You've already forked reposilite-charts
							
							Compare commits
	
		
			76 Commits
		
	
	
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 0dd267a0df | |||
| d790cd3ec4 | |||
| d2c329e1be | |||
| db5e38cef1 | |||
| 1fe7bc604e | |||
| fa43188e03 | |||
| 99ed88068a | |||
| 95fd713da6 | |||
| 671a635627 | |||
| 13fbb0ecc0 | |||
| 8835a8cde1 | |||
| 7d479fe629 | |||
| edacc04893 | |||
| 3c64ebfef4 | |||
| 15d2c31512 | |||
| 93ef09b878 | |||
| b5368314d6 | |||
| 60643bdaf4 | |||
| e3880f5f00 | |||
| a20f370eaf | |||
| d6de6ce37a | |||
| 334a8b877b | |||
| ba1fd42cfc | |||
| 70faa1ff8f | |||
| d7d5bc4dae | |||
| a3f1ab1850 | |||
| c4919a6bfc | |||
| 6ca6f583d3 | |||
| 0d10fb2cdc | |||
| a373c49e2a | |||
| 633d4f1bfd | |||
| cc201633de | |||
| 64c20379a2 | |||
| 98ec01a217 | |||
| 796c257d0a | |||
| 387547e813 | |||
| e16a1ff2ed | |||
| c8d8efeae3 | |||
| 2a7d111525 | |||
| 64de0eb8ea | |||
| 413fe95b86 | |||
| de8ef2b201 | |||
| 6e38335808 | |||
| 7704e83f9e | |||
| de0a6a5995 | |||
| 212a9c9ff1 | |||
| c70210c34b | |||
| 0eebc69f74 | |||
| 64a10a120a | |||
| 3dc7acaae9 | |||
| acd89e268b | |||
| bd0d9fad33 | |||
| bbe3a3493f | |||
| c4471c10c2 | |||
| f557cc241a | |||
| bac48c6ca2 | |||
| 608b3fc8c8 | |||
| 5d7738e6b1 | |||
| 6790331b84 | |||
| ff63eeeca6 | |||
| 4346eb8c08 | |||
| c215c39ed6 | |||
| 890f4e260f | |||
| 149d9e9a6c | |||
| d06452af30 | |||
| 0d7ac396a2 | |||
| 2cc97c0ce7 | |||
| 09cb41bb18 | |||
| ad63a7eae8 | |||
| 29bd192d7a | |||
| 6943237ee3 | |||
| a85483cbe2 | |||
| 3aa8b8746e | |||
| caa0488db7 | |||
| 26d6d51418 | |||
| 045b67cbc2 | 
| @@ -15,7 +15,7 @@ on: | ||||
| jobs: | ||||
|   generate-parameters: | ||||
|     container: | ||||
|       image: docker.io/library/node:24.1.0-alpine | ||||
|       image: docker.io/library/node:24.10.0-alpine | ||||
|     runs-on: | ||||
|     - ubuntu-latest | ||||
|     steps: | ||||
| @@ -23,7 +23,7 @@ jobs: | ||||
|       run: | | ||||
|         apk update | ||||
|         apk add git npm | ||||
|     - uses: actions/checkout@v4.2.2 | ||||
|     - uses: actions/checkout@v5.0.0 | ||||
|     - name: Generate parameter section in README | ||||
|       run: | | ||||
|         npm install | ||||
|   | ||||
| @@ -13,7 +13,7 @@ on: | ||||
| jobs: | ||||
|   helm-lint: | ||||
|     container: | ||||
|       image: docker.io/volkerraschek/helm:3.18.2 | ||||
|       image: docker.io/volkerraschek/helm:3.19.0 | ||||
|     runs-on: | ||||
|     - ubuntu-latest | ||||
|     steps: | ||||
| @@ -21,14 +21,14 @@ jobs: | ||||
|       run: | | ||||
|         apk update | ||||
|         apk add git npm | ||||
|     - uses: actions/checkout@v4.2.2 | ||||
|     - uses: actions/checkout@v5.0.0 | ||||
|     - name: Lint helm files | ||||
|       run: | | ||||
|         helm lint --values values.yaml . | ||||
|  | ||||
|   helm-unittest: | ||||
|     container: | ||||
|       image: docker.io/volkerraschek/helm:3.18.2 | ||||
|       image: docker.io/volkerraschek/helm:3.19.0 | ||||
|     runs-on: | ||||
|     - ubuntu-latest | ||||
|     steps: | ||||
| @@ -36,7 +36,7 @@ jobs: | ||||
|       run: | | ||||
|         apk update | ||||
|         apk add git npm | ||||
|     - uses: actions/checkout@v4.2.2 | ||||
|     - uses: actions/checkout@v5.0.0 | ||||
|     - name: Unittest | ||||
|       run: | | ||||
|         helm unittest --strict --file 'unittests/**/*.yaml' ./ | ||||
| @@ -15,7 +15,7 @@ on: | ||||
| jobs: | ||||
|   markdown-link-checker: | ||||
|     container: | ||||
|       image: docker.io/library/node:24.1.0-alpine | ||||
|       image: docker.io/library/node:24.10.0-alpine | ||||
|     runs-on: | ||||
|     - ubuntu-latest | ||||
|     steps: | ||||
| @@ -23,7 +23,7 @@ jobs: | ||||
|       run: | | ||||
|         apk update | ||||
|         apk add git npm | ||||
|     - uses: actions/checkout@v4.2.2 | ||||
|     - uses: actions/checkout@v5.0.0 | ||||
|     - name: Verify links in markdown files | ||||
|       run: | | ||||
|         npm install | ||||
| @@ -31,7 +31,7 @@ jobs: | ||||
|  | ||||
|   markdown-lint: | ||||
|     container: | ||||
|       image: docker.io/library/node:24.1.0-alpine | ||||
|       image: docker.io/library/node:24.10.0-alpine | ||||
|     runs-on: | ||||
|     - ubuntu-latest | ||||
|     steps: | ||||
| @@ -39,7 +39,7 @@ jobs: | ||||
|       run: | | ||||
|         apk update | ||||
|         apk add git | ||||
|     - uses: actions/checkout@v4.2.2 | ||||
|     - uses: actions/checkout@v5.0.0 | ||||
|     - name: Lint markdown files | ||||
|       run: | | ||||
|         npm install | ||||
|   | ||||
| @@ -8,7 +8,7 @@ on: | ||||
| jobs: | ||||
|   publish-chart: | ||||
|     container: | ||||
|       image: docker.io/volkerraschek/helm:3.18.2 | ||||
|       image: docker.io/volkerraschek/helm:3.19.0 | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Install packages via apk | ||||
| @@ -16,7 +16,7 @@ jobs: | ||||
|           apk update | ||||
|           apk add git npm jq yq | ||||
|  | ||||
|       - uses: actions/checkout@v4 | ||||
|       - uses: actions/checkout@v5.0.0 | ||||
|         with: | ||||
|           fetch-depth: 0 | ||||
|  | ||||
|   | ||||
							
								
								
									
										4
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										4
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @@ -1,6 +1,6 @@ | ||||
| charts | ||||
| node_modules | ||||
| target | ||||
| values2.yml | ||||
| values2.yaml | ||||
| values[0-9].yml | ||||
| values[0-9].yaml | ||||
| *.tgz | ||||
|   | ||||
							
								
								
									
										8
									
								
								.vscode/settings.json
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										8
									
								
								.vscode/settings.json
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,8 @@ | ||||
| { | ||||
|   "yaml.schemas": { | ||||
|     "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v1.0.2/schema/helm-testsuite.json": [ | ||||
|       "/unittests/**/*.yaml" | ||||
|     ] | ||||
|   }, | ||||
|   "yaml.schemaStore.enable": true | ||||
| } | ||||
| @@ -5,7 +5,7 @@ annotations: | ||||
|     - name: support | ||||
|       url: https://git.cryptic.systems/volker.raschek/reposilite-charts/issues | ||||
| apiVersion: v2 | ||||
| appVersion: "3.5.25" | ||||
| appVersion: "3.5.26" | ||||
| description: | | ||||
|   Lightweight and easy-to-use repository management software | ||||
|   dedicated for the Maven based artifacts in the JVM ecosystem | ||||
|   | ||||
							
								
								
									
										19
									
								
								Makefile
									
									
									
									
									
								
							
							
						
						
									
										19
									
								
								Makefile
									
									
									
									
									
								
							| @@ -4,13 +4,13 @@ CONTAINER_RUNTIME?=$(shell which podman) | ||||
| # HELM_IMAGE | ||||
| HELM_IMAGE_REGISTRY_HOST?=docker.io | ||||
| HELM_IMAGE_REPOSITORY?=volkerraschek/helm | ||||
| HELM_IMAGE_VERSION?=3.18.2 # renovate: datasource=docker registryUrl=https://registry-nexus.orbis.dedalus.com depName=volkerraschek/helm | ||||
| HELM_IMAGE_VERSION?=3.19.0 # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/volkerraschek/helm | ||||
| HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION} | ||||
|  | ||||
| # NODE_IMAGE | ||||
| NODE_IMAGE_REGISTRY_HOST?=docker.io | ||||
| NODE_IMAGE_REPOSITORY?=library/node | ||||
| NODE_IMAGE_VERSION?=24.1.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node | ||||
| NODE_IMAGE_VERSION?=24.10.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node | ||||
| NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION} | ||||
|  | ||||
| # MISSING DOT | ||||
| @@ -18,6 +18,19 @@ NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}: | ||||
| missing-dot: | ||||
| 	grep --perl-regexp '## @(param|skip).*[^.]$$' values.yaml | ||||
|  | ||||
| # README | ||||
| # ============================================================================== | ||||
| readme: readme/link readme/lint readme/parameters | ||||
|  | ||||
| readme/link: | ||||
| 	npm install && npm run readme:link | ||||
|  | ||||
| readme/lint: | ||||
| 	npm install && npm run readme:lint | ||||
|  | ||||
| readme/parameters: | ||||
| 	npm install && npm run readme:parameters | ||||
|  | ||||
| # CONTAINER RUN - README | ||||
| # ============================================================================== | ||||
| PHONY+=container-run/readme | ||||
| @@ -88,4 +101,4 @@ container-run/helm-lint: | ||||
| # ============================================================================== | ||||
| # Declare the contents of the PHONY variable as phony. We keep that information | ||||
| # in a variable so we can use it in if_changed. | ||||
| .PHONY: ${PHONY} | ||||
| .PHONY: ${PHONY} | ||||
|   | ||||
							
