1 Commits

Author SHA1 Message Date
a55d71bcba chore(deps): update actions/checkout action to v5
Some checks failed
Helm / helm-lint (push) Failing after 5s
Helm / helm-unittest (push) Failing after 4s
Helm / helm-lint (pull_request) Failing after 9s
Helm / helm-unittest (pull_request) Failing after 4s
2025-09-18 17:09:53 +00:00
9 changed files with 19 additions and 109 deletions

View File

@@ -15,7 +15,7 @@ on:
jobs:
generate-parameters:
container:
image: docker.io/library/node:25.1.0-alpine
image: docker.io/library/node:24.8.0-alpine
runs-on:
- ubuntu-latest
steps:

View File

@@ -13,7 +13,7 @@ on:
jobs:
helm-lint:
container:
image: docker.io/volkerraschek/helm:3.19.0
image: docker.io/volkerraschek/helm:3.18.5
runs-on:
- ubuntu-latest
steps:
@@ -28,7 +28,7 @@ jobs:
helm-unittest:
container:
image: docker.io/volkerraschek/helm:3.19.0
image: docker.io/volkerraschek/helm:3.18.5
runs-on:
- ubuntu-latest
steps:

View File

@@ -15,7 +15,7 @@ on:
jobs:
markdown-link-checker:
container:
image: docker.io/library/node:25.1.0-alpine
image: docker.io/library/node:24.8.0-alpine
runs-on:
- ubuntu-latest
steps:
@@ -31,7 +31,7 @@ jobs:
markdown-lint:
container:
image: docker.io/library/node:25.1.0-alpine
image: docker.io/library/node:24.8.0-alpine
runs-on:
- ubuntu-latest
steps:

View File

@@ -8,7 +8,7 @@ on:
jobs:
publish-chart:
container:
image: docker.io/volkerraschek/helm:3.19.0
image: docker.io/volkerraschek/helm:3.18.5
runs-on: ubuntu-latest
steps:
- name: Install packages via apk
@@ -16,7 +16,7 @@ jobs:
apk update
apk add git npm jq yq
- uses: actions/checkout@v5.0.0
- uses: actions/checkout@v5
with:
fetch-depth: 0

View File

@@ -1,8 +0,0 @@
{
"yaml.schemas": {
"https://raw.githubusercontent.com/helm-unittest/helm-unittest/v1.0.3/schema/helm-testsuite.json": [
"/unittests/**/*.yaml"
]
},
"yaml.schemaStore.enable": true
}

View File

@@ -4,13 +4,13 @@ CONTAINER_RUNTIME?=$(shell which podman)
# HELM_IMAGE
HELM_IMAGE_REGISTRY_HOST?=docker.io
HELM_IMAGE_REPOSITORY?=volkerraschek/helm
HELM_IMAGE_VERSION?=3.19.0 # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/volkerraschek/helm
HELM_IMAGE_VERSION?=3.18.5 # renovate: datasource=docker registryUrl=https://docker.io depName=volkerraschek/helm
HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION}
# NODE_IMAGE
NODE_IMAGE_REGISTRY_HOST?=docker.io
NODE_IMAGE_REPOSITORY?=library/node
NODE_IMAGE_VERSION?=25.1.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node
NODE_IMAGE_VERSION?=24.8.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node
NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION}
# MISSING DOT
@@ -88,4 +88,4 @@ container-run/helm-lint:
# ==============================================================================
# Declare the contents of the PHONY variable as phony. We keep that information
# in a variable so we can use it in if_changed.
.PHONY: ${PHONY}
.PHONY: ${PHONY}

