches.enterprisesearch.k8s.elastic.co name: enterprisesearches.enterprisesearch.k8s.elastic.co
spec: spec:
group: enterprisesearch.k8s.elastic.co group: enterprisesearch.k8s.elastic.co
@ -7082,7 +7082,7 @@ spec:
not set, the implementation will apply its default routing strategy. If set not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone). topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature. This is a beta field and requires enabling ServiceTrafficDistribution feature.
type: string type: string
type: type:
description: |- description: |-
@ -7661,7 +7661,7 @@ spec:
not set, the implementation will apply its default routing strategy. If set not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone). topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature. This is a beta field and requires enabling ServiceTrafficDistribution feature.
type: string type: string
type: type:
description: |- description: |-
@ -7788,14 +7788,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.16.5 controller-gen.kubebuilder.io/version: v0.17.2
helm.sh/resource-policy: keep helm.sh/resource-policy: keep
labels: labels:
app.kubernetes.io/instance: 'logging' app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds' app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.16.1' app.kubernetes.io/version: '3.0.0'
helm.sh/chart: 'eck-operator-crds-2.16.1' helm.sh/chart: 'eck-operator-crds-3.0.0'
name: kibanas.kibana.k8s.elastic.co name: kibanas.kibana.k8s.elastic.co
spec: spec:
group: kibana.k8s.elastic.co group: kibana.k8s.elastic.co
@ -8270,7 +8270,7 @@ spec:
not set, the implementation will apply its default routing strategy. If set not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone). topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature. This is a beta field and requires enabling ServiceTrafficDistribution feature.
type: string type: string
type: type:
description: |- description: |-
@ -8959,7 +8959,7 @@ spec:
not set, the implementation will apply its default routing strategy. If set not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone). topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature. This is a beta field and requires enabling ServiceTrafficDistribution feature.
type: string type: string
type: type:
description: |- description: |-
@ -9103,14 +9103,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.16.5 controller-gen.kubebuilder.io/version: v0.17.2
helm.sh/resource-policy: keep helm.sh/resource-policy: keep
labels: labels:
app.kubernetes.io/instance: 'logging' app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds' app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.16.1' app.kubernetes.io/version: '3.0.0'
helm.sh/chart: 'eck-operator-crds-2.16.1' helm.sh/chart: 'eck-operator-crds-3.0.0'
name: logstashes.logstash.k8s.elastic.co name: logstashes.logstash.k8s.elastic.co
spec: spec:
group: logstash.k8s.elastic.co group: logstash.k8s.elastic.co
@ -9749,7 +9749,7 @@ spec:
not set, the implementation will apply its default routing strategy. If set not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone). topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature. This is a beta field and requires enabling ServiceTrafficDistribution feature.
type: string type: string
type: type:
description: |- description: |-
@ -10228,18 +10228,15 @@ spec:
persistent volume is being resized. persistent volume is being resized.
type: string type: string
status: status:
description: |-
Status is the status of the condition.
Can be True, False, Unknown.
More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required
type: string type: string
type: type:
description: |- description: |-
PersistentVolumeClaimConditionType defines the condition of PV claim. Type is the type of the condition.
Valid values are: More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about
- "Resizing", "FileSystemResizePending"
If RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected:
- "ControllerResizeError", "NodeResizeError"
If VolumeAttributesClass feature gate is enabled, then following additional values can be expected:
- "ModifyVolumeError", "ModifyingVolume"
type: string type: string
required: required:
- status - status
@ -10350,14 +10347,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.16.5 controller-gen.kubebuilder.io/version: v0.17.2
helm.sh/resource-policy: keep helm.sh/resource-policy: keep
labels: labels:
app.kubernetes.io/instance: 'logging' app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds' app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.16.1' app.kubernetes.io/version: '3.0.0'
helm.sh/chart: 'eck-operator-crds-2.16.1' helm.sh/chart: 'eck-operator-crds-3.0.0'
name: stackconfigpolicies.stackconfigpolicy.k8s.elastic.co name: stackconfigpolicies.stackconfigpolicy.k8s.elastic.co
spec: spec:
group: stackconfigpolicy.k8s.elastic.co group: stackconfigpolicy.k8s.elastic.co

4
charts/kubezero-operators/charts/eck-operator/templates/_helpers.tpl
View File

@ -48,9 +48,9 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
Selector labels Selector labels
*/}} */}}
{{- define "eck-operator.selectorLabels" -}} {{- define "eck-operator.selectorLabels" -}}
{{- if .Values.global.manifestGen }} {{- if .Values.global.manifestGen -}}
control-plane: elastic-operator control-plane: elastic-operator
{{- else }} {{- else -}}
app.kubernetes.io/name: {{ include "eck-operator.name" . }} app.kubernetes.io/name: {{ include "eck-operator.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }} {{- end }}

8
charts/kubezero-operators/charts/eck-operator/templates/statefulset.yaml
View File

@ -138,8 +138,16 @@ spec:
{{- end }} {{- end }}
{{- if .Values.hostNetwork }} {{- if .Values.hostNetwork }}
hostNetwork: true hostNetwork: true
{{- end }}
{{- if .Values.dnsPolicy }}
dnsPolicy: {{ .Values.dnsPolicy }}
{{- else if .Values.hostNetwork }}
dnsPolicy: ClusterFirstWithHostNet dnsPolicy: ClusterFirstWithHostNet
{{- end }} {{- end }}
{{- with .Values.dnsConfig }}
dnsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.nodeSelector }} {{- with .Values.nodeSelector }}
nodeSelector: nodeSelector:
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}

17
charts/kubezero-operators/charts/eck-operator/values.yaml
View File

@ -148,9 +148,26 @@ webhook:
# hostNetwork allows a Pod to use the Node network namespace. # hostNetwork allows a Pod to use the Node network namespace.
# This is required to allow for communication with the kube API when using some alternate CNIs in conjunction with webhook enabled. # This is required to allow for communication with the kube API when using some alternate CNIs in conjunction with webhook enabled.
# If hostNetwork is enabled, dnsPolicy defaults to ClusterFirstWithHostNet unless explicitly set.
# CAUTION: Proceed at your own risk. This setting has security concerns such as allowing malicious users to access workloads running on the host. # CAUTION: Proceed at your own risk. This setting has security concerns such as allowing malicious users to access workloads running on the host.
hostNetwork: false hostNetwork: false
# dnsPolicy defines the DNS policy for the operator pod.
# Check https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy for more details.
dnsPolicy: ""
# dnsConfig defines the DNS configuration for the operator pod.
# Check https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-dns-config for more details.
# dnsConfig:
# nameservers:
# - 169.254.20.10
# searches:
# - svc.cluster.local
# options:
# - name: ndots
# value: "2"
dnsConfig: {}
softMultiTenancy: softMultiTenancy:
# enabled determines whether the operator is installed with soft multi-tenancy extensions. # enabled determines whether the operator is installed with soft multi-tenancy extensions.
# This requires network policies to be enabled on the Kubernetes cluster. # This requires network policies to be enabled on the Kubernetes cluster.

12
charts/kubezero-operators/templates/cloudnative-pg/ClusterImageCatalog-bookworm.yaml
View File

@ -1,4 +1,3 @@
{{- if index .Values "cloudnative-pg" "enabled" }}
apiVersion: postgresql.cnpg.io/v1 apiVersion: postgresql.cnpg.io/v1
kind: ClusterImageCatalog kind: ClusterImageCatalog
metadata: metadata:
@ -6,13 +5,12 @@ metadata:
spec: spec:
images: images:
- major: 13 - major: 13
image: ghcr.io/cloudnative-pg/postgresql:13.18-34-bookworm@sha256:79ffc8faf88cbaf768791a23f15031cc400778321378237ead6cb77e8cfcf192 image: ghcr.io/cloudnative-pg/postgresql:13.21-1-bookworm@sha256:189ae9e434654d224a3573beffa3552c67f50e344debfe14be7ad92245be8589
- major: 14 - major: 14
image: ghcr.io/cloudnative-pg/postgresql:14.15-34-bookworm@sha256:95b3f1a94c3d6755128a57e335d35ff196597078e09b93438009b8a9dcb2d409 image: ghcr.io/cloudnative-pg/postgresql:14.18-1-bookworm@sha256:26bca18fee9dc5a0d7bfafddd5b9cc69600b4c14a430f2e8785eb2fc8a802ed2
- major: 15 - major: 15
image: ghcr.io/cloudnative-pg/postgresql:15.10-34-bookworm@sha256:4e8945ec4d6b744aa612f80c6b80cc525eafb411e44527c81f249fda35363765 image: ghcr.io/cloudnative-pg/postgresql:15.13-1-bookworm@sha256:32312ca4300023b15d260adb9b25ef2ea8c061e3218e788fe5de84eac08a3033
- major: 16 - major: 16
image: ghcr.io/cloudnative-pg/postgresql:16.6-33-bookworm@sha256:7dfda49485274b61ada9bb347caffac01dee442ffd119eb19317a2692347657b image: ghcr.io/cloudnative-pg/postgresql:16.9-1-bookworm@sha256:cf533c5f141b13a327d4678f49a1ace3bd5475f847e08d33b33255fde85717dc
- major: 17 - major: 17
image: ghcr.io/cloudnative-pg/postgresql:17.2-33-bookworm@sha256:52b78e8e4a297e268be168c7e107a2117072dc38f4a11d9d056ff0cc13d4007f image: ghcr.io/cloudnative-pg/postgresql:17.5-1-bookworm@sha256:c860bf22cc86b8033c0aa77299e6c8df41cddf4a884b72115153aeb2f4574e94
{{- end }}