								
								
									
										228
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										228
									
								
								README.md
									
									
									
									
									
								
							| @@ -2,6 +2,10 @@ | ||||
|  | ||||
| [](https://artifacthub.io/packages/search?repo=volker-raschek) | ||||
|  | ||||
| > [!NOTE] | ||||
| > This is not the official helm chart of Reposilite. If you are looking for the official helm chart, checkout the GitHub | ||||
| > project [reposilite-playground](https://github.com/reposilite-playground/reposilite-helm). | ||||
|  | ||||
| This helm chart enables the deployment of [Reposilite](https://github.com/dzikoysk/reposilite), a lightweight and | ||||
| easy-to-use repository management software dedicated for the Maven-based artifacts in the JVM ecosystem. | ||||
|  | ||||
| @@ -33,7 +37,7 @@ version of the chart must be in sync with the `values.yaml`. Newer *minor* versi | ||||
| versions can break something! | ||||
|  | ||||
| ```bash | ||||
| CHART_VERSION=0.1.0 | ||||
| CHART_VERSION=0.3.0 | ||||
| helm show values volker.raschek/reposilite --version "${CHART_VERSION}" > values.yaml | ||||
| ``` | ||||
|  | ||||
| @@ -47,7 +51,7 @@ The helm chart also contains a persistent volume claim definition. It persistent | ||||
| Use the `--set` argument to persist your data. | ||||
|  | ||||
| ```bash | ||||
| CHART_VERSION=0.1.0 | ||||
| CHART_VERSION=0.3.0 | ||||
| helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | ||||
|   persistentVolumeClaim.enabled=true | ||||
| ``` | ||||
| @@ -68,7 +72,7 @@ connection problems. | ||||
| > error. | ||||
|  | ||||
| ```bash | ||||
| CHART_VERSION=0.1.0 | ||||
| CHART_VERSION=0.3.0 | ||||
| helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | ||||
|   --set 'deployment.reposilite.env[1].name=REPOSILITE_LOCAL_SSLENABLED' \ | ||||
|   --set 'deployment.reposilite.env[1].value="true"' \ | ||||
| @@ -118,14 +122,29 @@ deployment: | ||||
|     secret.reloader.stakater.com/reload: "reposilite-tls" | ||||
| ``` | ||||
|  | ||||
| ### Network policies | ||||
| If the application is rolled out using ArgoCD, a rolling update from stakater's | ||||
| [reloader](https://github.com/stakater/Reloader) can lead to a drift. ArgoCD will attempt to restore the original state | ||||
| with a rolling update. To avoid this, instead of a rolling update triggered by the reloader, a restart of the pod can be | ||||
| initiated. Further information are available in the official | ||||
| [README](https://github.com/stakater/Reloader?tab=readme-ov-file#4-%EF%B8%8F-workload-specific-rollout-strategy) of | ||||
| stakater's reloader. | ||||
|  | ||||
| ```diff | ||||
|   deployment: | ||||
|     annotations: | ||||
|       reloader.stakater.com/auto: "true" | ||||
| +     reloader.stakater.com/rollout-strategy: "restart" | ||||
| ``` | ||||
|  | ||||
| #### Network policies | ||||
|  | ||||
| Network policies can only take effect, when the used CNI plugin support network policies. The chart supports no custom | ||||
| network policy implementation of CNI plugins. It's support only the official API resource of `networking.k8s.io/v1`. | ||||
|  | ||||
| The example below is an excerpt of the `values.yaml` file. The network policy contains ingress rules to allow incoming | ||||
| traffic from an ingress controller. Additionally one egress rule is defined, to allow the application outgoing access | ||||
| to the internal running DNS server `core-dns`. | ||||
| traffic from an ingress controller. Additionally two egress rules are defined. The first one to allow the application | ||||
| outgoing access to the internal running DNS server `core-dns`. The second rule to be able to access the Apache Maven | ||||
| Central repository via HTTPS. | ||||
|  | ||||
| > [!IMPORTANT] | ||||
| > Please keep in mind, that the namespace and pod selector labels can be different from environment to environment. For | ||||
| @@ -152,6 +171,10 @@ networkPolicies: | ||||
|       protocol: TCP | ||||
|     - port: 53 | ||||
|       protocol: UDP | ||||
|   - ports: | ||||
|     - port: 443 | ||||
|       protocol: TCP | ||||
|  | ||||
|   ingress: | ||||
|   - from: | ||||
|     - namespaceSelector: | ||||
| @@ -165,6 +188,75 @@ networkPolicies: | ||||
|       protocol: TCP | ||||
| ``` | ||||
|  | ||||
| ### Prometheus | ||||
|  | ||||
| Reposilite is not able to expose metrics by default. Reposilite requires an additional plugin to expose the metrics via | ||||
| `/metrics`. The plugin will be downloaded from Apache Maven Central, when the plugin is enabled directly or the | ||||
| Prometheus feature has been enabled. The plugin is a simple JAR file, which will be stored in `/app/data/plugins`. | ||||
|  | ||||
| Furthermore, Reposilite will not expose the metrics without protection. For this reason must be defined basic auth | ||||
| credentials. By default generate the helm chart a random username and password for basic auth. For debugging propose can | ||||
| be set the credentials manually. | ||||
|  | ||||
| The following example enable Prometheus metrics with custom basic auth credentials: | ||||
|  | ||||
| ```bash | ||||
| CHART_VERSION=0.3.0 | ||||
| helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | ||||
|   --set 'prometheus.metrics.enabled=true' \ | ||||
|   --set 'prometheus.metrics.basicAuthUsername=my-username' \ | ||||
|   --set 'prometheus.metrics.basicAuthUsername=my-password' | ||||
| ``` | ||||
|  | ||||
| ## ArgoCD | ||||
|  | ||||
| ### Example Application | ||||
|  | ||||
| An application resource for the Helm chart is defined below. It serves as an example for your own deployment. | ||||
|  | ||||
| ```yaml | ||||
| apiVersion: argoproj.io/v1alpha1 | ||||
| kind: Application | ||||
| spec: | ||||
|   destination: | ||||
|     server: https://kubernetes.default.svc | ||||
|     namespace: reposilite | ||||
|   ignoreDifferences: | ||||
|   - group: apps | ||||
|     kind: Deployment | ||||
|     jqPathExpressions: | ||||
|     # When HPA is enabled, ensure that a modification of the replicas does not lead to a | ||||
|     # drift. | ||||
|       - '.spec.replicas' | ||||
|     # Ensure that changes of the annotations or environment variables added or modified by | ||||
|     # stakater's reloader does not lead to a drift. | ||||
|     - '.spec.template.metadata.annotations | with_entries(select(.key | startswith("reloader")))' | ||||
|     - '.spec.template.spec.containers[].env[] | select(.name | startswith("STAKATER_"))' | ||||
|   sources: | ||||
|   - repoURL: https://charts.cryptic.systems/volker.raschek | ||||
|     chart: reposilite | ||||
|     targetRevision: '0.*' | ||||
|     helm: | ||||
|       valueFiles: | ||||
|       - $values/values.yaml | ||||
|       releaseName: reposilite | ||||
|   syncPolicy: | ||||
|     automated: | ||||
|       prune: true | ||||
|       selfHeal: true | ||||
|     managedNamespaceMetadata: | ||||
|       annotations: {} | ||||
|       labels: {} | ||||
|     syncOptions: | ||||
|     - ApplyOutOfSyncOnly=true | ||||
|     - CreateNamespace=true | ||||
|     - FailOnSharedResource=false | ||||
|     - Replace=false | ||||
|     - RespectIgnoreDifferences=false | ||||
|     - ServerSideApply=true | ||||
|     - Validate=true | ||||
| ``` | ||||
|  | ||||
| ## Parameters | ||||
|  | ||||
| ### Global | ||||
| @@ -174,44 +266,56 @@ networkPolicies: | ||||
| | `nameOverride`     | Individual release name suffix.           | `""`  | | ||||
| | `fullnameOverride` | Override the complete release name logic. | `""`  | | ||||
|  | ||||
| ### Config | ||||
|  | ||||
| | Name                                | Description                                                                                                                                    | Value                                                                                                                                                     | | ||||
| | ----------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | | ||||
| | `config.plugins.prometheus.enabled` | Download the Prometheus plugin via an additional init container. The Prometheus plugin will automatically enabled, when Prometheus is enabled. | `false`                                                                                                                                                   | | ||||
| | `config.plugins.prometheus.url`     | URL to download the plugin.                                                                                                                    | `https://maven.reposilite.com/releases/com/reposilite/plugin/prometheus-plugin/{{ .Chart.AppVersion }}/prometheus-plugin-{{ .Chart.AppVersion }}-all.jar` | | ||||
|  | ||||
| ### Deployment | ||||
|  | ||||
| | Name                                               | Description                                                                                                | Value                 | | ||||
| | -------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------- | | ||||
| | `deployment.annotations`                           | Additional deployment annotations.                                                                         | `{}`                  | | ||||
| | `deployment.labels`                                | Additional deployment labels.                                                                              | `{}`                  | | ||||
| | `deployment.additionalContainers`                  | List of additional containers.                                                                             | `[]`                  | | ||||
| | `deployment.affinity`                              | Affinity for the Reposilite deployment.                                                                    | `{}`                  | | ||||
| | `deployment.initContainers`                        | List of additional init containers.                                                                        | `[]`                  | | ||||
| | `deployment.dnsConfig`                             | dnsConfig of the Reposilite deployment.                                                                    | `{}`                  | | ||||
| | `deployment.dnsPolicy`                             | dnsPolicy of the Reposilite deployment.                                                                    | `""`                  | | ||||
| | `deployment.hostname`                              | Individual hostname of the pod.                                                                            | `""`                  | | ||||
| | `deployment.subdomain`                             | Individual domain of the pod.                                                                              | `""`                  | | ||||
| | `deployment.hostNetwork`                           | Use the kernel network namespace of the host system.                                                       | `false`               | | ||||
| | `deployment.imagePullSecrets`                      | Secret to use for pulling the image.                                                                       | `[]`                  | | ||||
| | `deployment.reposilite.args`                       | Arguments passed to the Reposilite container.                                                              | `[]`                  | | ||||
| | `deployment.reposilite.command`                    | Command passed to the Reposilite container.                                                                | `[]`                  | | ||||
| | `deployment.reposilite.env`                        | List of environment variables for the Reposilite container.                                                |                       | | ||||
| | `deployment.reposilite.envFrom`                    | List of environment variables mounted from configMaps or secrets for the Reposilite container.             | `[]`                  | | ||||
| | `deployment.reposilite.image.registry`             | Image registry, eg. `docker.io`.                                                                           | `docker.io`           | | ||||
| | `deployment.reposilite.image.repository`           | Image repository, eg. `library/busybox`.                                                                   | `dzikoysk/reposilite` | | ||||
| | `deployment.reposilite.image.tag`                  | Custom image tag, eg. `0.1.0`. Defaults to `appVersion`.                                                   | `""`                  | | ||||
| | `deployment.reposilite.image.pullPolicy`           | Image pull policy.                                                                                         | `IfNotPresent`        | | ||||
| | `deployment.reposilite.resources`                  | CPU and memory resources of the pod.                                                                       | `{}`                  | | ||||
| | `deployment.reposilite.securityContext`            | Security context of the container of the deployment.                                                       | `{}`                  | | ||||
| | `deployment.reposilite.volumeMounts`               | Additional volume mounts.                                                                                  | `[]`                  | | ||||
| | `deployment.nodeSelector`                          | NodeSelector of the Reposilite deployment.                                                                 | `{}`                  | | ||||
| | `deployment.priorityClassName`                     | PriorityClassName of the Reposilite deployment.                                                            | `""`                  | | ||||
| | `deployment.replicas`                              | Number of replicas for the Reposilite deployment.                                                          | `1`                   | | ||||
| | `deployment.restartPolicy`                         | Restart policy of the Reposilite deployment.                                                               | `""`                  | | ||||
| | `deployment.securityContext`                       | Security context of the Reposilite deployment.                                                             | `{}`                  | | ||||
| | `deployment.strategy.type`                         | Strategy type - `Recreate` or `RollingUpdate`.                                                             | `RollingUpdate`       | | ||||
| | `deployment.strategy.rollingUpdate.maxSurge`       | The maximum number of pods that can be scheduled above the desired number of pods during a rolling update. | `1`                   | | ||||
| | `deployment.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during a rolling update.                                | `1`                   | | ||||
| | `deployment.terminationGracePeriodSeconds`         | How long to wait until forcefully kill the pod.                                                            | `60`                  | | ||||
| | `deployment.tolerations`                           | Tolerations of the Reposilite deployment.                                                                  | `[]`                  | | ||||
| | `deployment.topologySpreadConstraints`             | TopologySpreadConstraints of the Reposilite deployment.                                                    | `[]`                  | | ||||
| | `deployment.volumes`                               | Additional volumes to mount into the pods of the prometheus-exporter deployment.                           | `[]`                  | | ||||
| | Name                                               | Description                                                                                                | Value                                       | | ||||
| | -------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | ------------------------------------------- | | ||||
| | `deployment.annotations`                           | Additional deployment annotations.                                                                         | `{}`                                        | | ||||
| | `deployment.labels`                                | Additional deployment labels.                                                                              | `{}`                                        | | ||||
| | `deployment.additionalContainers`                  | List of additional containers.                                                                             | `[]`                                        | | ||||
| | `deployment.affinity`                              | Affinity for the Reposilite deployment.                                                                    | `{}`                                        | | ||||
| | `deployment.initContainers`                        | List of additional init containers.                                                                        | `[]`                                        | | ||||
| | `deployment.dnsConfig`                             | dnsConfig of the Reposilite deployment.                                                                    | `{}`                                        | | ||||
| | `deployment.dnsPolicy`                             | dnsPolicy of the Reposilite deployment.                                                                    | `""`                                        | | ||||
