minor bootstrap fix

charts/kubezero-metrics/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/kubezero-metrics/Chart.yaml

@@ -0,0 +1,21 @@
+apiVersion: v2
+name: kubezero-metrics
+description: KubeZero Umbrella Chart for prometheus-operator
+type: application
+version: 0.0.1
+home: https://kubezero.com
+icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
+keywords:
+  - kubezero
+  - prometheus-operator
+  - grafana
+maintainers:
+  - name: Quarky9
+dependencies:
+  - name: kubezero-lib
+    version: ">= 0.1.1"
+    repository: https://zero-down-time.github.io/kubezero/
+  - name: prometheus-operator
+    version: 9.3.0
+    repository: https://kubernetes-charts.storage.googleapis.com/
+kubeVersion: ">= 1.16.0"

charts/kubezero-metrics/README.md

@@ -0,0 +1,47 @@
+kubezero-cert-manager
+=====================
+KubeZero Umbrella Chart for cert-manager
+
+Current chart version is `0.3.5`
+
+Source code can be found [here](https://kubezero.com)
+
+## Chart Requirements
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://charts.jetstack.io | cert-manager | 0.15.1 |
+| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.1 |
+
+## AWS - IAM Role
+If you use kiam or kube2iam and restrict access on nodes running cert-manager please adjust:
+```
+cert-manager.podAnnotations:
+  iam.amazonaws.com/role: <ROLE>
+```
+
+## Resolver Secrets
+If your resolvers need additional sercrets like CloudFlare API tokens etc. make sure to provide these secrets separatly matching your defined issuers.
+
+## Chart Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| cert-manager.cainjector.nodeSelector."node-role.kubernetes.io/master" | string | `""` |  |
+| cert-manager.cainjector.tolerations[0].effect | string | `"NoSchedule"` |  |
+| cert-manager.cainjector.tolerations[0].key | string | `"node-role.kubernetes.io/master"` |  |
+| cert-manager.extraArgs[0] | string | `"--dns01-recursive-nameservers-only"` |  |
+| cert-manager.ingressShim.defaultIssuerKind | string | `"ClusterIssuer"` |  |
+| cert-manager.ingressShim.defaultIssuerName | string | `"letsencrypt-dns-prod"` |  |
+| cert-manager.installCRDs | bool | `true` |  |
+| cert-manager.nodeSelector."node-role.kubernetes.io/master" | string | `""` |  |
+| cert-manager.podAnnotations | object | `{}` | "iam.amazonaws.com/roleIAM:" role ARN the cert-manager might use via kiam eg."arn:aws:iam::123456789012:role/certManagerRoleArn" |
+| cert-manager.prometheus.servicemonitor.enabled | bool | `false` |  |
+| cert-manager.tolerations[0].effect | string | `"NoSchedule"` |  |
+| cert-manager.tolerations[0].key | string | `"node-role.kubernetes.io/master"` |  |
+| cert-manager.webhook.nodeSelector."node-role.kubernetes.io/master" | string | `""` |  |
+| cert-manager.webhook.tolerations[0].effect | string | `"NoSchedule"` |  |
+| cert-manager.webhook.tolerations[0].key | string | `"node-role.kubernetes.io/master"` |  |
+| clusterIssuer | object | `{}` |  |
+| localCA.enabled | bool | `true` |  |
+| localCA.selfsigning | bool | `true` |  |

charts/kubezero-metrics/README.md.gotmpl

@@ -0,0 +1,10 @@
+{{ template "chart.header" . }}
+{{ template "chart.description" . }}
+
+{{ template "chart.versionLine" . }}
+
+{{ template "chart.sourceLinkLine" . }}
+
+{{ template "chart.requirementsSection" . }}
+
+{{ template "chart.valuesSection" . }}

charts/kubezero-metrics/values.yaml

@@ -0,0 +1,43 @@
+prometheus-operator:
+  alertmanager:
+    enabled: false
+  coreDns:
+    enabled: false
+  kubeApiServer:
+    enabled: false
+  kubeControllerManager:
+    enabled: false
+  kubeDns:
+    enabled: false
+  kubeEtcd:
+    enabled: false
+  kubeProxy:
+    enabled: false
+  kubeScheduler:
+    enabled: false
+  kubeStateMetrics:
+    enabled: false
+  kubelet:
+    enabled: false
+  nodeExporter:
+    enabled: false
+  grafana:
+    enabled: false
+  prometheus:
+    enabled: false
+  defaultRules:
+    create: false
+  # Default configuration of prometheus operator will create CRDs in the cluster idempotently
+  prometheusOperator:
+    enabled: true
+    serviceMonitor:
+      selfMonitor: false
+    createCustomResource: false
+    tlsProxy:
+      enabled: false
+    admissionWebhooks:
+      enabled: false
+    namespaces:
+      releaseNamespace: true
+      additional:
+        - kube-system

deploy/templates/values.yaml

@@ -96,7 +96,7 @@ argo-cd:
   configs:
     {{- toYaml . | nindent 4 }}
   {{- end }}
-  {{- if and ( not .Values.bootstrap ) ( index .Values "argo-cd" "istio" ) }}
+  {{- if and ( not .Values.bootstrap ) ( index .Values "argo-cd" "istio" "enabled" ) .Values.istio.enabled }}
   istio:
     {{- with index .Values "argo-cd" "istio" }}
     {{- toYaml . | nindent 4 }}