2
charts/kubezero-operators/templates/cloudnative-pg/grafana-dashboards.yaml
View File

File diff suppressed because one or more lines are too long

2
charts/kubezero-operators/templates/strimzi/grafana-dashboards.yaml
View File

@ -11,5 +11,5 @@ metadata:
k8s-sidecar-target-directory: Operators k8s-sidecar-target-directory: Operators
binaryData: binaryData:
strimzi-kafka-operator.json.gz: strimzi-kafka-operator.json.gz:
H4sIAAAAAAAC/+1dW3PbuBV+96/g8KETzzhbUbIcb2f2wXE2u2ljx2M76bSJRwORkIQ1SXBBMLbiqr+9B+ANvElyZMdy57zYIkACONfvI0CQdzuWZY9Ggv6ZMEFj+2/WZyixrDv9F+rkPKJQak8FmZCQ2Ht5BfNai0MS6PN/q1d8pSJmPFR1r37a/2lo64rFXnt3EQmpX+8slkQ2e7pQpUsb84gkMU+ES+stRoIHVM5oEjfbPSvr7j9UyQIaU8FoS8OXZV3aMPy9UmfZJAw5SANqUpZIe7J9FsvCLmX/UDNOmC/fKZU6e2WpIW1VCuMcGpKxr+qlSKhRPmNeSylzeXjMfS5Ug2I6Ji96e1bfceDPcLhnObtm07mUR6Us1l+sI58KWRlCaZx4NuZEeHZWt9D/r3YyjdvUY7I2WnvCYpf4/6JEgPWFPOGhnEF9T1eCT0azS859yaKiUJvFGejfPguvtaunWtcGbHF9l/s+iWKqrpwQPy5UslrFMAbmnfHSiql2a5a6geP+vlFwmw83O56r41wtVQ8rLjOGf1WUgVKmVMaG25iOs56TwFmCTt5pdz6yi+JF9svojEltHfs4iSUPrHOatmyoIze24DftwbRaoxNGfe+YhxM2rWrVoxOS+LKq69R82mPNQigOuHZxW84g382478W2ccKiIn9AooiF06oe67rUZ/KoGrXVLol0le3tMPH9ioYLPccgQevFSnn0VtXZp389shv1i1rJot58ofs4oi4jfrUJ8/KriuyGfjp1SMYx9xNJazJBoqZRU2lWm25yK0HEUBq2Kecr8RPVm1LeKmGXdSAgkJc0f9jbWabZq04nSUKmzRPykBphYoQxB+yDfJDC61UjnjtzxUEtV6xKFU57qugXhwG5fQOBdsZZqOPF6RVNtHpwqryTzNpaQKNLnWe7Kv+AXMAm87yaJJKb1RzgL0zhQVXP4PgbJHFihoeyWOLSD62hZUP+d5s+ZvsklqdcnqpI6/RtnUvUxXY132lfiPN032pLCImbMwp5KpTHMxJOaR0csoDtEvwG/OA9mfNEZnjWsFnkJ1MWfqrTpYfO7fQ20mERJ8GLWAoWfGNAA7PMfXfNQu+XL/Y/yOSafLEXu9VrJ1xATst5zqhGdFLPCyUVoM+3xJU6/pxNkEWPwzo+b4GUuJP+IaasxpQeIgoiSoko++shijNESEFI2QBSPgJkbAGsqGEgqiCqIKo8Kqocrocqwx6iCqLKBqhyySPmbgGs6HHECCwILAgsGwHLYAWwOP0171ccRBZElg2QBZJuSF25BdiSjQTBBcEFweVxweVgTXA5QHBBcNkAXE6YEOAF5JqK/hYgTDocS4/H6iPQINAg0Dwq0PTXXMd3cCEfgeaBgGbbcAZRBlEGUeaHzpXtd6DMAFEGUWYDlHkNHjqlWwAw6UAQWhBaEFp+7ExZB7QM9xFaEFo2X4bhYnsWYjjeuyDAIMD84BmyLoDB55IRYDYBmHM6Jj4J3W24fSnGcl+A2Y59q686phd6W7hx9Zy6PHSZz7K919u8bzUiPpWSvnQh/GPmdiO6q3fjNhsityx+zYVHxQUEeDOmi5OOqfJn6v2bCr7sNDNxagBvOek9GVO/kYWyyjOfuDSA3lqyiD5pTMSRz6Zhdk6vVu0JcnMh56ktfRY2YHrCfP9DRFwm5xUXLLO7p3J0R4JPYwCS2VvRok+ViOmUhl67ipQTFVvR2+u/sm+NPNwC+pBeIOnodB93mEPJ/k4ZLeJ+ATiqkAi75dR/Mk/O6mlKBaYCzQv2TSljWGc8AEb0DVNpdJxkXdx1MbGs66VSaZTJUdoOKVCIBsuCTLFMbEiFLmTxadtQpoInUZoJGooPTHsvHWTJEXM/u+tqjE8m3cyzGqHV9xC0UnGkqhtRVVCWkA/LVQ9rQHi4AgcPO97fcLicjhY5pZ0JVv3CY3Hkk4KB6jeGVE6IzAw75lIBQ+UEFYXv8y4NrlbVWZnJKqPKXS8AOGO1dpX+m/cM28AEWegKSmJqUMIKCxjFiQv8MJ4k/khy4OufndnV7q41nlsvFGd8cH6Ymvxt0c6dpqaLxUbU5qIQwqqyHCuiwpqBxppsR9ZfUIOkB0kPkh4kPUh6kPS0kp7DNUnPz0h6tpz0TAjzqfeMCc9bLQCSHSQ7SHaQ7CDZQbLz0GSn8bhLB9sZOsh2tpzt+Ny9ftZsp0ZzbpgEliOt9yAXch7kPMh5kPMg50HO8+CrWs5BxwzPK+Q8W855nvFalnrXP87tIM9BnoM8B3kO8pzHX8jq5DkHyHO2nOcALWDcY6DzZ0x5zgohkPUg60HWg6wHWc//O+t54tWsFsqjEon6auGHbAyNjUXpelcfOdG2bG6rUiEvEfoX0Bqo8OJRQG4fggk1txU+BUc6ATwOksCqSm2p0d+fHK25eU4lkUfYNNfv2tj68/Jdc8WmdABbNgG6KJ/864tdTE5xopoCS8YDzmN86nOtzerPEG3uCwgQ1UAUVqPCTteY0235VLRxgPR7teP5KQlok26Uidz+9TZiYm4pHFhOPCLBI+WHdE1lpiPQ0i5RpHJSDUJH8buY29+n00dQixqSdcmtVD1PqhnF9U/zGF9LNzv10u8gFKuT2rAjqa1YK1IA/jslnjbQ4+wfL8ATMN16EbBQg6LrQ/KiYs9SiXPPyreKj9SnjYHXu3TXKqDWLTPuiCoXSIFWw4wkQTQK4t1ugNXJrgagcFkoGx9hXoq6dVj9PjgN8pvFCrip8osZm8hmhQE6ufuXtYKEcSppZtkOE6Q+rlhgAvd/9K0Cmur4u144orCExAVRkTw1wLye1/O8n75j4RwCpHZCWtGWBdIa7SLqbQtLbpLasnOLnFxMSajuUteTkN6CL3r0dZqGWgaos3EDLdvuwz16u7KZXiPRfcpyzH6jJguS5q14+pKXWsSYn6EtwbpqtsaNe0ldBkuFE1T10y1dLkQFwpYIZB+nP6325N8qnX1aHKyWsw4ana+yuVT/13G6ZjjnfFenmC1+T8Rg0PGiiMMtfFHE3z+d4MshcKIVJ1pxohUnWp/7RKtH3fFc0geeb311zyfpBh1TPv0ezqY+7WzqH1+DUUADLuajBFjSSDvLnave3QapS/zy3y82lIuX6p6eSC7+I9V3H8vD7BbxZUYsiwr1brH0PjNv6gesRRd9bTjZCgzIOtFKsT7GRoDi6jOSIiRFSIqQFD1vUhT8YDp0uC4dws2UT0yHgLtQzYmm7igiwHyK1WSofRha9HkY5I/oPVdu9NtxdXoReRHyIuRFyIuQF+FehHtSo8aTeZ3cCB+821pu5PIklMiOSnZ0rBSyBj3ayRpR3ahcpU4a9FJhADtmNCCliQf6+TiwrPEBk/SN/llP9kWqV7toVtIgUtBmJPvU2Uu3ML8OkQiRuvyd6cRUfcKy8TSbhvjaVC8L9Ur+ke+3fEXBzzmN4XlGdRoLzcvCdL3bfnMxOjv/cPLr5e+/fryofHqiyAZmkNt/JjRdho7aXNtQuFMpndLbGu+y42sWfRT+xTx02z4OkdnWkGrHdBOVKxepMZixcm9PUnYEgX7z0pnlFpQ8K7Mrl0H0XBuPcOWjH+V+bsa5PTTotNMzDgbmgVMmNHto/HbMg0HPrJmVv/vGb8dLJb7KZVBRaVhlZS9mwwdmw2Yv/X3zwJiTfeWZ483HUlHfN5VMc6uaW611uFgfsvSTxd3XIuI0Ntk3lF7rXdm6iZ3F/wDuyXP7T6AAAA== H4sIAAAAAAAC/+1dW3PbuBV+96/g8KETzzhbUbIcb2f2wXE2u2ljx2M76bSJRwORkIQ1SXBBMLbiqr+9B+ANvElyZMdy57zYIkACONfvI0CQdzuWZY9Ggv6ZMEFj+2/WZyixrDv9F+rkPKJQak8FmZCQ2Ht5BfNai0MS6PN/q1d8pSJmPFR1r37a/2lo64rFXnt3EQmpX+8slkQ2e7pQpUsb84gkMU+ES+stRoIHVM5oEjfbPSvr7j9UyQIaU8FoS8OXZV3aMPy9UmfZJAw5SANqUpZIe7J9FsvCLmX/UDNOmC/fKZU6e2WpIW1VCuMcGpKxr+qlSKhRPmNeSylzeXjMfS5Ug2I6Ji96e1bfceDPcLhnObtm07mUR6Us1l+sI58KWRlCaZx4NuZEeHZWt9D/r3YyjdvUY7I2WnvCYpf4/6JEgPWFPOGhnEF9T1eCT0azS859yaKiUJvFGejfPguvtaunWtcGbHF9l/s+iWKqrpwQPy5UslrFMAbmnfHSiql2a5a6geP+vlFwmw83O56r41wtVQ8rLjOGf1WUgVKmVMaG25iOs56TwFmCTt5pdz6yi+JF9svojEltHfs4iSUPrHOatmyoIze24DftwbRaoxNGfe+YhxM2rWrVoxOS+LKq69R82mPNQigOuHZxW84g382478W2ccKiIn9AooiF06oe67rUZ/KoGrXVLol0le3tMPH9ioYLPccgQevFSnn0VtXZp389shv1i1rJot58ofs4oi4jfrUJ8/KriuyGfjp1SMYx9xNJazJBoqZRU2lWm25yK0HEUBq2Kecr8RPVm1LeKmGXdSAgkJc0f9jbWabZq04nSUKmzRPykBphYoQxB+yDfJDC61UjnjtzxUEtV6xKFU57qugXhwG5fQOBdsZZqOPF6RVNtHpwqryTzNpaQKNLnWe7Kv+AXMAm87yaJJKb1RzgL0zhQVXP4PgbJHFihoeyWOLSD62hZUP+d5s+ZvsklqdcnqpI6/RtnUvUxXY132lfiPN032pLCImbMwp5KpTHMxJOaR0csoDtEvwG/OA9mfNEZnjWsFnkJ1MWfqrTpYfO7fQ20mERJ8GLWAoWfGNAA7PMfXfNQu+XL/Y/yOSafLEXu9VrJ1xATst5zqhGdFLPCyUVoM+3xJU6/pxNkEWPwzo+b4GUuJP+IaasxpQeIgoiSoko++shijNESEFI2QBSPgJkbAGsqGEgqiCqIKo8Kqocrocqwx6iCqLKBqhyySPmbgGs6HHECCwILAgsGwHLYAWwOP0171ccRBZElg2QBZJuSF25BdiSjQTBBcEFweVxweVgTXA5QHBBcNkAXE6YEOAF5JqK/hYgTDocS4/H6iPQINAg0Dwq0PTXXMd3cCEfgWYToDkFUc4497cAZNRQLDUWxBfEF8SXHztLtt+BLwPEF8SXDfDlNXjolG4BuqQDQWhBaEFo+bFzZB3QMtxHaEFo2XwBhovtWYLh+OgYAgwCzA+eG+sCGHwiGQFmE4A5p2Pik9DdhtuXYiz3BZjt2LH6qmN6obeFW1bPqctDl/ks23W9zTtWI+JTKelLF8I/Zm43ort6H26zIXLL4tdceFRcQIA3Y7o46Zgqf6bev6ngy04zE6cG8JaT3pMx9RtZKKs884lLA+itJYvok8ZEHPlsGmbn9GrVniA3F3Ke2tJnYQOmJ8z3P0TEZXJeccEyu3sqR3ck+DQGIJm9FS36VImYTmnotatIOVGxCb29/iv71sjDLaAP6QWSjk73cYc5lOzvlNEi7heAowqJsFtO/Sfz5KyeplRgKtC8YN+UMoZ1xgNgRN8wlUbHSdbFXRcTy7peKpVGmRyl7ZAChWiwLMgUy8SGVOhCFp+2DWUqeBKlmaCh+MC099JBlhwx97O7rsb4ZNLNPKsRWn0DQSsVR6q6EVUFZQn5sFz1sAaEhytw8LDjzQ2Hy+lokVPamWDVLzwWRz4pGKh+V0jlhMjMsGMuFTBUTlBR+D7v0uBqVZ2Vmawyqtz1AoAzVmtX6b95z7ANTJCFrqAkpgYlrLCAUZy4wA/jSeKPJAe+/tmZXe3uWuO59UJxxgfnh6nJ3xbt3GlqulhsRG0uCiGsKsuxIiqsGWisyXZk/dU0SHqQ9CDpQdKDpAdJTyvpOVyT9PyMpGfLSc+EMJ96z5jwvNUCINlBsoNkB8kOkh0kOw9NdhqPu3SwnaGDbGfL2Y7P3etnzXZqNOeGSWA50noPciHnQc6DnAc5D3Ie5DwPvqrlHHTM8LxCzrPlnOcZr2Wpt/zj3A7yHOQ5yHOQ5yDPefyFrE6ec4A8Z8t5DtACxj0GOn/GlOesEAJZD7IeZD3IepD1/L+znidezWqhPCqRqO8VfsjG0NhYlK539ZETbcvmtioV8hKhfwGtgQovHgXk9iGYUHNb4VNwpBPA4yAJrKrUlhr9/cnRmpvnVBJ5hE1z/a6NrT8v3zVXbEoHsGUToIvyyb+72MXkFCeqKbBkPOA8xkc+19qs/gzR5r6AAFENRGE1Kux0jTndlk9FGwdIv1Q7np+SgDbpRpnI7V9vIybmlsKB5cQjEjxSfkjXVGY6Ai3tEkUqJ9UgdBS/i7n9fTp9BLWoIVmX3ErV86SaUVz/NI/xtXSzUy/9DkKxOqkNO5LairUiBeC/U+JpAz3O/vECPAHTrRcBCzUouj4kLyr2LJU496x8q/hIfdQYeL1Ld60Cat0y446ocoEUaDXMSBJEoyDe7QZYnexqAAqXhbLx+eWlqFuH1e+D0yC/WayAmyq/mLGJbFYYoJO7f1krSBinkmaW7TBB6uOKBSZw/0ffKqCpjr/rhSMKS0hcEBXJUwPM63k9z/vpOxbOIUBqJ6QVbVkgrdEuot62sOQmqS07t8jJxZSE6i51PQnpLfiiR1+naahlgDobN9Cy7T7co7crm+k1Et2nLMfsN2qyIGneiqcvealFjPkB2hKsq2Zr3LiX1GWwVDhBVT/d0uVCVCBsiUD2cfrTak/+rdLZp8XBajnroNH5KptL9X8dp2uGc853dYrZ4vdEDAYdL4o43MIXRfz90wm+HAInWnGiFSdacaL1uU+0etQdzyV94PnWV/d8km7QMeXT7+Fs6tPOpv7xNRgFNOBiPkqAJY20s9y56t1tkLrEL//9YkO5eKnu6Ynk4j9SffGxPMxuEV9mxLKoUO8WS+8z86Z+wFp00deGk63AgKwTrRTrY2wEKK4+IylCUoSkCEnR8yZFwQ+mQ4fr0iHcTPnEdAi4C9WcaOqOIgLMp1hNhtqHoUWfh0H+iN5z5Ua/HVenF5EXIS9CXoS8CHkR7kW4JzVqPJnXyY3wwbut5UYuT0KJ7KhkR8dKIWvQo52sEdWNylXqpEEvFQawY0YDUpp4oJ+PA8saHzBJ3+if9WRfpHq1i2YlDSIFbUayT529dAvz6xCJEKnL35lOTNVHkhtPs2mIr031slCv5B/5fstXFPyc0xieZ1SnsdC8LEzXu+03F6Oz8w8nv17+/uvHi8qnJ4psYAa5/WdC02XoqM21DYU7ldIpva3xLju+ZtFH4V/MQ7ft4xCZbQ2pdkw3UblykRqDGSv39iRlRxDoNy+dWW5BybMyu3IZRM+18QhXPvpR7udmnNtDg047PeNgYB44ZUKzh8ZvxzwY9MyaWfm7b/x2vFTiq1wGFZWGVVb2YjZ8YDZs9tLfNw+MOdlXnjnefCwV9X1TyTS3qrnVWoeL9SFLP1ncfS0iTmOTfUPptd6VrZvYWfwPzVSNtEmgAAA=
{{- end }} {{- end }}