| | `deployment.hostname`                              | Individual hostname of the pod.                                                                            | `""`                                        | | ||||
| | `deployment.subdomain`                             | Individual domain of the pod.                                                                              | `""`                                        | | ||||
| | `deployment.hostNetwork`                           | Use the kernel network namespace of the host system.                                                       | `false`                                     | | ||||
| | `deployment.imagePullSecrets`                      | Secret to use for pulling the image.                                                                       | `[]`                                        | | ||||
| | `deployment.reposilite.args`                       | Arguments passed to the Reposilite container.                                                              | `[]`                                        | | ||||
| | `deployment.reposilite.command`                    | Command passed to the Reposilite container.                                                                | `[]`                                        | | ||||
| | `deployment.reposilite.env`                        | List of environment variables for the Reposilite container.                                                |                                             | | ||||
| | `deployment.reposilite.envFrom`                    | List of environment variables mounted from configMaps or secrets for the Reposilite container.             | `[]`                                        | | ||||
| | `deployment.reposilite.image.registry`             | Image registry, eg. `docker.io`.                                                                           | `docker.io`                                 | | ||||
| | `deployment.reposilite.image.repository`           | Image repository, eg. `library/busybox`.                                                                   | `dzikoysk/reposilite`                       | | ||||
| | `deployment.reposilite.image.tag`                  | Custom image tag, eg. `0.1.0`. Defaults to `appVersion`.                                                   | `""`                                        | | ||||
| | `deployment.reposilite.image.pullPolicy`           | Image pull policy.                                                                                         | `IfNotPresent`                              | | ||||
| | `deployment.reposilite.resources`                  | CPU and memory resources of the pod.                                                                       | `{}`                                        | | ||||
| | `deployment.reposilite.securityContext`            | Security context of the container of the deployment.                                                       | `{}`                                        | | ||||
| | `deployment.reposilite.volumeMounts`               | Additional volume mounts.                                                                                  | `[]`                                        | | ||||
| | `deployment.nodeSelector`                          | NodeSelector of the Reposilite deployment.                                                                 | `{}`                                        | | ||||
| | `deployment.pluginContainer.args`                  | Arguments passed to the plugin container.                                                                  | `["--location","--fail","--max-time","60"]` | | ||||
| | `deployment.pluginContainer.image.registry`        | Image registry, eg. `docker.io`.                                                                           | `docker.io`                                 | | ||||
| | `deployment.pluginContainer.image.repository`      | Image repository, eg. `curlimages/curl`.                                                                   | `curlimages/curl`                           | | ||||
| | `deployment.pluginContainer.image.tag`             | Custom image tag, eg. `0.1.0`.                                                                             | `8.16.0`                                    | | ||||
| | `deployment.pluginContainer.image.pullPolicy`      | Image pull policy.                                                                                         | `IfNotPresent`                              | | ||||
| | `deployment.priorityClassName`                     | PriorityClassName of the Reposilite deployment.                                                            | `""`                                        | | ||||
| | `deployment.replicas`                              | Number of replicas for the Reposilite deployment.                                                          | `1`                                         | | ||||
| | `deployment.restartPolicy`                         | Restart policy of the Reposilite deployment.                                                               | `""`                                        | | ||||
| | `deployment.securityContext`                       | Security context of the Reposilite deployment.                                                             | `{}`                                        | | ||||
| | `deployment.strategy.type`                         | Strategy type - `Recreate` or `RollingUpdate`.                                                             | `RollingUpdate`                             | | ||||
| | `deployment.strategy.rollingUpdate.maxSurge`       | The maximum number of pods that can be scheduled above the desired number of pods during a rolling update. | `1`                                         | | ||||
| | `deployment.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during a rolling update.                                | `1`                                         | | ||||
| | `deployment.terminationGracePeriodSeconds`         | How long to wait until forcefully kill the pod.                                                            | `60`                                        | | ||||
| | `deployment.tolerations`                           | Tolerations of the Reposilite deployment.                                                                  | `[]`                                        | | ||||
| | `deployment.topologySpreadConstraints`             | TopologySpreadConstraints of the Reposilite deployment.                                                    | `[]`                                        | | ||||
| | `deployment.volumes`                               | Additional volumes to mount into the pods of the reposilite deployment.                                    | `[]`                                        | | ||||
|  | ||||
| ### Horizontal Pod Autoscaler (HPA) | ||||
|  | ||||
| @@ -261,6 +365,45 @@ networkPolicies: | ||||
| | `persistentVolumeClaim.new.size`                           | Size of the persistent volume claim.                                                                                                                                                                 | `10Gi`          | | ||||
| | `persistentVolumeClaim.new.storageClass`                   | Custom storage class. Left it empty to use the clusters default storage class.                                                                                                                       | `""`            | | ||||
|  | ||||
| ### Prometheus | ||||
|  | ||||
| | Name                                                      | Description                                                                                                                                  | Value      | | ||||
| | --------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- | ---------- | | ||||
| | `prometheus.metrics.enabled`                              | Enable of scraping metrics by Prometheus.                                                                                                    | `false`    | | ||||
| | `prometheus.metrics.secret.existing.enabled`              | Use an existing secret containing the basic auth credentials.                                                                                | `false`    | | ||||
| | `prometheus.metrics.secret.existing.secretName`           | Name of the secret containing the basic auth credentials.                                                                                    | `""`       | | ||||
| | `prometheus.metrics.secret.existing.basicAuthUsernameKey` | Name of the key in the secret that contains the username for basic auth.                                                                     | `""`       | | ||||
| | `prometheus.metrics.secret.existing.basicAuthPasswordKey` | Name of the key in the secret that contains the password for basic auth.                                                                     | `""`       | | ||||
| | `prometheus.metrics.secret.new.annotations`               | Additional secret annotations.                                                                                                               | `{}`       | | ||||
| | `prometheus.metrics.secret.new.labels`                    | Additional secret labels.                                                                                                                    | `{}`       | | ||||
| | `prometheus.metrics.secret.new.basicAuthUsername`         | Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string.        | `""`       | | ||||
| | `prometheus.metrics.secret.new.basicAuthPassword`         | Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string.         | `""`       | | ||||
| | `prometheus.metrics.podMonitor.enabled`                   | Enable creation of a podMonitor. Excludes the existence of a serviceMonitor resource.                                                        | `false`    | | ||||
| | `prometheus.metrics.podMonitor.annotations`               | Additional podMonitor annotations.                                                                                                           | `{}`       | | ||||
| | `prometheus.metrics.podMonitor.enableHttp2`               | Enable HTTP2.                                                                                                                                | `false`    | | ||||
| | `prometheus.metrics.podMonitor.followRedirects`           | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects.                                                                | `false`    | | ||||
| | `prometheus.metrics.podMonitor.honorLabels`               | Honor labels.                                                                                                                                | `false`    | | ||||
| | `prometheus.metrics.podMonitor.labels`                    | Additional podMonitor labels.                                                                                                                | `{}`       | | ||||
| | `prometheus.metrics.podMonitor.interval`                  | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used.                                    | `60s`      | | ||||
| | `prometheus.metrics.podMonitor.path`                      | HTTP path of the Reposilite pod for scraping Prometheus metrics.                                                                             | `/metrics` | | ||||
| | `prometheus.metrics.podMonitor.port`                      | HTTP port of the Reposilite pod for scraping Prometheus metrics.                                                                             | `http`     | | ||||
| | `prometheus.metrics.podMonitor.relabelings`               | RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | `[]`       | | ||||
| | `prometheus.metrics.podMonitor.scrapeTimeout`             | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used.                                         | `30s`      | | ||||
| | `prometheus.metrics.podMonitor.scheme`                    | HTTP scheme to use for scraping. For example `http` or `https`.                                                                              | `http`     | | ||||
| | `prometheus.metrics.podMonitor.tlsConfig`                 | TLS configuration to use when scraping the metric endpoint by Prometheus.                                                                    | `{}`       | | ||||
| | `prometheus.metrics.serviceMonitor.enabled`               | Enable creation of a serviceMonitor. Excludes the existence of a podMonitor resource.                                                        | `false`    | | ||||
| | `prometheus.metrics.serviceMonitor.annotations`           | Additional serviceMonitor annotations.                                                                                                       | `{}`       | | ||||
| | `prometheus.metrics.serviceMonitor.labels`                | Additional serviceMonitor labels.                                                                                                            | `{}`       | | ||||
| | `prometheus.metrics.serviceMonitor.enableHttp2`           | Enable HTTP2.                                                                                                                                | `false`    | | ||||
| | `prometheus.metrics.serviceMonitor.followRedirects`       | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects.                                                                | `false`    | | ||||
| | `prometheus.metrics.serviceMonitor.honorLabels`           | Honor labels.                                                                                                                                | `false`    | | ||||
| | `prometheus.metrics.serviceMonitor.interval`              | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used.                                    | `60s`      | | ||||
| | `prometheus.metrics.serviceMonitor.path`                  | HTTP path for scraping Prometheus metrics.                                                                                                   | `/metrics` | | ||||
| | `prometheus.metrics.serviceMonitor.relabelings`           | RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | `[]`       | | ||||
| | `prometheus.metrics.serviceMonitor.scrapeTimeout`         | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used.                                         | `30s`      | | ||||
| | `prometheus.metrics.serviceMonitor.scheme`                | HTTP scheme to use for scraping. For example `http` or `https`.                                                                              | `http`     | | ||||
| | `prometheus.metrics.serviceMonitor.tlsConfig`             | TLS configuration to use when scraping the metric endpoint by Prometheus.                                                                    | `{}`       | | ||||
|  | ||||
| ### Service | ||||
|  | ||||
| | Name                               | Description                                                                                                                                                                                                | Value       | | ||||
| @@ -276,6 +419,7 @@ networkPolicies: | ||||
| | `service.loadBalancerIP`           | LoadBalancer will get created with the IP specified in this field. Requires service from type `LoadBalancer`.                                                                                              | `""`        | | ||||
| | `service.loadBalancerSourceRanges` | Source range filter for LoadBalancer. Requires service from type `LoadBalancer`.                                                                                                                           | `[]`        | | ||||
| | `service.port`                     | Port to forward the traffic to.                                                                                                                                                                            | `8080`      | | ||||
| | `service.scheme`                   | Name of the service port. This name is also used as scheme / port name of the service monitor resource.                                                                                                    | `http`      | | ||||
| | `service.sessionAffinity`          | Supports `ClientIP` and `None`. Enable client IP based session affinity via `ClientIP`.                                                                                                                    | `None`      | | ||||
| | `service.sessionAffinityConfig`    | Contains the configuration of the session affinity.                                                                                                                                                        | `{}`        | | ||||
| | `service.type`                     | Kubernetes service type for the traffic.                                                                                                                                                                   | `ClusterIP` | | ||||
|   | ||||
							
