Compare commits
1 Commits
main
...
renovate/k
| Author | SHA1 | Date | |
|---|---|---|---|
| 2808b53b35 |
@ -1,6 +1,6 @@
|
|||||||
# kubezero-argo
|
# kubezero-argo
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
KubeZero Argo - Events, Workflow, CD
|
KubeZero Argo - Events, Workflow, CD
|
||||||
|
|
||||||
@ -18,9 +18,9 @@ Kubernetes: `>= 1.30.0-0`
|
|||||||
|
|
||||||
| Repository | Name | Version |
|
| Repository | Name | Version |
|
||||||
|------------|------|---------|
|
|------------|------|---------|
|
||||||
| https://argoproj.github.io/argo-helm | argo-cd | 8.0.14 |
|
| https://argoproj.github.io/argo-helm | argo-cd | 8.0.9 |
|
||||||
| https://argoproj.github.io/argo-helm | argo-events | 2.4.15 |
|
| https://argoproj.github.io/argo-helm | argo-events | 2.4.15 |
|
||||||
| https://argoproj.github.io/argo-helm | argocd-image-updater | 0.12.2 |
|
| https://argoproj.github.io/argo-helm | argocd-image-updater | 0.12.1 |
|
||||||
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 |
|
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 |
|
||||||
|
|
||||||
## Values
|
## Values
|
||||||
@ -53,7 +53,7 @@ Kubernetes: `>= 1.30.0-0`
|
|||||||
| argo-cd.dex.enabled | bool | `false` | |
|
| argo-cd.dex.enabled | bool | `false` | |
|
||||||
| argo-cd.enabled | bool | `false` | |
|
| argo-cd.enabled | bool | `false` | |
|
||||||
| argo-cd.global.image.repository | string | `"public.ecr.aws/zero-downtime/zdt-argocd"` | |
|
| argo-cd.global.image.repository | string | `"public.ecr.aws/zero-downtime/zdt-argocd"` | |
|
||||||
| argo-cd.global.image.tag | string | `"v3.0.5"` | |
|
| argo-cd.global.image.tag | string | `"v3.0.3"` | |
|
||||||
| argo-cd.global.logging.format | string | `"json"` | |
|
| argo-cd.global.logging.format | string | `"json"` | |
|
||||||
| argo-cd.global.networkPolicy.create | bool | `true` | |
|
| argo-cd.global.networkPolicy.create | bool | `true` | |
|
||||||
| argo-cd.istio.enabled | bool | `false` | |
|
| argo-cd.istio.enabled | bool | `false` | |
|
||||||
@ -83,8 +83,8 @@ Kubernetes: `>= 1.30.0-0`
|
|||||||
| argo-events.configs.jetstream.streamConfig.maxMsgs | int | `1000000` | Maximum number of messages before expiring oldest message |
|
| argo-events.configs.jetstream.streamConfig.maxMsgs | int | `1000000` | Maximum number of messages before expiring oldest message |
|
||||||
| argo-events.configs.jetstream.streamConfig.replicas | int | `1` | Number of replicas, defaults to 3 and requires minimal 3 |
|
| argo-events.configs.jetstream.streamConfig.replicas | int | `1` | Number of replicas, defaults to 3 and requires minimal 3 |
|
||||||
| argo-events.configs.jetstream.versions[0].configReloaderImage | string | `"natsio/nats-server-config-reloader:0.14.1"` | |
|
| argo-events.configs.jetstream.versions[0].configReloaderImage | string | `"natsio/nats-server-config-reloader:0.14.1"` | |
|
||||||
| argo-events.configs.jetstream.versions[0].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.17.3"` | |
|
| argo-events.configs.jetstream.versions[0].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.17.2"` | |
|
||||||
| argo-events.configs.jetstream.versions[0].natsImage | string | `"nats:2.11.4-scratch"` | |
|
| argo-events.configs.jetstream.versions[0].natsImage | string | `"nats:2.11.1-scratch"` | |
|
||||||