15
charts/kubezero-operators/values.yaml
View File

@ -1,18 +1,3 @@
opensearch-operator:
enabled: false
# otherwise service names will be >63 chars
fullnameOverride: opensearch-operator
# not needed for now
kubeRbacProxy:
enable: false
manager:
extraEnv:
- name: SKIP_INIT_CONTAINER
value: "true"
eck-operator: eck-operator:
enabled: false enabled: false
installCRDs: false installCRDs: false

22
charts/kubezero-telemetry/Chart.yaml
View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-telemetry name: kubezero-telemetry
description: KubeZero Umbrella Chart for OpenTelemetry, Jaeger etc. description: KubeZero Umbrella Chart for OpenTelemetry, Jaeger etc.
type: application type: application
version: 0.4.1 version: 0.5.0
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -19,23 +19,31 @@ dependencies:
version: 0.2.1 version: 0.2.1
repository: https://cdn.zero-downtime.net/charts/ repository: https://cdn.zero-downtime.net/charts/
- name: opentelemetry-collector - name: opentelemetry-collector
version: 0.108.0 version: 0.125.0
repository: https://open-telemetry.github.io/opentelemetry-helm-charts repository: https://open-telemetry.github.io/opentelemetry-helm-charts
condition: opentelemetry-collector.enabled condition: opentelemetry-collector.enabled
- name: opensearch
version: 3.0.0
repository: https://opensearch-project.github.io/helm-charts/
condition: opensearch.enabled
- name: opensearch-dashboards
version: 3.0.0
repository: https://opensearch-project.github.io/helm-charts/
condition: opensearch-dashboards.enabled
- name: data-prepper - name: data-prepper
version: 0.1.0 version: 0.3.1
repository: https://opensearch-project.github.io/helm-charts/ repository: https://opensearch-project.github.io/helm-charts/
condition: data-prepper.enabled condition: data-prepper.enabled
- name: jaeger - name: jaeger
version: 3.3.1 version: 3.4.1
repository: https://jaegertracing.github.io/helm-charts repository: https://jaegertracing.github.io/helm-charts
condition: jaeger.enabled condition: jaeger.enabled
- name: fluentd - name: fluentd
version: 0.5.2 version: 0.5.3
repository: https://fluent.github.io/helm-charts repository: https://fluent.github.io/helm-charts
condition: fluentd.enabled condition: fluentd.enabled
- name: fluent-bit - name: fluent-bit
version: 0.47.10 version: 0.49.0
repository: https://fluent.github.io/helm-charts repository: https://fluent.github.io/helm-charts
condition: fluent-bit.enabled condition: fluent-bit.enabled
kubeVersion: ">= 1.26.0" kubeVersion: ">= 1.30.0-0"

48
charts/kubezero-telemetry/README.md
View File

@ -1,6 +1,6 @@
# kubezero-telemetry # kubezero-telemetry
![Version: 0.4.1](https://img.shields.io/badge/Version-0.4.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.4.2](https://img.shields.io/badge/Version-0.4.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero Umbrella Chart for OpenTelemetry, Jaeger etc. KubeZero Umbrella Chart for OpenTelemetry, Jaeger etc.
@ -14,16 +14,18 @@ KubeZero Umbrella Chart for OpenTelemetry, Jaeger etc.
## Requirements ## Requirements
Kubernetes: `>= 1.26.0` Kubernetes: `>= 1.30.0-0`
| Repository | Name | Version | | Repository | Name | Version |
|------------|------|---------| |------------|------|---------|
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 |
| https://fluent.github.io/helm-charts | fluent-bit | 0.47.10 | | https://fluent.github.io/helm-charts | fluent-bit | 0.49.0 |
| https://fluent.github.io/helm-charts | fluentd | 0.5.2 | | https://fluent.github.io/helm-charts | fluentd | 0.5.3 |
| https://jaegertracing.github.io/helm-charts | jaeger | 3.3.1 | | https://jaegertracing.github.io/helm-charts | jaeger | 3.4.1 |
| https://open-telemetry.github.io/opentelemetry-helm-charts | opentelemetry-collector | 0.108.0 | | https://open-telemetry.github.io/opentelemetry-helm-charts | opentelemetry-collector | 0.125.0 |
| https://opensearch-project.github.io/helm-charts/ | data-prepper | 0.1.0 | | https://opensearch-project.github.io/helm-charts/ | data-prepper | 0.3.1 |
| https://opensearch-project.github.io/helm-charts/ | opensearch | 3.0.0 |
| https://opensearch-project.github.io/helm-charts/ | opensearch-dashboards | 3.0.0 |
## Values ## Values
@ -135,7 +137,7 @@ Kubernetes: `>= 1.26.0`
| fluentd.service.ports[1].containerPort | int | `9880` | | | fluentd.service.ports[1].containerPort | int | `9880` | |
| fluentd.service.ports[1].name | string | `"http-fluentd"` | | | fluentd.service.ports[1].name | string | `"http-fluentd"` | |
| fluentd.service.ports[1].protocol | string | `"TCP"` | | | fluentd.service.ports[1].protocol | string | `"TCP"` | |
| fluentd.source.sharedKey | string | `"secretref+k8s://v1/Secret/kubezero/kubezero-secrets/telemetry.fluentd.source.sharedKey"` | | | fluentd.source.sharedKey | string | `"secretref+k8s://v1/Secret/kubezero/kubezero-secrets/telemetry.fluentd.source.sharedKey?inCluster"` | |
| fluentd.volumeMounts[0].mountPath | string | `"/run/pki"` | | | fluentd.volumeMounts[0].mountPath | string | `"/run/pki"` | |
| fluentd.volumeMounts[0].name | string | `"trust-store"` | | | fluentd.volumeMounts[0].name | string | `"trust-store"` | |
| fluentd.volumeMounts[0].readOnly | bool | `true` | | | fluentd.volumeMounts[0].readOnly | bool | `true` | |
@ -167,13 +169,27 @@ Kubernetes: `>= 1.26.0`
| jaeger.storage.elasticsearch.user | string | `"admin"` | | | jaeger.storage.elasticsearch.user | string | `"admin"` | |
| jaeger.storage.type | string | `"elasticsearch"` | | | jaeger.storage.type | string | `"elasticsearch"` | |
| metrics.enabled | bool | `false` | | | metrics.enabled | bool | `false` | |
| opensearch.dashboard.enabled | bool | `false` | | | opensearch-dashboards.enabled | bool | `false` | |
| opensearch.dashboard.istio.enabled | bool | `false` | | | opensearch-dashboards.istio.enabled | bool | `false` | |
| opensearch.dashboard.istio.gateway | string | `"istio-ingress/private-ingressgateway"` | | | opensearch-dashboards.istio.gateway | string | `"istio-ingress/private-ingressgateway"` | |
| opensearch.dashboard.istio.url | string | `"telemetry-dashboard.example.com"` | | | opensearch-dashboards.istio.url | string | `"telemetry-dashboard.example.com"` | |
| opensearch.nodeSets | list | `[]` | | | opensearch-dashboards.resources.limits.cpu | string | `nil` | |
| opensearch.prometheus | bool | `false` | | | opensearch-dashboards.resources.limits.memory | string | `"512M"` | |
| opensearch.version | string | `"2.17.0"` | | | opensearch-dashboards.resources.requests.cpu | string | `"100m"` | |
| opensearch-dashboards.resources.requests.memory | string | `"512M"` | |
| opensearch-dashboards.serviceMonitor.enabled | bool | `false` | |
| opensearch-dashboards.serviceMonitor.interval | string | `"30s"` | |
| opensearch.config."opensearch.yml" | string | `"cluster.name: opensearch-cluster\nnetwork.host: 0.0.0.0\ndiscovery.type: single-node\n"` | |
| opensearch.enabled | bool | `false` | |
| opensearch.maxUnavailable | int | `0` | |
| opensearch.opensearchJavaOpts | string | `"-Xmx1024M -Xms1024M"` | |
| opensearch.persistence.size | string | `"8Gi"` | |
| opensearch.resources.limits.memory | string | `"2Gi"` | |
| opensearch.resources.requests.cpu | string | `"500m"` | |
| opensearch.resources.requests.memory | string | `"2Gi"` | |
| opensearch.serviceMonitor.enabled | bool | `false` | |
| opensearch.serviceMonitor.interval | string | `"30s"` | |
| opensearch.singleNode | bool | `true` | |
| opentelemetry-collector.config.exporters.otlp/data-prepper.endpoint | string | `"telemetry-data-prepper:21890"` | | | opentelemetry-collector.config.exporters.otlp/data-prepper.endpoint | string | `"telemetry-data-prepper:21890"` | |
| opentelemetry-collector.config.exporters.otlp/data-prepper.tls.insecure | bool | `true` | | | opentelemetry-collector.config.exporters.otlp/data-prepper.tls.insecure | bool | `true` | |
| opentelemetry-collector.config.exporters.otlp/jaeger.endpoint | string | `"telemetry-jaeger-collector:4317"` | | | opentelemetry-collector.config.exporters.otlp/jaeger.endpoint | string | `"telemetry-jaeger-collector:4317"` | |