								
								
									
										26
									
								
								package-lock.json
									
									
									
										generated
									
									
									
								
							
							
						
						
									
										26
									
								
								package-lock.json
									
									
									
										generated
									
									
									
								
							| @@ -1078,9 +1078,9 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/link-check": { | ||||
|       "version": "5.4.0", | ||||
|       "resolved": "https://registry.npmjs.org/link-check/-/link-check-5.4.0.tgz", | ||||
|       "integrity": "sha512-0Pf4xBVUnwJdbDgpBlhHNmWDtbVjHTpIFs+JaBuIsC9PKRxjv4KMGCO2Gc8lkVnqMf9B/yaNY+9zmMlO5MyToQ==", | ||||
|       "version": "5.5.0", | ||||
|       "resolved": "https://registry.npmjs.org/link-check/-/link-check-5.5.0.tgz", | ||||
|       "integrity": "sha512-CpMk2zMfyEMdDvFG92wO5pU/2I/wbw72/9pvUFhU9cDKkwhmVlPuvxQJzd/jXA2iVOgNgPLnS5zyOLW7OzNpdA==", | ||||
|       "dev": true, | ||||
|       "license": "ISC", | ||||
|       "dependencies": { | ||||
| @@ -1137,16 +1137,16 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/markdown-link-check": { | ||||
|       "version": "3.13.7", | ||||
|       "resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.13.7.tgz", | ||||
|       "integrity": "sha512-Btn3HU8s2Uyh1ZfzmyZEkp64zp2+RAjwfQt1u4swq2Xa6w37OW0T2inQZrkSNVxDSa2jSN2YYhw/JkAp5jF1PQ==", | ||||
|       "version": "3.14.1", | ||||
|       "resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.14.1.tgz", | ||||
|       "integrity": "sha512-h1tihNL3kmOS3N7H4FyF4xKDxiHnNBNSgs/LWlDiRHlC8O0vfRX0LhDDvesRSs4HM7nS0F658glLxonaXBmuWw==", | ||||
|       "dev": true, | ||||
|       "license": "ISC", | ||||
|       "dependencies": { | ||||
|         "async": "^3.2.6", | ||||
|         "chalk": "^5.3.0", | ||||
|         "commander": "^13.1.0", | ||||
|         "link-check": "^5.4.0", | ||||
|         "commander": "^14.0.0", | ||||
|         "link-check": "^5.5.0", | ||||
|         "markdown-link-extractor": "^4.0.2", | ||||
|         "needle": "^3.3.1", | ||||
|         "progress": "^2.0.3", | ||||
| @@ -1157,6 +1157,16 @@ | ||||
|         "markdown-link-check": "markdown-link-check" | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/markdown-link-check/node_modules/commander": { | ||||
|       "version": "14.0.1", | ||||
|       "resolved": "https://registry.npmjs.org/commander/-/commander-14.0.1.tgz", | ||||
|       "integrity": "sha512-2JkV3gUZUVrbNA+1sjBOYLsMZ5cEEl8GTFP2a4AVz5hvasAMCQ1D2l2le/cX+pV4N6ZU17zjUahLpIXRrnWL8A==", | ||||
|       "dev": true, | ||||
|       "license": "MIT", | ||||
|       "engines": { | ||||
|         "node": ">=20" | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/markdown-link-extractor": { | ||||
|       "version": "4.0.2", | ||||
|       "resolved": "https://registry.npmjs.org/markdown-link-extractor/-/markdown-link-extractor-4.0.2.tgz", | ||||
|   | ||||
| @@ -9,6 +9,7 @@ | ||||
|   ], | ||||
|   "customManagers": [ | ||||
|     { | ||||
|       "customType": "regex", | ||||
|       "fileMatch": [ | ||||
|         "^Chart\\.yaml$" | ||||
|       ], | ||||
| @@ -21,7 +22,10 @@ | ||||
|       "versioningTemplate": "semver" | ||||
|     }, | ||||
|     { | ||||
|       "fileMatch": ["^README\\.md$"], | ||||
|       "customType": "regex", | ||||
|       "fileMatch": [ | ||||
|         "^README\\.md$" | ||||
|       ], | ||||
|       "matchStrings": [ | ||||
|         "CHART_VERSION=(?<currentValue>.*)" | ||||
|       ], | ||||
| @@ -29,9 +33,47 @@ | ||||
|       "packageNameTemplate": "https://git.cryptic.systems/volker.raschek/reposilite-charts", | ||||
|       "datasourceTemplate": "git-tags", | ||||
|       "versioningTemplate": "semver" | ||||
|     }, | ||||
|     { | ||||
|       "customType": "regex", | ||||
|       "datasourceTemplate": "github-releases", | ||||
|       "fileMatch": [ | ||||
|         ".vscode/settings\\.json$" | ||||
|       ], | ||||
|       "matchStrings": [ | ||||
|         "https:\\/\\/raw\\.githubusercontent\\.com\\/(?<depName>[^\\s]+?)\\/(?<currentValue>v[0-9.]+?)\\/schema\\/helm-testsuite\\.json" | ||||
|       ] | ||||
|     } | ||||
|   ], | ||||
|   "packageRules": [ | ||||
|     { | ||||
|       "groupName": "Update docker.io/volkerraschek/helm", | ||||
|       "matchDepNames": [ | ||||
|         "docker.io/volkerraschek/helm", | ||||
|         "volkerraschek/helm" | ||||
|       ] | ||||
|     }, | ||||
|     { | ||||
|       "automerge": true, | ||||
|       "groupName": "Update helm plugin 'unittest'", | ||||
|       "matchDepNames": [ | ||||
|         "helm-unittest/helm-unittest" | ||||
|       ], | ||||
|       "matchDatasources": [ | ||||
|         "github-releases" | ||||
|       ], | ||||
|       "matchUpdateTypes": [ | ||||
|         "minor", | ||||
|         "patch" | ||||
|       ] | ||||
|     }, | ||||
|     { | ||||
|       "groupName": "Update docker.io/library/node", | ||||
|       "matchDepNames": [ | ||||
|         "docker.io/library/node", | ||||
|         "library/node" | ||||
|       ] | ||||
|     }, | ||||
|     { | ||||
|       "addLabels": [ | ||||
|         "renovate/automerge", | ||||
| @@ -64,5 +106,16 @@ | ||||
|         "patch" | ||||
|       ] | ||||
|     } | ||||
|   ] | ||||
| } | ||||
|   ], | ||||
|   "postUpgradeTasks": { | ||||
|     "commands": [ | ||||
|       "install-tool node", | ||||
|       "make readme" | ||||
|     ], | ||||
|     "fileFilters": [ | ||||
|       "README.md", | ||||
|       "values.yaml" | ||||
|     ], | ||||
|     "executionMode": "update" | ||||
|   } | ||||
| } | ||||
| @@ -17,13 +17,32 @@ | ||||
| {{- if .Values.persistentVolumeClaim.enabled }} | ||||
| {{- $env = concat $env (list (dict "name" "REPOSILITE_DATA" "value" .Values.persistentVolumeClaim.path )) }} | ||||
| {{- end }} | ||||
|  | ||||
| {{- if eq (include "reposilite.podMonitor.enabled" $) "true" }} | ||||
| {{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_PATH" "value" .Values.prometheus.metrics.podMonitor.path )) }} | ||||
| {{- end }} | ||||
|  | ||||
| {{- if eq (include "reposilite.serviceMonitor.enabled" $) "true" }} | ||||
| {{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_PATH" "value" .Values.prometheus.metrics.serviceMonitor.path )) }} | ||||
| {{- end }} | ||||
|  | ||||
| {{- if or (eq (include "reposilite.podMonitor.enabled" $ ) "true") (eq (include "reposilite.serviceMonitor.enabled" $ ) "true") -}} | ||||
| {{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_USER" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" (include "reposilite.secrets.prometheusBasicAuth.usernameKey" $))))) }} | ||||
| {{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_PASSWORD" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" (include "reposilite.secrets.prometheusBasicAuth.passwordKey" $))))) }} | ||||
| {{- end }} | ||||
|  | ||||
| {{ toYaml (dict "env" $env) }} | ||||
| {{- end -}} | ||||
|  | ||||
| REPOSILITE_DATA | ||||
|  | ||||
| {{/* image */}} | ||||
|  | ||||
| {{- define "reposilite.deployment.images.plugin.fqin" -}} | ||||
| {{- $registry := .Values.deployment.pluginContainer.image.registry -}} | ||||
| {{- $repository := .Values.deployment.pluginContainer.image.repository -}} | ||||
| {{- $tag := default .Chart.AppVersion .Values.deployment.pluginContainer.image.tag -}} | ||||
| {{- printf "%s/%s:%s" $registry $repository $tag -}} | ||||
| {{- end -}} | ||||
|  | ||||
| {{- define "reposilite.deployment.images.reposilite.fqin" -}} | ||||
| {{- $registry := .Values.deployment.reposilite.image.registry -}} | ||||
| {{- $repository := .Values.deployment.reposilite.image.repository -}} | ||||
| @@ -40,6 +59,34 @@ REPOSILITE_DATA | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* initContainers */}} | ||||
|  | ||||
| {{- define "reposilite.deployment.initContainers" -}} | ||||
| {{- $initContainers := .Values.deployment.initContainers | default list -}} | ||||
| {{- $pluginContainerImage := (include "reposilite.deployment.images.plugin.fqin" . ) }} | ||||
| {{- $pluginContainerArgs := .Values.deployment.pluginContainer.args | default list }} | ||||
| {{- $pluginContainerArgs := concat $pluginContainerArgs (list "--output-dir" "/app/data/plugins" ) }} | ||||
| {{- $pluginContainerVolumeMounts := list (dict "name" "plugins" "mountPath" "/app/data/plugins") }} | ||||
|  | ||||
| {{- if eq (include "reposilite.plugins.prometheus.enabled" $) "true" }} | ||||
| {{- $fileName := splitList "/" (tpl .Values.config.plugins.prometheus.url $) | last }} | ||||
| {{- $individualArgs := concat $pluginContainerArgs (list "--output" $fileName (tpl .Values.config.plugins.prometheus.url $)) }} | ||||
| {{- $initContainers = concat $initContainers (list (dict "args" $individualArgs "name" "download-prometheus-plugin" "image" $pluginContainerImage "volumeMounts" $pluginContainerVolumeMounts)) }} | ||||
| {{- end }} | ||||
|  | ||||
| {{ toYaml (dict "initContainers" $initContainers) }} | ||||
|  | ||||
| {{- end }} | ||||
|  | ||||
| {{/* plugins */}} | ||||
| {{- define "reposilite.plugins.prometheus.enabled" -}} | ||||
| {{- if or .Values.config.plugins.prometheus.enabled .Values.prometheus.metrics.enabled -}} | ||||
| true | ||||
| {{- else -}} | ||||
| false | ||||
| {{- end -}} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* serviceAccount */}} | ||||
|  | ||||
| {{- define "reposilite.deployment.serviceAccount" -}} | ||||
| @@ -57,6 +104,11 @@ REPOSILITE_DATA | ||||
| {{- if .Values.persistentVolumeClaim.enabled }} | ||||
| {{- $volumeMounts = concat $volumeMounts (list (dict "name" "data" "mountPath" .Values.persistentVolumeClaim.path )) }} | ||||
| {{- end }} | ||||
|  | ||||
| {{- if eq (include "reposilite.plugins.prometheus.enabled" $) "true" }} | ||||
| {{- $volumeMounts = concat $volumeMounts (list (dict "name" "plugins" "mountPath" "/app/data/plugins")) }} | ||||
| {{- end }} | ||||
|  | ||||
| {{ toYaml (dict "volumeMounts" $volumeMounts) }} | ||||
| {{- end -}} | ||||
|  | ||||
| @@ -68,6 +120,13 @@ REPOSILITE_DATA | ||||
| {{- if and .Values.persistentVolumeClaim.enabled (not .Values.persistentVolumeClaim.existing.enabled) }} | ||||
| {{- $persistentVolumeClaimName := include "reposilite.persistentVolumeClaim.name" $ -}} | ||||
| {{- $volumes = concat $volumes (list (dict "name" "data" "persistentVolumeClaim" (dict "claimName" $persistentVolumeClaimName))) }} | ||||
| {{- else if and .Values.persistentVolumeClaim.enabled .Values.persistentVolumeClaim.existing.enabled .Values.persistentVolumeClaim.existing.persistentVolumeClaimName -}} | ||||
| {{- $persistentVolumeClaimName := .Values.persistentVolumeClaim.existing.persistentVolumeClaimName -}} | ||||
| {{- $volumes = concat $volumes (list (dict "name" "data" "persistentVolumeClaim" (dict "claimName" $persistentVolumeClaimName))) }} | ||||
| {{- end }} | ||||
|  | ||||
| {{- if eq (include "reposilite.plugins.prometheus.enabled" $) "true" }} | ||||
| {{- $volumes = concat $volumes (list (dict "name" "plugins" "emptyDir" dict)) }} | ||||
| {{- end }} | ||||
|  | ||||
| {{ toYaml (dict "volumes" $volumes) }} | ||||
|   | ||||
| @@ -4,6 +4,9 @@ | ||||
|  | ||||
| {{- define "reposilite.pod.annotations" -}} | ||||
| {{ include "reposilite.annotations" . }} | ||||
| {{- if and .Values.prometheus.metrics.enabled (not .Values.prometheus.metrics.secret.existing.enabled) -}} | ||||
| {{- printf "checksum/secret-%s: %s" (include "reposilite.secrets.prometheusBasicAuth.name" $) (include (print $.Template.BasePath "/secretPrometheusBasicAuth.yaml") . | sha256sum) }} | ||||
| {{- end -}} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* labels */}} | ||||
|   | ||||
							
								
								