View File

@@ -14,10 +14,7 @@ Chapter [configuration and installation](#helm-configuration-and-installation) d
and use it to deploy the exporter. It also contains further configuration examples.
Furthermore, this helm chart contains unit tests to detect regressions and stabilize the deployment. Additionally, this
helm chart is tested for deployment scenarios with **ArgoCD**, but please keep in mind, that this chart supports the
*[Automatically Roll Deployment](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments)*
concept of Helm, which can trigger unexpected rolling releases. Further configuration instructions are described in a
separate [chapter](#argocd).
helm chart is tested for deployment scenarios with **ArgoCD**.
## Helm: configuration and installation
@@ -204,35 +201,6 @@ networkPolicies:
protocol: TCP
```
## ArgoCD
### Daily execution of rolling updates
The behavior whereby ArgoCD triggers a rolling update even though nothing appears to have changed often occurs in
connection with the helm concept `checksum/secret`, `checksum/configmap` or more generally, [Automatically Roll
Deployments](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments).
The problem with combining this concept with ArgoCD is that ArgoCD re-renders the Helm chart every time. Even if the
content of the config map or secret has not changed, there may be minimal differences (e.g., whitespace, chart version,
Helm render order, different timestamps).
This changes the SHA256 hash, Argo sees a drift and trigger a rolling update of the deployment. Among other things, this
can lead to unnecessary notifications from ArgoCD.
To avoid this, the annotation with the shasum must be ignored. Below is a diff that adds the `Application` to ignore all
annotations with the prefix `checksum`.
```diff
apiVersion: argoproj.io/v1alpha1
kind: Application
spec:
+ ignoreDifferences:
+ - group: apps/v1
+ kind: Deployment
+ jqPathExpressions:
+ - '.spec.template.metadata.annotations | with_entries(select(.key | startswith("checksum")))'
```
## Parameters
### Global

26
package-lock.json generated
View File

@@ -1042,9 +1042,9 @@
}
},
"node_modules/link-check": {
"version": "5.5.0",
"resolved": "https://registry.npmjs.org/link-check/-/link-check-5.5.0.tgz",
"integrity": "sha512-CpMk2zMfyEMdDvFG92wO5pU/2I/wbw72/9pvUFhU9cDKkwhmVlPuvxQJzd/jXA2iVOgNgPLnS5zyOLW7OzNpdA==",
"version": "5.4.0",
"resolved": "https://registry.npmjs.org/link-check/-/link-check-5.4.0.tgz",
"integrity": "sha512-0Pf4xBVUnwJdbDgpBlhHNmWDtbVjHTpIFs+JaBuIsC9PKRxjv4KMGCO2Gc8lkVnqMf9B/yaNY+9zmMlO5MyToQ==",
"dev": true,
"license": "ISC",
"dependencies": {
@@ -1101,16 +1101,16 @@
}
},
"node_modules/markdown-link-check": {
"version": "3.14.1",
"resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.14.1.tgz",
"integrity": "sha512-h1tihNL3kmOS3N7H4FyF4xKDxiHnNBNSgs/LWlDiRHlC8O0vfRX0LhDDvesRSs4HM7nS0F658glLxonaXBmuWw==",
"version": "3.13.7",
"resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.13.7.tgz",
"integrity": "sha512-Btn3HU8s2Uyh1ZfzmyZEkp64zp2+RAjwfQt1u4swq2Xa6w37OW0T2inQZrkSNVxDSa2jSN2YYhw/JkAp5jF1PQ==",
"dev": true,
"license": "ISC",
"dependencies": {
"async": "^3.2.6",
"chalk": "^5.3.0",
"commander": "^14.0.0",
"link-check": "^5.5.0",
"commander": "^13.1.0",
"link-check": "^5.4.0",
"markdown-link-extractor": "^4.0.2",
"needle": "^3.3.1",
"progress": "^2.0.3",
@@ -1121,16 +1121,6 @@
"markdown-link-check": "markdown-link-check"
}
},
"node_modules/markdown-link-check/node_modules/commander": {
"version": "14.0.1",
"resolved": "https://registry.npmjs.org/commander/-/commander-14.0.1.tgz",
"integrity": "sha512-2JkV3gUZUVrbNA+1sjBOYLsMZ5cEEl8GTFP2a4AVz5hvasAMCQ1D2l2le/cX+pV4N6ZU17zjUahLpIXRrnWL8A==",
"dev": true,
"license": "MIT",
"engines": {
"node": ">=20"
}
},
"node_modules/markdown-link-extractor": {
"version": "4.0.2",
"resolved": "https://registry.npmjs.org/markdown-link-extractor/-/markdown-link-extractor-4.0.2.tgz",

View File

@@ -9,7 +9,6 @@
],
"customManagers": [
{
"customType": "regex",
"fileMatch": [
"^Chart\\.yaml$"
],
@@ -22,7 +21,6 @@
"versioningTemplate": "semver"
},
{
"customType": "regex",
"fileMatch": ["^README\\.md$"],
"matchStrings": [
"CHART_VERSION=(?<currentValue>.*)"
@@ -31,47 +29,9 @@
"packageNameTemplate": "https://git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter-charts",
"datasourceTemplate": "git-tags",
"versioningTemplate": "semver"
},
{
"customType": "regex",
"datasourceTemplate": "github-releases",
"fileMatch": [
".vscode/settings\\.json$"
],
"matchStrings": [
"https:\\/\\/raw\\.githubusercontent\\.com\\/(?<depName>[^\\s]+?)\\/(?<currentValue>v[0-9.]+?)\\/schema\\/helm-testsuite\\.json"
]
}
],
"packageRules": [
{
"groupName": "Update docker.io/volkerraschek/helm",
"matchDepNames": [
"docker.io/volkerraschek/helm",
"volkerraschek/helm"
]
},
{
"automerge": true,
"groupName": "Update helm plugin 'unittest'",
"matchDepNames": [
"helm-unittest/helm-unittest"
],
"matchDatasources": [
"github-releases"
],
"matchUpdateTypes": [
"minor",
"patch"
]
},
{
"groupName": "Update docker.io/library/node",
"matchDepNames": [
"docker.io/library/node",
"library/node"
]
},
{
"addLabels": [
"renovate/automerge",