4
charts/kubezero-telemetry/charts/fluentd/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v2 apiVersion: v2
appVersion: v1.16.2 appVersion: v1.17.1
description: A Helm chart for Kubernetes description: A Helm chart for Kubernetes
home: https://www.fluentd.org/ home: https://www.fluentd.org/
icon: https://www.fluentd.org/images/miscellany/fluentd-logo_2x.png icon: https://www.fluentd.org/images/miscellany/fluentd-logo_2x.png
@ -12,4 +12,4 @@ name: fluentd
sources: sources:
- https://github.com/fluent/fluentd/ - https://github.com/fluent/fluentd/
- https://github.com/fluent/fluentd-kubernetes-daemonset - https://github.com/fluent/fluentd-kubernetes-daemonset
version: 0.5.2 version: 0.5.3

2
charts/kubezero-telemetry/charts/fluentd/templates/_pod.tpl
View File

@ -1,5 +1,5 @@
{{- define "fluentd.pod" -}} {{- define "fluentd.pod" -}}
{{- $defaultTag := printf "%s-debian-%s-1.0" (.Chart.AppVersion) (.Values.variant) -}} {{- $defaultTag := printf "%s-debian-%s-1.2" (.Chart.AppVersion) (.Values.variant) -}}
{{- with .Values.imagePullSecrets }} {{- with .Values.imagePullSecrets }}
imagePullSecrets: imagePullSecrets:
{{- toYaml . | nindent 2 }} {{- toYaml . | nindent 2 }}

2
charts/kubezero-telemetry/charts/opentelemetry-collector/.helmignore
View File

@ -21,7 +21,7 @@
.idea/ .idea/
*.tmproj *.tmproj
.vscode/ .vscode/
examples/
# Ignore unittest # Ignore unittest
tests/ tests/
*/__snapshot__/* */__snapshot__/*

4
charts/kubezero-telemetry/charts/opentelemetry-collector/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v2 apiVersion: v2
appVersion: 0.111.0 appVersion: 0.126.0
description: OpenTelemetry Collector Helm chart for Kubernetes description: OpenTelemetry Collector Helm chart for Kubernetes
home: https://opentelemetry.io/ home: https://opentelemetry.io/
icon: https://opentelemetry.io/img/logos/opentelemetry-logo-nav.png icon: https://opentelemetry.io/img/logos/opentelemetry-logo-nav.png
@ -12,4 +12,4 @@ sources:
- https://github.com/open-telemetry/opentelemetry-collector - https://github.com/open-telemetry/opentelemetry-collector
- https://github.com/open-telemetry/opentelemetry-collector-contrib - https://github.com/open-telemetry/opentelemetry-collector-contrib
type: application type: application
version: 0.108.0 version: 0.125.0

31
charts/kubezero-telemetry/charts/opentelemetry-collector/README.md
View File

@ -19,7 +19,7 @@ helm repo add open-telemetry https://open-telemetry.github.io/opentelemetry-helm
To install the chart with the release name my-opentelemetry-collector, run the following command: To install the chart with the release name my-opentelemetry-collector, run the following command:
```console ```console
helm install my-opentelemetry-collector open-telemetry/opentelemetry-collector --set mode=<value> --set image.repository="otel/opentelemetry-collector-k8s" --set command.name="otelcol-k8s" helm install my-opentelemetry-collector open-telemetry/opentelemetry-collector --set mode=<value> --set image.repository="ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s" --set command.name="otelcol-k8s"
``` ```
Where the `mode` value needs to be set to one of `daemonset`, `deployment` or `statefulset`. Where the `mode` value needs to be set to one of `daemonset`, `deployment` or `statefulset`.
@ -35,7 +35,7 @@ See [UPGRADING.md](UPGRADING.md).
OpenTelemetry Collector recommends to bind receivers' servers to addresses that limit connections to authorized users. OpenTelemetry Collector recommends to bind receivers' servers to addresses that limit connections to authorized users.
For this reason, by default the chart binds all the Collector's endpoints to the pod's IP. For this reason, by default the chart binds all the Collector's endpoints to the pod's IP.
More info is available in the [Security Best Practices docummentation](https://github.com/open-telemetry/opentelemetry-collector/blob/main/docs/security-best-practices.md#safeguards-against-denial-of-service-attacks) More info is available in the [Security Best Practices documentation](https://github.com/open-telemetry/opentelemetry-collector/blob/main/docs/security-best-practices.md#safeguards-against-denial-of-service-attacks)
Some care must be taken when using `hostNetwork: true`, as then OpenTelemetry Collector will listen on all the addresses in the host network namespace. Some care must be taken when using `hostNetwork: true`, as then OpenTelemetry Collector will listen on all the addresses in the host network namespace.
@ -106,6 +106,29 @@ to read the files where Kubernetes container runtime writes all containers' cons
#### :warning: Warning: Risk of looping the exported logs back into the receiver, causing "log explosion" #### :warning: Warning: Risk of looping the exported logs back into the receiver, causing "log explosion"
#### Log collection for a subset of pods or containers
The `logsCollection` preset will by default ingest the logs of all kubernetes containers.
This is achieved by using an include path of `/var/log/pods/*/*/*.log` for the `filelog`receiver.
To limit the import to a certain subset of pods or containers, the `filelog`
receivers `include` list can be overwritten by supplying explicit configuration.
E.g. The following configuration would only import logs for pods within the namespace: `example-namespace`:
```yaml
mode: daemonset
presets:
logsCollection:
enabled: true
config:
receivers:
filelog:
include:
- /var/log/pods/example-namespace_*/*/*.log
```
The container logs pipeline uses the `debug` exporter by default. The container logs pipeline uses the `debug` exporter by default.
Paired with the default `filelog` receiver that receives all containers' console output, Paired with the default `filelog` receiver that receives all containers' console output,
it is easy to accidentally feed the exported logs back into the receiver. it is easy to accidentally feed the exported logs back into the receiver.
@ -149,6 +172,10 @@ This feature is disabled by default. It has the following requirements:
- It requires the [Kubernetes Attributes processor](https://opentelemetry.io/docs/kubernetes/collector/components/#kubernetes-attributes-processor) to be included in the collector, such as [k8s](https://github.com/open-telemetry/opentelemetry-collector-releases/tree/main/distributions/otelcol-k8s) version of the collector image. - It requires the [Kubernetes Attributes processor](https://opentelemetry.io/docs/kubernetes/collector/components/#kubernetes-attributes-processor) to be included in the collector, such as [k8s](https://github.com/open-telemetry/opentelemetry-collector-releases/tree/main/distributions/otelcol-k8s) version of the collector image.
#### :memo: Note: Changing or supplementing `k8sattributes` scopes
In order to minimize the collector's privileges, the [Kubernetes RBAC Rules](https://kubernetes.io/docs/reference/access-authn-authz/rbac/) that are applied to the collector as part of this chart are the minimum required for the `presets.kubernetesAttributes` preset to work. If additional configuration scopes are desired outside of the preset you must apply the corresponding RBAC rules to grant the collector access.
To enable this feature, set the `presets.kubernetesAttributes.enabled` property to `true`. To enable this feature, set the `presets.kubernetesAttributes.enabled` property to `true`.
Here is an example `values.yaml`: Here is an example `values.yaml`:

8
charts/kubezero-telemetry/charts/opentelemetry-collector/UPGRADING.md
View File

@ -4,6 +4,14 @@ These upgrade guidelines only contain instructions for version upgrades which re
If the version you want to upgrade to is not listed here, then there is nothing to do for you. If the version you want to upgrade to is not listed here, then there is nothing to do for you.
Just upgrade and enjoy. Just upgrade and enjoy.
## 0.121.0 to 0.122.0
In the v0.123.1 Collector release we stopped pushing images to Dockerhub due to how their new rate limit changes affected our CI. If you're using `otel/opentelemetry-collector-k8s` for the image you should switch to `ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s`. See https://github.com/open-telemetry/community/issues/2641 for more details.
## 0.110.0 to 0.110.1 or 0.110.2
We broke the selector labels in `0.110.0`, which causes `helm upgrades` to fail. Do not attempt to upgrade from `0.110.0` to either `0.110.1` or `0.110.2`. Go straight to `0.110.3` instead.
## 0.97.2 to 0.98.0 ## 0.97.2 to 0.98.0
> [!WARNING] > [!WARNING]

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/GOMEMLIMIT-values.yaml
View File

@ -1,7 +1,7 @@
mode: deployment mode: deployment
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/clusterrole-values.yaml
View File

@ -1,7 +1,7 @@
mode: daemonset mode: daemonset
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/config-override-values.yaml
View File

@ -1,7 +1,7 @@
mode: daemonset mode: daemonset
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/daemonset-values.yaml
View File

@ -1,7 +1,7 @@
mode: daemonset mode: daemonset
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

6
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/deployment-values.yaml
View File

@ -4,7 +4,7 @@ global:
mode: deployment mode: deployment
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"
@ -19,6 +19,10 @@ resources:
podLabels: podLabels:
testLabel: "{{ .Values.global.test }}" testLabel: "{{ .Values.global.test }}"
additionalLabels:
testLabel: "{{ .Values.global.test }}"
someLabel: "someValue"
ingress: ingress:
enabled: true enabled: true
hosts: hosts:

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/disabling-protocols-values.yaml
View File

@ -1,7 +1,7 @@
mode: deployment mode: deployment
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/hpa-deployment-values.yaml
View File

@ -1,7 +1,7 @@
mode: deployment mode: deployment
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/hpa-statefulset-values.yaml
View File

@ -1,7 +1,7 @@
mode: statefulset mode: statefulset
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

21
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/internalTelemetryViaOTLP-values.yaml Normal file
View File

@ -0,0 +1,21 @@
mode: deployment
image:
repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
resources:
limits:
cpu: 100m
memory: 200M
internalTelemetryViaOTLP:
endpoint: "http://localhost:4318"
headers:
- name: "x-opentelemetry-customer"
value: "a value"
traces:
enabled: true
metrics:
enabled: true
logs:
enabled: true

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/multiple-ingress-values.yaml
View File

@ -1,7 +1,7 @@
mode: deployment mode: deployment
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/networkpolicy-override-values.yaml
View File

@ -1,7 +1,7 @@
mode: daemonset mode: daemonset
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/networkpolicy-values.yaml
View File

@ -1,7 +1,7 @@
mode: deployment mode: deployment
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

15
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/old-metrics-env-values.yaml Normal file
View File

@ -0,0 +1,15 @@
mode: deployment
image:
repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
resources:
limits:
cpu: 100m
memory: 200M
config:
service:
telemetry:
metrics:
address: ${env:MY_POD_IP}:8888

17
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/old-metrics-url-values.yaml Normal file
View File

@ -0,0 +1,17 @@
mode: deployment
image:
repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
resources:
limits:
cpu: 100m
memory: 200M
config:
service:
telemetry:
metrics:
address: 0.0.0.0:8888
resource:
"k8s.namespace.name": "default"

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/preset-clustermetrics-values.yaml
View File

@ -1,7 +1,7 @@
mode: deployment mode: deployment
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/preset-hostmetrics-values.yaml
View File

@ -1,7 +1,7 @@
mode: daemonset mode: daemonset
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/preset-k8sevents-values.yaml
View File

@ -1,7 +1,7 @@
mode: deployment mode: deployment
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/preset-kubeletmetrics-values.yaml
View File

@ -1,7 +1,7 @@
mode: daemonset mode: daemonset
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/preset-kubernetesattributes-values.yaml
View File

@ -1,7 +1,7 @@
mode: daemonset mode: daemonset
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/preset-logscollection-values.yaml
View File

@ -1,7 +1,7 @@
mode: daemonset mode: daemonset
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/probes-values.yaml
View File

@ -1,7 +1,7 @@
mode: daemonset mode: daemonset
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

2
charts/kubezero-telemetry/charts/opentelemetry-collector/ci/statefulset-values.yaml
View File

@ -1,7 +1,7 @@
mode: statefulset mode: statefulset
image: image:
repository: "otel/opentelemetry-collector-k8s" repository: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-k8s"
command: command:
name: "otelcol-k8s" name: "otelcol-k8s"

17
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/README.md
View File

@ -1,17 +0,0 @@
# Examples of chart configuration
Here is a collection of common configurations for the OpenTelemetry collector. Each folder contains an example `values.yaml` and the resulting configurations that are generated by the opentelemetry-collector helm charts.
- [Daemonset only](daemonset-only)
- [Deployment only](deployment-only)
- [Daemonset and deployment](daemonset-and-deployment)
- [Log collection, including collector logs](daemonset-collector-logs)
- [Add component (hostmetrics)](daemonset-hostmetrics)
The manifests are rendered using the `helm template` command and the specific example folder's values.yaml.
Examples are generated by (from root of the repo):
```sh
make generate-examples CHARTS=opentelemetry-collector
```

41
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/alternate-config/rendered/clusterrole.yaml
View File

@ -1,41 +0,0 @@
---
# Source: opentelemetry-collector/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: example-opentelemetry-collector
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups: [""]
resources: ["pods", "namespaces"]
verbs: ["get", "watch", "list"]
- apiGroups: ["apps"]
resources: ["replicasets"]
verbs: ["get", "list", "watch"]
- apiGroups: ["extensions"]
resources: ["replicasets"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events", "namespaces", "namespaces/status", "nodes", "nodes/spec", "pods", "pods/status", "replicationcontrollers", "replicationcontrollers/status", "resourcequotas", "services" ]
verbs: ["get", "list", "watch"]
- apiGroups: ["apps"]
resources: ["daemonsets", "deployments", "replicasets", "statefulsets"]
verbs: ["get", "list", "watch"]
- apiGroups: ["extensions"]
resources: ["daemonsets", "deployments", "replicasets"]
verbs: ["get", "list", "watch"]
- apiGroups: ["batch"]
resources: ["jobs", "cronjobs"]
verbs: ["get", "list", "watch"]
- apiGroups: ["autoscaling"]
resources: ["horizontalpodautoscalers"]
verbs: ["get", "list", "watch"]
- apiGroups: ["events.k8s.io"]
resources: ["events"]
verbs: ["watch", "list"]

21
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/alternate-config/rendered/clusterrolebinding.yaml
View File

@ -1,21 +0,0 @@
---
# Source: opentelemetry-collector/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: example-opentelemetry-collector
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: example-opentelemetry-collector
subjects:
- kind: ServiceAccount
name: example-opentelemetry-collector
namespace: default

68
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/alternate-config/rendered/configmap.yaml
View File

@ -1,68 +0,0 @@
---
# Source: opentelemetry-collector/templates/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: example-opentelemetry-collector
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm
data:
relay: |
exporters:
debug: {}
processors:
k8sattributes:
extract:
metadata:
- k8s.namespace.name
- k8s.deployment.name
- k8s.statefulset.name
- k8s.daemonset.name
- k8s.cronjob.name
- k8s.job.name
- k8s.node.name
- k8s.pod.name
- k8s.pod.uid
- k8s.pod.start_time
passthrough: false
pod_association:
- sources:
- from: resource_attribute
name: k8s.pod.ip
- sources:
- from: resource_attribute
name: k8s.pod.uid
- sources:
- from: connection
receivers:
k8s_cluster:
collection_interval: 10s
k8sobjects:
objects:
- exclude_watch_type:
- DELETED
group: events.k8s.io
mode: watch
name: events
service:
pipelines:
logs:
exporters:
- debug
processors:
- k8sattributes
receivers:
- k8sobjects
metrics:
exporters:
- debug
processors:
- k8sattributes
receivers:
- k8s_cluster

100
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/alternate-config/rendered/deployment.yaml
View File

@ -1,100 +0,0 @@
---
# Source: opentelemetry-collector/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: example-opentelemetry-collector
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
component: standalone-collector
strategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/config: 360fc84164ca26f5a57ecb44cbcec02ca473b09fc86dba876f71c9fa3617f656
labels:
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
component: standalone-collector
spec:
serviceAccountName: example-opentelemetry-collector
securityContext:
{}
containers:
- name: opentelemetry-collector
command:
- /otelcol-k8s
args:
- --config=/conf/relay.yaml
securityContext:
{}
image: "otel/opentelemetry-collector-k8s:0.111.0"
imagePullPolicy: IfNotPresent
ports:
- name: jaeger-compact
containerPort: 6831
protocol: UDP
- name: jaeger-grpc
containerPort: 14250
protocol: TCP
- name: jaeger-thrift
containerPort: 14268
protocol: TCP
- name: otlp
containerPort: 4317
protocol: TCP
- name: otlp-http
containerPort: 4318
protocol: TCP
- name: zipkin
containerPort: 9411
protocol: TCP
env:
- name: MY_POD_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: GOMEMLIMIT
value: "3276MiB"
livenessProbe:
httpGet:
path: /
port: 13133
readinessProbe:
httpGet:
path: /
port: 13133
resources:
limits:
cpu: 2
memory: 4Gi
volumeMounts:
- mountPath: /conf
name: opentelemetry-collector-configmap
volumes:
- name: opentelemetry-collector-configmap
configMap:
name: example-opentelemetry-collector
items:
- key: relay
path: relay.yaml
hostNetwork: false

49
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/alternate-config/rendered/service.yaml
View File

@ -1,49 +0,0 @@
---
# Source: opentelemetry-collector/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: example-opentelemetry-collector
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm
component: standalone-collector
spec:
type: ClusterIP
ports:
- name: jaeger-compact
port: 6831
targetPort: 6831
protocol: UDP
- name: jaeger-grpc
port: 14250
targetPort: 14250
protocol: TCP
- name: jaeger-thrift
port: 14268
targetPort: 14268
protocol: TCP
- name: otlp
port: 4317
targetPort: 4317
protocol: TCP
appProtocol: grpc
- name: otlp-http
port: 4318
targetPort: 4318
protocol: TCP
- name: zipkin
port: 9411
targetPort: 9411
protocol: TCP
selector:
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
component: standalone-collector
internalTrafficPolicy: Cluster

13
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/alternate-config/rendered/serviceaccount.yaml
View File

@ -1,13 +0,0 @@
---
# Source: opentelemetry-collector/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: example-opentelemetry-collector
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm

34
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/alternate-config/values.yaml
View File

@ -1,34 +0,0 @@
mode: deployment
image:
repository: "otel/opentelemetry-collector-k8s"
command:
name: "otelcol-k8s"
replicaCount: 1
resources:
limits:
cpu: 2
memory: 4Gi
presets:
clusterMetrics:
enabled: true
kubernetesAttributes:
enabled: true
kubernetesEvents:
enabled: true
alternateConfig:
exporters:
debug: {}
service:
pipelines:
logs:
exporters:
- debug
metrics:
exporters:
- debug

34
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/daemonset-and-deployment/daemonset-values.yaml
View File

@ -1,34 +0,0 @@
mode: daemonset
image:
repository: "otel/opentelemetry-collector-k8s"
command:
name: "otelcol-k8s"
config:
exporters:
otlp:
endpoint: example-opentelemetry-collector:4317
tls:
insecure: true
service:
pipelines:
logs:
exporters:
- otlp
- debug
metrics:
exporters:
- otlp
- debug
traces:
exporters:
- otlp
- debug
resources:
limits:
cpu: 100m
memory: 200M

13
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/daemonset-and-deployment/deployment-values.yaml
View File

@ -1,13 +0,0 @@
mode: deployment
image:
repository: "otel/opentelemetry-collector-k8s"
command:
name: "otelcol-k8s"
resources:
limits:
cpu: 100m
memory: 200M

93
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/daemonset-and-deployment/rendered/configmap-agent.yaml
View File

@ -1,93 +0,0 @@
---
# Source: opentelemetry-collector/templates/configmap-agent.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: example-opentelemetry-collector-agent
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm
data:
relay: |
exporters:
debug: {}
otlp:
endpoint: example-opentelemetry-collector:4317
tls:
insecure: true
extensions:
health_check:
endpoint: ${env:MY_POD_IP}:13133
processors:
batch: {}
memory_limiter:
check_interval: 5s
limit_percentage: 80
spike_limit_percentage: 25
receivers:
jaeger:
protocols:
grpc:
endpoint: ${env:MY_POD_IP}:14250
thrift_compact:
endpoint: ${env:MY_POD_IP}:6831
thrift_http:
endpoint: ${env:MY_POD_IP}:14268
otlp:
protocols:
grpc:
endpoint: ${env:MY_POD_IP}:4317
http:
endpoint: ${env:MY_POD_IP}:4318
prometheus:
config:
scrape_configs:
- job_name: opentelemetry-collector
scrape_interval: 10s
static_configs:
- targets:
- ${env:MY_POD_IP}:8888
zipkin:
endpoint: ${env:MY_POD_IP}:9411
service:
extensions:
- health_check
pipelines:
logs:
exporters:
- otlp
- debug
processors:
- memory_limiter
- batch
receivers:
- otlp
metrics:
exporters:
- otlp
- debug
processors:
- memory_limiter
- batch
receivers:
- otlp
- prometheus
traces:
exporters:
- otlp
- debug
processors:
- memory_limiter
- batch
receivers:
- otlp
- jaeger
- zipkin
telemetry:
metrics:
address: ${env:MY_POD_IP}:8888

86
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/daemonset-and-deployment/rendered/configmap.yaml
View File

@ -1,86 +0,0 @@
---
# Source: opentelemetry-collector/templates/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: example-opentelemetry-collector
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm
data:
relay: |
exporters:
debug: {}
extensions:
health_check:
endpoint: ${env:MY_POD_IP}:13133
processors:
batch: {}
memory_limiter:
check_interval: 5s
limit_percentage: 80
spike_limit_percentage: 25
receivers:
jaeger:
protocols:
grpc:
endpoint: ${env:MY_POD_IP}:14250
thrift_compact:
endpoint: ${env:MY_POD_IP}:6831
thrift_http:
endpoint: ${env:MY_POD_IP}:14268
otlp:
protocols:
grpc:
endpoint: ${env:MY_POD_IP}:4317
http:
endpoint: ${env:MY_POD_IP}:4318
prometheus:
config:
scrape_configs:
- job_name: opentelemetry-collector
scrape_interval: 10s
static_configs:
- targets:
- ${env:MY_POD_IP}:8888
zipkin:
endpoint: ${env:MY_POD_IP}:9411
service:
extensions:
- health_check
pipelines:
logs:
exporters:
- debug
processors:
- memory_limiter
- batch
receivers:
- otlp
metrics:
exporters:
- debug
processors:
- memory_limiter
- batch
receivers:
- otlp
- prometheus
traces:
exporters:
- debug
processors:
- memory_limiter
- batch
receivers:
- otlp
- jaeger
- zipkin
telemetry:
metrics:
address: ${env:MY_POD_IP}:8888

104
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/daemonset-and-deployment/rendered/daemonset.yaml
View File

@ -1,104 +0,0 @@
---
# Source: opentelemetry-collector/templates/daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: example-opentelemetry-collector-agent
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm
spec:
selector:
matchLabels:
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
component: agent-collector
updateStrategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/config: a2d0d31bd929305e52879f78f502d56ad49d9ef9396838490646e9034d2243de
labels:
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
component: agent-collector
spec:
serviceAccountName: example-opentelemetry-collector
securityContext:
{}
containers:
- name: opentelemetry-collector
command:
- /otelcol-k8s
args:
- --config=/conf/relay.yaml
securityContext:
{}
image: "otel/opentelemetry-collector-k8s:0.111.0"
imagePullPolicy: IfNotPresent
ports:
- name: jaeger-compact
containerPort: 6831
protocol: UDP
hostPort: 6831
- name: jaeger-grpc
containerPort: 14250
protocol: TCP
hostPort: 14250
- name: jaeger-thrift
containerPort: 14268
protocol: TCP
hostPort: 14268
- name: otlp
containerPort: 4317
protocol: TCP
hostPort: 4317
- name: otlp-http
containerPort: 4318
protocol: TCP
hostPort: 4318
- name: zipkin
containerPort: 9411
protocol: TCP
hostPort: 9411
env:
- name: MY_POD_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: GOMEMLIMIT
value: "152MiB"
livenessProbe:
httpGet:
path: /
port: 13133
readinessProbe:
httpGet:
path: /
port: 13133
resources:
limits:
cpu: 100m
memory: 200M
volumeMounts:
- mountPath: /conf
name: opentelemetry-collector-configmap
volumes:
- name: opentelemetry-collector-configmap
configMap:
name: example-opentelemetry-collector-agent
items:
- key: relay
path: relay.yaml
hostNetwork: false

100
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/daemonset-and-deployment/rendered/deployment.yaml
View File

@ -1,100 +0,0 @@
---
# Source: opentelemetry-collector/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: example-opentelemetry-collector
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
component: standalone-collector
strategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/config: f67e5b63bd16a7b09fc73afd9b6d71dfbeeb2afc8471c0b0f005233ef45df91d
labels:
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
component: standalone-collector
spec:
serviceAccountName: example-opentelemetry-collector
securityContext:
{}
containers:
- name: opentelemetry-collector
command:
- /otelcol-k8s
args:
- --config=/conf/relay.yaml
securityContext:
{}
image: "otel/opentelemetry-collector-k8s:0.111.0"
imagePullPolicy: IfNotPresent
ports:
- name: jaeger-compact
containerPort: 6831
protocol: UDP
- name: jaeger-grpc
containerPort: 14250
protocol: TCP
- name: jaeger-thrift
containerPort: 14268
protocol: TCP
- name: otlp
containerPort: 4317
protocol: TCP
- name: otlp-http
containerPort: 4318
protocol: TCP
- name: zipkin
containerPort: 9411
protocol: TCP
env:
- name: MY_POD_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: GOMEMLIMIT
value: "152MiB"
livenessProbe:
httpGet:
path: /
port: 13133
readinessProbe:
httpGet:
path: /
port: 13133
resources:
limits:
cpu: 100m
memory: 200M
volumeMounts:
- mountPath: /conf
name: opentelemetry-collector-configmap
volumes:
- name: opentelemetry-collector-configmap
configMap:
name: example-opentelemetry-collector
items:
- key: relay
path: relay.yaml
hostNetwork: false

49
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/daemonset-and-deployment/rendered/service.yaml
View File

@ -1,49 +0,0 @@
---
# Source: opentelemetry-collector/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: example-opentelemetry-collector
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm
component: standalone-collector
spec:
type: ClusterIP
ports:
- name: jaeger-compact
port: 6831
targetPort: 6831
protocol: UDP
- name: jaeger-grpc
port: 14250
targetPort: 14250
protocol: TCP
- name: jaeger-thrift
port: 14268
targetPort: 14268
protocol: TCP
- name: otlp
port: 4317
targetPort: 4317
protocol: TCP
appProtocol: grpc
- name: otlp-http
port: 4318
targetPort: 4318
protocol: TCP
- name: zipkin
port: 9411
targetPort: 9411
protocol: TCP
selector:
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
component: standalone-collector
internalTrafficPolicy: Cluster

13
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/daemonset-and-deployment/rendered/serviceaccount.yaml
View File

@ -1,13 +0,0 @@
---
# Source: opentelemetry-collector/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: example-opentelemetry-collector
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm

100
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/daemonset-collector-logs/rendered/configmap-agent.yaml
View File

@ -1,100 +0,0 @@
---
# Source: opentelemetry-collector/templates/configmap-agent.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: example-opentelemetry-collector-agent
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm
data:
relay: |
exporters:
debug: {}
extensions:
health_check:
endpoint: ${env:MY_POD_IP}:13133
processors:
batch: {}
memory_limiter:
check_interval: 5s
limit_percentage: 80
spike_limit_percentage: 25
receivers:
filelog:
exclude: []
include:
- /var/log/pods/*/*/*.log
include_file_name: false
include_file_path: true
operators:
- id: container-parser
max_log_size: 102400
type: container
retry_on_failure:
enabled: true
start_at: end
jaeger:
protocols:
grpc:
endpoint: ${env:MY_POD_IP}:14250
thrift_compact:
endpoint: ${env:MY_POD_IP}:6831
thrift_http:
endpoint: ${env:MY_POD_IP}:14268
otlp:
protocols:
grpc:
endpoint: ${env:MY_POD_IP}:4317
http:
endpoint: ${env:MY_POD_IP}:4318
prometheus:
config:
scrape_configs:
- job_name: opentelemetry-collector
scrape_interval: 10s
static_configs:
- targets:
- ${env:MY_POD_IP}:8888
zipkin:
endpoint: ${env:MY_POD_IP}:9411
service:
extensions:
- health_check
pipelines:
logs:
exporters:
- debug
processors:
- memory_limiter
- batch
receivers:
- otlp
- filelog
metrics:
exporters:
- debug
processors:
- memory_limiter
- batch
receivers:
- otlp
- prometheus
traces:
exporters:
- debug
processors:
- memory_limiter
- batch
receivers:
- otlp
- jaeger
- zipkin
telemetry:
metrics:
address: ${env:MY_POD_IP}:8888

110
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/daemonset-collector-logs/rendered/daemonset.yaml
View File

@ -1,110 +0,0 @@
---
# Source: opentelemetry-collector/templates/daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: example-opentelemetry-collector-agent
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm
spec:
selector:
matchLabels:
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
component: agent-collector
updateStrategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/config: 5237e54a1cdaad762876da10a5bab6f686506211aaa2c70b901a74fec8b82140
labels:
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
component: agent-collector
spec:
serviceAccountName: example-opentelemetry-collector
securityContext:
{}
containers:
- name: opentelemetry-collector
command:
- /otelcol-k8s
args:
- --config=/conf/relay.yaml
securityContext:
{}
image: "otel/opentelemetry-collector-k8s:0.111.0"
imagePullPolicy: IfNotPresent
ports:
- name: jaeger-compact
containerPort: 6831
protocol: UDP
hostPort: 6831
- name: jaeger-grpc
containerPort: 14250
protocol: TCP
hostPort: 14250
- name: jaeger-thrift
containerPort: 14268
protocol: TCP
hostPort: 14268
- name: otlp
containerPort: 4317
protocol: TCP
hostPort: 4317
- name: otlp-http
containerPort: 4318
protocol: TCP
hostPort: 4318
- name: zipkin
containerPort: 9411
protocol: TCP
hostPort: 9411
env:
- name: MY_POD_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
livenessProbe:
httpGet:
path: /
port: 13133
readinessProbe:
httpGet:
path: /
port: 13133
volumeMounts:
- mountPath: /conf
name: opentelemetry-collector-configmap
- name: varlogpods
mountPath: /var/log/pods
readOnly: true
- name: varlibdockercontainers
mountPath: /var/lib/docker/containers
readOnly: true
volumes:
- name: opentelemetry-collector-configmap
configMap:
name: example-opentelemetry-collector-agent
items:
- key: relay
path: relay.yaml
- name: varlogpods
hostPath:
path: /var/log/pods
- name: varlibdockercontainers
hostPath:
path: /var/lib/docker/containers
hostNetwork: false

13
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/daemonset-collector-logs/rendered/serviceaccount.yaml
View File

@ -1,13 +0,0 @@
---
# Source: opentelemetry-collector/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: example-opentelemetry-collector
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm

12
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/daemonset-collector-logs/values.yaml
View File

@ -1,12 +0,0 @@
mode: daemonset
image:
repository: "otel/opentelemetry-collector-k8s"
command:
name: "otelcol-k8s"
presets:
logsCollection:
enabled: true
includeCollectorLogs: true

133
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/daemonset-hostmetrics/rendered/configmap-agent.yaml
View File

@ -1,133 +0,0 @@
---
# Source: opentelemetry-collector/templates/configmap-agent.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: example-opentelemetry-collector-agent
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm
data:
relay: |
exporters:
debug: {}
extensions:
health_check:
endpoint: ${env:MY_POD_IP}:13133
processors:
batch: {}
memory_limiter:
check_interval: 5s
limit_percentage: 80
spike_limit_percentage: 25
receivers:
hostmetrics:
collection_interval: 10s
root_path: /hostfs
scrapers:
cpu: null
disk: null
filesystem:
exclude_fs_types:
fs_types:
- autofs
- binfmt_misc
- bpf
- cgroup2
- configfs
- debugfs
- devpts
- devtmpfs
- fusectl
- hugetlbfs
- iso9660
- mqueue
- nsfs
- overlay
- proc
- procfs
- pstore
- rpc_pipefs
- securityfs
- selinuxfs
- squashfs
- sysfs
- tracefs
match_type: strict
exclude_mount_points:
match_type: regexp
mount_points:
- /dev/*
- /proc/*
- /sys/*
- /run/k3s/containerd/*
- /var/lib/docker/*
- /var/lib/kubelet/*
- /snap/*
load: null
memory: null
network: null
jaeger:
protocols:
grpc:
endpoint: ${env:MY_POD_IP}:14250
thrift_compact:
endpoint: ${env:MY_POD_IP}:6831
thrift_http:
endpoint: ${env:MY_POD_IP}:14268
otlp:
protocols:
grpc:
endpoint: ${env:MY_POD_IP}:4317
http:
endpoint: ${env:MY_POD_IP}:4318
prometheus:
config:
scrape_configs:
- job_name: opentelemetry-collector
scrape_interval: 10s
static_configs:
- targets:
- ${env:MY_POD_IP}:8888
zipkin:
endpoint: ${env:MY_POD_IP}:9411
service:
extensions:
- health_check
pipelines:
logs:
exporters:
- debug
processors:
- memory_limiter
- batch
receivers:
- otlp
metrics:
exporters:
- debug
processors:
- memory_limiter
- batch
receivers:
- otlp
- prometheus
- hostmetrics
traces:
exporters:
- debug
processors:
- memory_limiter
- batch
receivers:
- otlp
- jaeger
- zipkin
telemetry:
metrics:
address: ${env:MY_POD_IP}:8888

105
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/daemonset-hostmetrics/rendered/daemonset.yaml
View File

@ -1,105 +0,0 @@
---
# Source: opentelemetry-collector/templates/daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: example-opentelemetry-collector-agent
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm
spec:
selector:
matchLabels:
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
component: agent-collector
updateStrategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/config: 98dea268c8a8fe987e082a4e85801387f2b60fefc281f9b1edd1080f0af62574
labels:
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
component: agent-collector
spec:
serviceAccountName: example-opentelemetry-collector
securityContext:
{}
containers:
- name: opentelemetry-collector
command:
- /otelcol-k8s
args:
- --config=/conf/relay.yaml
securityContext:
{}
image: "otel/opentelemetry-collector-k8s:0.111.0"
imagePullPolicy: IfNotPresent
ports:
- name: jaeger-compact
containerPort: 6831
protocol: UDP
hostPort: 6831
- name: jaeger-grpc
containerPort: 14250
protocol: TCP
hostPort: 14250
- name: jaeger-thrift
containerPort: 14268
protocol: TCP
hostPort: 14268
- name: otlp
containerPort: 4317
protocol: TCP
hostPort: 4317
- name: otlp-http
containerPort: 4318
protocol: TCP
hostPort: 4318
- name: zipkin
containerPort: 9411
protocol: TCP
hostPort: 9411
env:
- name: MY_POD_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
livenessProbe:
httpGet:
path: /
port: 13133
readinessProbe:
httpGet:
path: /
port: 13133
volumeMounts:
- mountPath: /conf
name: opentelemetry-collector-configmap
- name: hostfs
mountPath: /hostfs
readOnly: true
mountPropagation: HostToContainer
volumes:
- name: opentelemetry-collector-configmap
configMap:
name: example-opentelemetry-collector-agent
items:
- key: relay
path: relay.yaml
- name: hostfs
hostPath:
path: /
hostNetwork: false

13
charts/kubezero-telemetry/charts/opentelemetry-collector/examples/daemonset-hostmetrics/rendered/serviceaccount.yaml
View File

@ -1,13 +0,0 @@
---
# Source: opentelemetry-collector/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: example-opentelemetry-collector
namespace: default
labels:
helm.sh/chart: opentelemetry-collector-0.108.0
app.kubernetes.io/name: opentelemetry-collector
app.kubernetes.io/instance: example
app.kubernetes.io/version: "0.111.0"
app.kubernetes.io/managed-by: Helm

Some files were not shown because too many files have changed in this diff Show More