									
										27
									
								
								templates/_podMonitors.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										27
									
								
								templates/_podMonitors.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,27 @@ | ||||
| {{/* vim: set filetype=mustache: */}} | ||||
|  | ||||
| {{/* annotations */}} | ||||
| {{- define "reposilite.podMonitor.annotations" -}} | ||||
| {{ include "reposilite.annotations" . }} | ||||
| {{- if .Values.prometheus.metrics.podMonitor.annotations }} | ||||
| {{ toYaml .Values.prometheus.metrics.podMonitor.annotations }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* enabled */}} | ||||
| {{- define "reposilite.podMonitor.enabled" -}} | ||||
| {{- if and .Values.prometheus.metrics.enabled .Values.prometheus.metrics.podMonitor.enabled (not .Values.prometheus.metrics.serviceMonitor.enabled) -}} | ||||
| true | ||||
| {{- else -}} | ||||
| false | ||||
| {{- end -}} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* labels */}} | ||||
|  | ||||
| {{- define "reposilite.podMonitor.labels" -}} | ||||
| {{ include "reposilite.labels" . }} | ||||
| {{- if .Values.prometheus.metrics.podMonitor.labels }} | ||||
| {{ toYaml .Values.prometheus.metrics.podMonitor.labels }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
							
								
								
									
										53
									
								
								templates/_secrets.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										53
									
								
								templates/_secrets.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,53 @@ | ||||
| {{/* vim: set filetype=mustache: */}} | ||||
|  | ||||
| {{/* annotations */}} | ||||
|  | ||||
| {{- define "reposilite.secrets.prometheusBasicAuth.annotations" -}} | ||||
| {{ include "reposilite.annotations" . }} | ||||
| {{- if .Values.prometheus.metrics.secret.new.annotations }} | ||||
| {{ toYaml .Values.prometheus.metrics.secret.new.annotations }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* labels */}} | ||||
|  | ||||
| {{- define "reposilite.secrets.prometheusBasicAuth.labels" -}} | ||||
| {{ include "reposilite.labels" . }} | ||||
| {{- if .Values.prometheus.metrics.secret.new.labels }} | ||||
| {{ toYaml .Values.prometheus.metrics.secret.new.labels }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* names */}} | ||||
|  | ||||
| {{- define "reposilite.secrets.prometheusBasicAuth.name" -}} | ||||
| {{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.secretName) 0) }} | ||||
| {{- print .Values.prometheus.metrics.secret.existing.secretName -}} | ||||
| {{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.secretName) 0) }} | ||||
| {{ fail "Name of the existing secret that contains the credentials for basic auth is not defined!" }} | ||||
| {{- else if not .Values.prometheus.metrics.secret.existing.enabled }} | ||||
| {{- printf "%s-basic-auth-credentials" (include "reposilite.fullname" $) -}} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* secretKeyNames */}} | ||||
|  | ||||
| {{- define "reposilite.secrets.prometheusBasicAuth.passwordKey" -}} | ||||
| {{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey) 0) -}} | ||||
| {{- .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey -}} | ||||
| {{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey) 0) }} | ||||
| {{ fail "Name of the key in the secret that contains the password for basic auth is not defined!" }} | ||||
| {{- else if and (not .Values.prometheus.metrics.secret.existing.enabled) }} | ||||
| {{- print "password" -}} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
| {{- define "reposilite.secrets.prometheusBasicAuth.usernameKey" -}} | ||||
| {{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey) 0) -}} | ||||
| {{- .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey -}} | ||||
| {{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey) 0) }} | ||||
| {{ fail "Name of the key in the secret that contains the username for basic auth is not defined!" }} | ||||
| {{- else if and (not .Values.prometheus.metrics.secret.existing.enabled) }} | ||||
| {{- print "username" -}} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
							
								
								
									
										35
									
								
								templates/_serviceMonitors.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										35
									
								
								templates/_serviceMonitors.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,35 @@ | ||||
| {{/* vim: set filetype=mustache: */}} | ||||
|  | ||||
| {{/* annotations */}} | ||||
|  | ||||
| {{- define "reposilite.serviceMonitor.annotations" -}} | ||||
| {{ include "reposilite.annotations" . }} | ||||
| {{- if .Values.prometheus.metrics.serviceMonitor.annotations }} | ||||
| {{ toYaml .Values.prometheus.metrics.serviceMonitor.annotations }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* enabled */}} | ||||
|  | ||||
| {{- define "reposilite.serviceMonitor.enabled" -}} | ||||
| {{- if and .Values.prometheus.metrics.enabled (not .Values.prometheus.metrics.podMonitor.enabled) .Values.prometheus.metrics.serviceMonitor.enabled .Values.service.enabled -}} | ||||
| true | ||||
| {{- else -}} | ||||
| false | ||||
| {{- end -}} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* labels */}} | ||||
|  | ||||
| {{- define "reposilite.serviceMonitor.labels" -}} | ||||
| {{ include "reposilite.labels" . }} | ||||
| {{- if .Values.prometheus.metrics.serviceMonitor.labels }} | ||||
| {{ toYaml .Values.prometheus.metrics.serviceMonitor.labels }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
| {{- define "reposilite.serviceMonitor.selectorLabels" -}} | ||||
| {{ include "reposilite.selectorLabels" . }} | ||||
| {{/* Add label to select the correct service via `selector.matchLabels` of the serviceMonitor resource. */}} | ||||
| app.kubernetes.io/service-name: {{ required "The scheme of the serviceMonitor is not defined!" .Values.service.scheme }} | ||||
| {{- end }} | ||||
| @@ -16,6 +16,8 @@ | ||||
| {{- if .Values.service.labels }} | ||||
| {{ toYaml .Values.service.labels }} | ||||
| {{- end }} | ||||
| {{/* Add label to select the correct service via `selector.matchLabels` of the serviceMonitor resource. */}} | ||||
| app.kubernetes.io/service-name: {{ required "The scheme of the serviceMonitor is not defined!" .Values.service.scheme }} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* names */}} | ||||
|   | ||||
| @@ -68,7 +68,10 @@ spec: | ||||
|         name: reposilite | ||||
|         ports: | ||||
|         - name: http | ||||
|           containerPort: {{ .Values.service.port }} | ||||
|           containerPort: 8080 | ||||
|           protocol: TCP | ||||
|         - name: https | ||||
|           containerPort: 8443 | ||||
|           protocol: TCP | ||||
|         readinessProbe: | ||||
|           tcpSocket: | ||||
| @@ -106,6 +109,11 @@ spec: | ||||
|       imagePullSecrets: | ||||
|         {{- toYaml . | nindent 8 }} | ||||
|       {{- end }} | ||||
|       {{- $initContainers := (include "reposilite.deployment.initContainers" . | fromYaml) }} | ||||
|       {{- if and (hasKey $initContainers "initContainers") (gt (len $initContainers.initContainers) 0) }} | ||||
|       initContainers: | ||||
|       {{- toYaml $initContainers.initContainers | nindent 6 }} | ||||
|       {{- end }} | ||||
|       {{- with .Values.deployment.nodeSelector }} | ||||
|       nodeSelector: | ||||
|         {{- toYaml . | nindent 8 }} | ||||
|   | ||||
							
								
								
									
										47
									
								
								templates/podMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										47
									
								
								templates/podMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,47 @@ | ||||
| {{- if eq (include "reposilite.podMonitor.enabled" $) "true" }} | ||||
| --- | ||||
| apiVersion: monitoring.coreos.com/v1 | ||||
| kind: PodMonitor | ||||
| metadata: | ||||
|   {{- with (include "reposilite.podMonitor.annotations" . | fromYaml) }} | ||||
|   annotations: | ||||
|     {{- toYaml . | nindent 4 }} | ||||
|   {{- end }} | ||||
|   {{- with (include "reposilite.podMonitor.labels" . | fromYaml) }} | ||||
|   labels: | ||||
|     {{- toYaml . | nindent 4 }} | ||||
|   {{- end }} | ||||
|   name: {{ include "reposilite.fullname" . }} | ||||
|   namespace: {{ .Release.Namespace }} | ||||
| spec: | ||||
|   podMetricsEndpoints: | ||||
|   - basicAuth: | ||||
|       password: | ||||
|         key: {{ include "reposilite.secrets.prometheusBasicAuth.passwordKey" . }} | ||||
|         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} | ||||
|       username: | ||||
|         key: {{ include "reposilite.secrets.prometheusBasicAuth.usernameKey" . }} | ||||
|         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} | ||||
|     enableHttp2: {{ required "The enableHttp2 option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.enableHttp2 }} | ||||
|     followRedirects: {{ required "The followRedirects option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.followRedirects }} | ||||
|     honorLabels: {{ required "The honorLabels option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.honorLabels }} | ||||
|     interval: {{ required "The scrape interval of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.interval }} | ||||
|     path: {{ required "The metric path of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.path }} | ||||
|     port: {{ required "The metric port of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.port | quote }} | ||||
|     {{- with .Values.prometheus.metrics.podMonitor.relabelings }} | ||||
|     relabelings: | ||||
|       {{- toYaml . | nindent 6 }} | ||||
|     {{- end }} | ||||
|     scrapeTimeout: {{ required "The scrape timeout of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.scrapeTimeout }} | ||||
|     scheme: {{ required "The scheme of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.scheme }} | ||||
|     {{- with .Values.prometheus.metrics.podMonitor.tlsConfig }} | ||||
|     tlsConfig: | ||||
|       {{- toYaml . | nindent 6 }} | ||||
|     {{- end }} | ||||
|   namespaceSelector: | ||||
|     matchNames: | ||||
|     - {{ .Release.Namespace }} | ||||
|   selector: | ||||
|     matchLabels: | ||||
|       {{- include "reposilite.pod.selectorLabels" . | nindent 6 }} | ||||
| {{- end }} | ||||
							
								
								