| argo-events.configs.jetstream.versions[0].startCommand | string | `"/nats-server"` | |
|
| argo-events.configs.jetstream.versions[0].startCommand | string | `"/nats-server"` | |
|
||||||
| argo-events.configs.jetstream.versions[0].version | string | `"2.10.11"` | |
|
| argo-events.configs.jetstream.versions[0].version | string | `"2.10.11"` | |
|
||||||
| argo-events.enabled | bool | `false` | |
|
| argo-events.enabled | bool | `false` | |
|
||||||
|
|||||||
@ -26,7 +26,6 @@ spec:
|
|||||||
prune: true
|
prune: true
|
||||||
syncOptions:
|
syncOptions:
|
||||||
- ApplyOutOfSyncOnly=true
|
- ApplyOutOfSyncOnly=true
|
||||||
- ServerSideApply=true
|
|
||||||
info:
|
info:
|
||||||
- name: "Source:"
|
- name: "Source:"
|
||||||
value: "https://git.zero-downtime.net/ZeroDownTime/KubeZero/src/branch/release/v1.32/"
|
value: "https://git.zero-downtime.net/ZeroDownTime/KubeZero/src/branch/release/v1.32/"
|
||||||
|
|||||||
@ -27,7 +27,7 @@ argo-events:
|
|||||||
- version: 2.10.11
|
- version: 2.10.11
|
||||||
natsImage: nats:2.11.4-scratch
|
natsImage: nats:2.11.4-scratch
|
||||||
metricsExporterImage: natsio/prometheus-nats-exporter:0.17.3
|
metricsExporterImage: natsio/prometheus-nats-exporter:0.17.3
|
||||||
configReloaderImage: natsio/nats-server-config-reloader:0.18.0
|
configReloaderImage: natsio/nats-server-config-reloader:0.14.1
|
||||||
startCommand: /nats-server
|
startCommand: /nats-server
|
||||||
|
|
||||||
argo-cd:
|
argo-cd:
|
||||||
@ -38,7 +38,7 @@ argo-cd:
|
|||||||
format: json
|
format: json
|
||||||
image:
|
image:
|
||||||
repository: public.ecr.aws/zero-downtime/zdt-argocd
|
repository: public.ecr.aws/zero-downtime/zdt-argocd
|
||||||
tag: v3.0.5
|
tag: v3.0.3
|
||||||
networkPolicy:
|
networkPolicy:
|
||||||
create: true
|
create: true
|
||||||
|
|
||||||
@ -63,10 +63,6 @@ argo-cd:
|
|||||||
application.instanceLabelKey: Null
|
application.instanceLabelKey: Null
|
||||||
server.rbac.log.enforce.enable: Null
|
server.rbac.log.enforce.enable: Null
|
||||||
|
|
||||||
resource.compareoptions: |
|
|
||||||
# disables status field diffing in specified resource types
|
|
||||||
ignoreAggregatedRoles: true
|
|
||||||
|
|
||||||
resource.customizations: |
|
resource.customizations: |
|
||||||
argoproj.io/Application:
|
argoproj.io/Application:
|
||||||
health.lua: |
|
health.lua: |
|
||||||
|
|||||||
@ -2,7 +2,7 @@ apiVersion: v2
|
|||||||
name: kubezero-falco
|
name: kubezero-falco
|
||||||
description: Falco Container Security and Audit components
|
description: Falco Container Security and Audit components
|
||||||
type: application
|
type: application
|
||||||
version: 0.1.3
|
version: 0.1.4
|
||||||
home: https://kubezero.com
|
home: https://kubezero.com
|
||||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||||
keywords:
|
keywords:
|
||||||
@ -16,7 +16,7 @@ dependencies:
|
|||||||
version: 0.2.1
|
version: 0.2.1
|
||||||
repository: https://cdn.zero-downtime.net/charts/
|
repository: https://cdn.zero-downtime.net/charts/
|
||||||
- name: falco
|
- name: falco
|
||||||
version: 5.0.0
|
version: 5.0.3
|
||||||
repository: https://falcosecurity.github.io/charts
|
repository: https://falcosecurity.github.io/charts
|
||||||
condition: k8saudit.enabled
|
condition: k8saudit.enabled
|
||||||
alias: k8saudit
|
alias: k8saudit
|
||||||