									
										19
									
								
								templates/secretPrometheusBasicAuth.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								templates/secretPrometheusBasicAuth.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | ||||
| {{- if and .Values.prometheus.metrics.enabled (not .Values.prometheus.metrics.secret.existing.enabled) }} | ||||
| --- | ||||
| apiVersion: v1 | ||||
| kind: Secret | ||||
| metadata: | ||||
|   {{- with (include "reposilite.secrets.prometheusBasicAuth.annotations" . | fromYaml) }} | ||||
|   annotations: | ||||
|     {{- toYaml . | nindent 4 }} | ||||
|   {{- end }} | ||||
|   {{- with (include "reposilite.secrets.prometheusBasicAuth.labels" . | fromYaml) }} | ||||
|   labels: | ||||
|     {{- toYaml . | nindent 4 }} | ||||
|   {{- end }} | ||||
|   name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} | ||||
|   namespace: {{ .Release.Namespace }} | ||||
| stringData: | ||||
|   password: {{ required "Password for basic auth is required!" .Values.prometheus.metrics.secret.new.basicAuthPassword }} | ||||
|   username: {{ required "Username for basic auth is required!" .Values.prometheus.metrics.secret.new.basicAuthUsername }} | ||||
| {{- end }} | ||||
| @@ -43,7 +43,7 @@ spec: | ||||
|   {{- end }} | ||||
|   {{- end }} | ||||
|   ports: | ||||
|   - name: http | ||||
|   - name: {{ required "No service name defined. Either 'http' or 'https' is allowed!" .Values.service.scheme }} | ||||
|     protocol: TCP | ||||
|     port: {{ required "No service port defined!" .Values.service.port }} | ||||
|   selector: | ||||
|   | ||||
							
								
								
									
										47
									
								
								templates/serviceMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										47
									
								
								templates/serviceMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,47 @@ | ||||
| {{- if eq (include "reposilite.serviceMonitor.enabled" $) "true" }} | ||||
| --- | ||||
| apiVersion: monitoring.coreos.com/v1 | ||||
| kind: ServiceMonitor | ||||
| metadata: | ||||
|   {{- with (include "reposilite.serviceMonitor.annotations" . | fromYaml) }} | ||||
|   annotations: | ||||
|     {{- toYaml . | nindent 4 }} | ||||
|   {{- end }} | ||||
|   {{- with (include "reposilite.serviceMonitor.labels" . | fromYaml) }} | ||||
|   labels: | ||||
|     {{- toYaml . | nindent 4 }} | ||||
|   {{- end }} | ||||
|   name: {{ include "reposilite.fullname" . }} | ||||
|   namespace: {{ .Release.Namespace }} | ||||
| spec: | ||||
|   endpoints: | ||||
|   - basicAuth: | ||||
|       password: | ||||
|         key: {{ include "reposilite.secrets.prometheusBasicAuth.passwordKey" . }} | ||||
|         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} | ||||
|       username: | ||||
|         key: {{ include "reposilite.secrets.prometheusBasicAuth.usernameKey" . }} | ||||
|         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} | ||||
|     enableHttp2: {{ required "The enableHttp2 option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.enableHttp2 }} | ||||
|     followRedirects: {{ required "The followRedirects option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.followRedirects }} | ||||
|     honorLabels: {{ required "The honorLabels option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.honorLabels }} | ||||
|     interval: {{ required "The scrape interval of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.interval }} | ||||
|     path: {{ required "The metric path of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.path }} | ||||
|     port: {{ required "The port of the serviceMonitor is not defined!" .Values.service.scheme }} | ||||
|     {{- with .Values.prometheus.metrics.serviceMonitor.relabelings }} | ||||
|     relabelings: | ||||
|       {{- toYaml . | nindent 6 }} | ||||
|     {{- end }} | ||||
|     scrapeTimeout: {{ required "The scrape timeout of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.scrapeTimeout }} | ||||
|     scheme: {{ required "The scheme of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.scheme }} | ||||
|     {{- with .Values.prometheus.metrics.serviceMonitor.tlsConfig }} | ||||
|     tlsConfig: | ||||
|       {{- toYaml . | nindent 6 }} | ||||
|     {{- end }} | ||||
|   namespaceSelector: | ||||
|     matchNames: | ||||
|     - {{ .Release.Namespace }} | ||||
|   selector: | ||||
|     matchLabels: | ||||
|       {{- include "reposilite.serviceMonitor.selectorLabels" . | nindent 6 }} | ||||
| {{- end }} | ||||
							
								
								
									
										42
									
								
								unittests/deployment/configPlugins.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										42
									
								
								unittests/deployment/configPlugins.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,42 @@ | ||||
| chart: | ||||
|   appVersion: 0.1.0 | ||||
|   version: 0.1.0 | ||||
| suite: Test reposilite plugins | ||||
| release: | ||||
|   name: reposilite-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/deployment.yaml | ||||
| - templates/secretPrometheusBasicAuth.yaml | ||||
| tests: | ||||
| - it: Test init containers for prometheus | ||||
|   set: | ||||
|     config.plugins.prometheus.enabled: true | ||||
|     config.plugins.prometheus.url: "https://reposilite.com/plugins/prometheus.jar" | ||||
|     deployment.pluginContainer.image.tag: 0.1.0 | ||||
|   asserts: | ||||
|   - contains: | ||||
|       path: spec.template.spec.initContainers | ||||
|       content: | ||||
|         args: | ||||
|         - --location | ||||
|         - --fail | ||||
|         - --max-time | ||||
|         - "60" | ||||
|         - --output-dir | ||||
|         - /app/data/plugins | ||||
|         - --output | ||||
|         - prometheus.jar | ||||
|         - https://reposilite.com/plugins/prometheus.jar | ||||
|         name: download-prometheus-plugin | ||||
|         image: docker.io/curlimages/curl:0.1.0 | ||||
|         volumeMounts: | ||||
|         - mountPath: /app/data/plugins | ||||
|           name: plugins | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.volumes | ||||
|       content: | ||||
|         name: plugins | ||||
|         emptyDir: {} | ||||
|     template: templates/deployment.yaml | ||||
| @@ -7,19 +7,23 @@ release: | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/deployment.yaml | ||||
| - templates/secretPrometheusBasicAuth.yaml | ||||
| tests: | ||||
| - it: Rendering default | ||||
|   set: {} | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 1 | ||||
|     template: templates/deployment.yaml | ||||
|   - containsDocument: | ||||
|       apiVersion: apps/v1 | ||||
|       kind: Deployment | ||||
|       name: reposilite-unittest | ||||
|       namespace: testing | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: metadata.annotations | ||||
|     template: templates/deployment.yaml | ||||
|   - equal: | ||||
|       path: metadata.labels | ||||
|       value: | ||||
| @@ -28,14 +32,17 @@ tests: | ||||
|         app.kubernetes.io/name: reposilite | ||||
|         app.kubernetes.io/version: 0.1.0 | ||||
|         helm.sh/chart: reposilite-0.1.0 | ||||
|     template: templates/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.replicas | ||||
|       value: 1 | ||||
|     template: templates/deployment.yaml | ||||
|   - isSubset: | ||||
|       path: spec.selector.matchLabels | ||||
|       content: | ||||
|         app.kubernetes.io/instance: reposilite-unittest | ||||
|         app.kubernetes.io/name: reposilite | ||||
|     template: templates/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.strategy | ||||
|       value: | ||||
| @@ -43,9 +50,10 @@ tests: | ||||
|         rollingUpdate: | ||||
|           maxSurge: 1 | ||||
|           maxUnavailable: 1 | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.metadata.annotations | ||||
|       value: sadsdf | ||||
|     template: templates/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.metadata.labels | ||||
|       value: | ||||
| @@ -54,25 +62,33 @@ tests: | ||||
|         app.kubernetes.io/name: reposilite | ||||
|         app.kubernetes.io/version: 0.1.0 | ||||
|         helm.sh/chart: reposilite-0.1.0 | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.affinity | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.containers[0].args | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.containers[0].command | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].env | ||||
|       content: | ||||
|         name: JAVA_OPTS | ||||
|         value: "-Xmx64M" | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.containers[0].envFrom | ||||
|     template: templates/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].image | ||||
|       value: docker.io/dzikoysk/reposilite:0.1.0 | ||||
|     template: templates/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].imagePullPolicy | ||||
|       value: IfNotPresent | ||||
|     template: templates/deployment.yaml | ||||
|   - isSubset: | ||||
|       path: spec.template.spec.containers[0].livenessProbe | ||||
|       content: | ||||
| @@ -83,15 +99,18 @@ tests: | ||||
|         periodSeconds: 60 | ||||
|         successThreshold: 1 | ||||
|         timeoutSeconds: 3 | ||||
|     template: templates/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].name | ||||
|       value: reposilite | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].ports | ||||
|       content: | ||||
|         name: http | ||||
|         containerPort: 8080 | ||||
|         protocol: TCP | ||||
|     template: templates/deployment.yaml | ||||
|   - isSubset: | ||||
|       path: spec.template.spec.containers[0].readinessProbe | ||||
|       content: | ||||
| @@ -102,42 +121,60 @@ tests: | ||||
|         periodSeconds: 15 | ||||
|         successThreshold: 1 | ||||
|         timeoutSeconds: 3 | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.containers[0].resources | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.containers[0].securityContext | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.containers[0].volumeMounts | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.dnsConfig | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.dnsPolicy | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.hostname | ||||
|     template: templates/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.hostNetwork | ||||
|       value: false | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.imagePullSecrets | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.initContainers | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.nodeSelector | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.priorityClassName | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.restartPolicy | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.subdomain | ||||
|     template: templates/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.terminationGracePeriodSeconds | ||||
|       value: 60 | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.tolerations | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.topologySpreadConstraints | ||||
|     template: templates/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.volumes | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test custom replicas | ||||
|   set: | ||||
| @@ -146,6 +183,7 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.replicas | ||||
|       value: 3 | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test custom strategy | ||||
|   set: | ||||
| @@ -162,6 +200,7 @@ tests: | ||||
|         rollingUpdate: | ||||
|           maxSurge: 10 | ||||
|           maxUnavailable: 5 | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test custom affinity | ||||
|   set: | ||||
| @@ -188,6 +227,7 @@ tests: | ||||
|                 values: | ||||
|                 - antarctica-east1 | ||||
|                 - antarctica-west1 | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test additional arguments | ||||
|   set: | ||||
| @@ -200,6 +240,7 @@ tests: | ||||
|       value: | ||||
|       - --foo=bar | ||||
|       - --bar=foo | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test additional commands | ||||
|   set: | ||||
| @@ -210,6 +251,7 @@ tests: | ||||
|       path: spec.template.spec.containers[0].command | ||||
|       value: | ||||
|       - /bin/bash | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test custom imageRegistry and imageRepository | ||||
|   set: | ||||
| @@ -220,6 +262,7 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].image | ||||
|       value: registry.example.local/path/special/reposilite:2.0.0 | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test custom imagePullPolicy | ||||
|   set: | ||||
| @@ -228,17 +271,7 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].imagePullPolicy | ||||
|       value: Always | ||||
|  | ||||
| - it: Test custom port | ||||
|   set: | ||||
|     service.port: 8443 | ||||
|   asserts: | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].ports | ||||
|       content: | ||||
|         name: http | ||||
|         containerPort: 8443 | ||||
|         protocol: TCP | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test custom resources | ||||
|   set: | ||||
| @@ -259,6 +292,7 @@ tests: | ||||
|         requests: | ||||
|           cpu: 25m | ||||
|           memory: 100MB | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test custom securityContext | ||||
|   set: | ||||
| @@ -285,6 +319,7 @@ tests: | ||||
|         readOnlyRootFilesystem: true | ||||
|         runAsNonRoot: true | ||||
|         runAsUser: 1000 | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test custom volumeMounts | ||||
|   set: | ||||
| @@ -297,6 +332,7 @@ tests: | ||||
|       content: | ||||
|         name: data | ||||
|         mountPath: /usr/lib/data | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test dnsConfig | ||||
|   set: | ||||
| @@ -311,6 +347,7 @@ tests: | ||||
|         nameservers: | ||||
|         - "8.8.8.8" | ||||
|         - "8.8.4.4" | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test dnsPolicy | ||||
|   set: | ||||
| @@ -319,6 +356,7 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.template.spec.dnsPolicy | ||||
|       value: ClusterFirst | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test hostNetwork, hostname, subdomain | ||||
|   set: | ||||
| @@ -329,12 +367,15 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.template.spec.hostNetwork | ||||