|
|||||||
@ -13,9 +13,6 @@ maintainers:
|
|||||||
- name: Stefan Reimer
|
- name: Stefan Reimer
|
||||||
email: stefan@zero-downtime.net
|
email: stefan@zero-downtime.net
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: kubezero-lib
|
|
||||||
version: 0.2.1
|
|
||||||
repository: https://cdn.zero-downtime.net/charts/
|
|
||||||
- name: kyverno
|
- name: kyverno
|
||||||
version: 3.4.2
|
version: 3.4.2
|
||||||
repository: https://kyverno.github.io/kyverno/
|
repository: https://kyverno.github.io/kyverno/
|
||||||
|
|||||||
@ -18,7 +18,6 @@ Kubernetes: `>= 1.30.0-0`
|
|||||||
|
|
||||||
| Repository | Name | Version |
|
| Repository | Name | Version |
|
||||||
|------------|------|---------|
|
|------------|------|---------|
|
||||||
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 |
|
|
||||||
| https://kyverno.github.io/kyverno/ | kyverno | 3.4.2 |
|
| https://kyverno.github.io/kyverno/ | kyverno | 3.4.2 |
|
||||||
|
|
||||||
# Kyverno
|
# Kyverno
|
||||||
|
|||||||
@ -1,52 +0,0 @@
|
|||||||
{{- if and false .Values.kyverno.enabled }}
|
|
||||||
apiVersion: cert-manager.io/v1
|
|
||||||
kind: Certificate
|
|
||||||
metadata:
|
|
||||||
name: {{ template "kubezero-lib.fullname" . }}-admission-tls
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
{{ include "kubezero-lib.labels" . | nindent 4 }}
|
|
||||||
spec:
|
|
||||||
secretName: {{ template "kubezero-lib.fullname" . }}-kyverno-svc.{{ .Release.Namespace }}.svc.kyverno-tls-pair
|
|
||||||
issuerRef:
|
|
||||||
name: kubezero-local-ca-issuer
|
|
||||||
kind: ClusterIssuer
|
|
||||||
duration: 8760h0m0s
|
|
||||||
privateKey:
|
|
||||||
encoding: PKCS8
|
|
||||||
usages:
|
|
||||||
- "client auth"
|
|
||||||
- "server auth"
|
|
||||||
commonName: {{ template "kubezero-lib.fullname" . }}-admission
|
|
||||||
dnsNames:
|
|
||||||
# <cluster-name>-<nodepool-component>-<index>
|
|
||||||
- 'kyverno-svc'
|
|
||||||
- 'kyverno-svc.{{ .Release.Namespace }}'
|
|
||||||
- 'kyverno-svc.{{ .Release.Namespace }}.svc'
|
|
||||||
---
|
|
||||||
|
|
||||||
apiVersion: cert-manager.io/v1
|
|
||||||
kind: Certificate
|
|
||||||
metadata:
|
|
||||||
name: {{ template "kubezero-lib.fullname" . }}-cleanup-tls
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
{{ include "kubezero-lib.labels" . | nindent 4 }}
|
|
||||||
spec:
|
|
||||||
secretName: {{ template "kubezero-lib.fullname" . }}-kyverno-cleanup-controller.{{ .Release.Namespace }}.svc.kyverno-tls-pair
|
|
||||||
issuerRef:
|
|
||||||
name: kubezero-local-ca-issuer
|
|
||||||
kind: ClusterIssuer
|
|
||||||
duration: 8760h0m0s
|
|
||||||
privateKey:
|
|
||||||
encoding: PKCS8
|
|
||||||
usages:
|
|
||||||
- "client auth"
|
|
||||||
- "server auth"
|
|
||||||
commonName: {{ template "kubezero-lib.fullname" . }}-cleanup-controller
|
|
||||||
dnsNames:
|
|
||||||
# <cluster-name>-<nodepool-component>-<index>
|
|
||||||
- 'kyverno-cleanup-controller'
|
|
||||||
- 'kyverno-cleanup-controller.{{ .Release.Namespace }}'
|
|
||||||
- 'kyverno-cleanup-controller.{{ .Release.Namespace }}.svc'
|
|
||||||
{{- end }}
|
|
||||||
@ -1,28 +1,2 @@
|
|||||||
kyverno:
|
kyverno:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
|
||||||
# templating:
|
|
||||||
# enabled: true
|
|
||||||
|
|
||||||
admissionController:
|
|
||||||
revisionHistoryLimit: 2
|
|
||||||
|
|
||||||
nodeSelector:
|
|
||||||
node-role.kubernetes.io/control-plane: ""
|
|
||||||
tolerations:
|
|
||||||
- key: node-role.kubernetes.io/control-plane
|
|
||||||
effect: NoSchedule
|
|
||||||
|
|
||||||
# container:
|
|
||||||
# extraArgs:
|
|
||||||
# caSecretName: kubezero-policy-admission-tls
|
|
||||||
# tlsSecretName: kubezero-policy-admission-tls
|
|
||||||
|
|
||||||
backgroundController:
|
|
||||||
enabled: false
|
|
||||||
|
|
||||||
# cleanupController:
|
|
||||||
# enabled: false
|
|
||||||
|
|
||||||
reportsController:
|
|
||||||
enabled: false
|
|
||||||
|
|||||||
@ -10,8 +10,7 @@ metadata:
|
|||||||
labels:
|
labels:
|
||||||
{{- include "kubezero-lib.labels" . | nindent 4 }}
|
{{- include "kubezero-lib.labels" . | nindent 4 }}
|
||||||
annotations:
|
annotations:
|
||||||
argocd.argoproj.io/compare-options: IncludeMutationWebhook=true
|
argocd.argoproj.io/sync-options: Replace=true
|
||||||
# argocd.argoproj.io/sync-options: Replace=true
|
|
||||||
{{- with ( index .Values $name "annotations" ) }}
|
{{- with ( index .Values $name "annotations" ) }}
|
||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
@ -42,7 +41,6 @@ spec:
|
|||||||
syncOptions:
|
syncOptions:
|
||||||
- CreateNamespace=true
|
- CreateNamespace=true
|
||||||
- ApplyOutOfSyncOnly=true
|
- ApplyOutOfSyncOnly=true
|
||||||
- ServerSideApply=true
|
|
||||||
info:
|
info:
|
||||||
- name: "Source:"
|
- name: "Source:"
|
||||||
value: "https://git.zero-downtime.net/ZeroDownTime/KubeZero/src/branch/release/v1.31/charts/kubezero-{{ $name }}"
|
value: "https://git.zero-downtime.net/ZeroDownTime/KubeZero/src/branch/release/v1.31/charts/kubezero-{{ $name }}"
|
||||||
|
|||||||
@ -10,9 +10,9 @@ argo-cd:
|
|||||||
params:
|
params:
|
||||||
{{- if not $.Values.global.highAvailable }}
|
{{- if not $.Values.global.highAvailable }}
|
||||||
# Reduce load on API server on single node control plane
|
# Reduce load on API server on single node control plane
|
||||||
controller.status.processors: 4
|
controller.status.processors: 2
|
||||||
controller.operation.processors: 2
|
controller.operation.processors: 1
|
||||||
controller.kubectl.parallelism.limit: 2
|
controller.kubectl.parallelism.limit: 1
|
||||||
{{- else }}
|
{{- else }}
|
||||||
controller.status.processors: 8
|
controller.status.processors: 8
|
||||||
controller.operation.processors: 4
|
controller.operation.processors: 4
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
{{- define "policy-values" }}
|
{{- define "policy-values" }}
|
||||||
kyverno:
|
kyverno:
|
||||||
dummy: test
|
test: true
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
{{- define "policy-argo" }}
|
{{- define "policy-argo" }}
|
||||||
|
|||||||
@ -32,7 +32,6 @@ addons:
|
|||||||
|
|
||||||
policy:
|
policy:
|
||||||
enabled: false
|
enabled: false
|
||||||
namespace: kyverno
|
|
||||||
targetRevision: 0.1.0
|
targetRevision: 0.1.0
|
||||||
|
|
||||||
network:
|
network:
|
||||||
@ -123,7 +122,7 @@ logging:
|
|||||||
argo:
|
argo:
|
||||||
enabled: false
|
enabled: false
|
||||||
namespace: argocd
|
namespace: argocd
|
||||||
targetRevision: 0.4.1
|
targetRevision: 0.4.0
|
||||||
argo-cd:
|
argo-cd:
|
||||||
enabled: false
|
enabled: false
|
||||||
istio:
|
istio:
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user