|       value: true | ||||
|     template: templates/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.hostname | ||||
|       value: pg-exporter | ||||
|     template: templates/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.subdomain | ||||
|       value: exporters.internal | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test imagePullSecrets | ||||
|   set: | ||||
| @@ -347,6 +388,20 @@ tests: | ||||
|       value: | ||||
|       - name: my-pull-secret | ||||
|       - name: my-special-secret | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test initContainers | ||||
|   set: | ||||
|     deployment.initContainers: | ||||
|     - name: busybox | ||||
|       image: docker.io/library/busybox:latest | ||||
|   asserts: | ||||
|   - contains: | ||||
|       path: spec.template.spec.initContainers | ||||
|       content: | ||||
|         name: busybox | ||||
|         image: docker.io/library/busybox:latest | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test nodeSelector | ||||
|   set: | ||||
| @@ -357,6 +412,7 @@ tests: | ||||
|       path: spec.template.spec.nodeSelector | ||||
|       value: | ||||
|         foo: bar | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test priorityClassName | ||||
|   set: | ||||
| @@ -365,6 +421,7 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.template.spec.priorityClassName | ||||
|       value: my-priority | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test restartPolicy | ||||
|   set: | ||||
| @@ -373,6 +430,7 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.template.spec.restartPolicy | ||||
|       value: Always | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test custom securityContext | ||||
|   set: | ||||
| @@ -389,6 +447,7 @@ tests: | ||||
|         runAsNonRoot: true | ||||
|         runAsUser: 1000 | ||||
|         runAsGroup: 1000 | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test terminationGracePeriodSeconds | ||||
|   set: | ||||
| @@ -397,6 +456,7 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.template.spec.terminationGracePeriodSeconds | ||||
|       value: 120 | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test tolerations | ||||
|   set: | ||||
| @@ -413,6 +473,7 @@ tests: | ||||
|         operator: Equal | ||||
|         value: ssd | ||||
|         effect: NoSchedule | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test topologySpreadConstraints | ||||
|   set: | ||||
| @@ -431,6 +492,7 @@ tests: | ||||
|         labelSelector: | ||||
|           matchLabels: | ||||
|             app.kubernetes.io/instance: reposilite | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Test additional volumes | ||||
|   set: | ||||
| @@ -445,3 +507,4 @@ tests: | ||||
|       - name: data | ||||
|         hostPath: | ||||
|           path: /usr/lib/data | ||||
|     template: templates/deployment.yaml | ||||
| @@ -7,6 +7,7 @@ release: | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/deployment.yaml | ||||
| - templates/secretPrometheusBasicAuth.yaml | ||||
| tests: | ||||
| - it: Rendering default volumes and volumeMounts with persistent volume claim | ||||
|   set: | ||||
| @@ -17,17 +18,20 @@ tests: | ||||
|       content: | ||||
|         name: REPOSILITE_DATA | ||||
|         value: /app/data | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].volumeMounts | ||||
|       content: | ||||
|         name: data | ||||
|         mountPath: /app/data | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.volumes | ||||
|       content: | ||||
|         name: data | ||||
|         persistentVolumeClaim: | ||||
|           claimName: reposilite-unittest | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Rendering custom volumes and volumeMounts with persistent volume claim | ||||
|   set: | ||||
| @@ -39,14 +43,43 @@ tests: | ||||
|       content: | ||||
|         name: REPOSILITE_DATA | ||||
|         value: /usr/lib/reposilite/data | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].volumeMounts | ||||
|       content: | ||||
|         name: data | ||||
|         mountPath: /usr/lib/reposilite/data | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.volumes | ||||
|       content: | ||||
|         name: data | ||||
|         persistentVolumeClaim: | ||||
|           claimName: reposilite-unittest | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Rendering custom volumes and volumeMounts with persistent volume claim | ||||
|   set: | ||||
|     persistentVolumeClaim.enabled: true | ||||
|     persistentVolumeClaim.existing.enabled: true | ||||
|     persistentVolumeClaim.existing.persistentVolumeClaimName: my-custom-pvc | ||||
|   asserts: | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].env | ||||
|       content: | ||||
|         name: REPOSILITE_DATA | ||||
|         value: /app/data | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].volumeMounts | ||||
|       content: | ||||
|         name: data | ||||
|         mountPath: /app/data | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.volumes | ||||
|       content: | ||||
|         name: data | ||||
|         persistentVolumeClaim: | ||||
|           claimName: my-custom-pvc | ||||
|     template: templates/deployment.yaml | ||||
							
								
								
									
										109
									
								
								unittests/deployment/prometheusPodMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										109
									
								
								unittests/deployment/prometheusPodMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,109 @@ | ||||
| chart: | ||||
|   appVersion: 0.1.0 | ||||
|   version: 0.1.0 | ||||
| suite: Add prometheus basic auth variables | ||||
| release: | ||||
|   name: reposilite-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/deployment.yaml | ||||
| - templates/secretPrometheusBasicAuth.yaml | ||||
| tests: | ||||
| - it: Rendering default environment variables with enabled prometheus metrics podMonitor | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.podMonitor.enabled: true | ||||
|     prometheus.metrics.secret.new.basicAuthPassword: "my-password" | ||||
|     prometheus.metrics.secret.new.basicAuthUsername: "my-username" | ||||
|   asserts: | ||||
|   - exists: | ||||
|       path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].env | ||||
|       content: | ||||
|         name: REPOSILITE_PROMETHEUS_PASSWORD | ||||
|         valueFrom: | ||||
|           secretKeyRef: | ||||
|             name: reposilite-unittest-basic-auth-credentials | ||||
|             key: password | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].env | ||||
|       content: | ||||
|         name: REPOSILITE_PROMETHEUS_USER | ||||
|         valueFrom: | ||||
|           secretKeyRef: | ||||
|             name: reposilite-unittest-basic-auth-credentials | ||||
|             key: username | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Rendering default environment variables with enabled prometheus metrics serviceMonitor and external secret | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.secret.existing.enabled: true | ||||
|     prometheus.metrics.secret.existing.basicAuthUsernameKey: my-username-key | ||||
|     prometheus.metrics.secret.existing.basicAuthPasswordKey: my-password-key | ||||
|     prometheus.metrics.secret.existing.secretName: my-secret | ||||
|     prometheus.metrics.podMonitor.enabled: true | ||||
|   asserts: | ||||
|   - notExists: | ||||
|       path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].env | ||||
|       content: | ||||
|         name: REPOSILITE_PROMETHEUS_PASSWORD | ||||
|         valueFrom: | ||||
|           secretKeyRef: | ||||
|             name: my-secret | ||||
|             key: my-password-key | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].env | ||||
|       content: | ||||
|         name: REPOSILITE_PROMETHEUS_USER | ||||
|         valueFrom: | ||||
|           secretKeyRef: | ||||
|             name: my-secret | ||||
|             key: my-username-key | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Fail when existing secret name is undefined | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.secret.existing.enabled: true | ||||
|     prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key" | ||||
|     prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key" | ||||
|     prometheus.metrics.secret.existing.secretName: "" | ||||
|     prometheus.metrics.podMonitor.enabled: true | ||||
|   asserts: | ||||
|   - failedTemplate: | ||||
|       errorMessage: "Name of the existing secret that contains the credentials for basic auth is not defined!" | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Fail when the name of the key in the secret that contains the username for basic auth is undefined | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.secret.existing.enabled: true | ||||
|     prometheus.metrics.secret.existing.basicAuthUsernameKey: "" | ||||
|     prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key" | ||||
|     prometheus.metrics.secret.existing.secretName: "my-secret" | ||||
|     prometheus.metrics.podMonitor.enabled: true | ||||
|   asserts: | ||||
|   - failedTemplate: | ||||
|       errorMessage: "Name of the key in the secret that contains the username for basic auth is not defined!" | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Fail when the name of the key in the secret that contains the password for basic auth is undefined | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.secret.existing.enabled: true | ||||
|     prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key" | ||||
|     prometheus.metrics.secret.existing.basicAuthPasswordKey: "" | ||||
|     prometheus.metrics.secret.existing.secretName: "my-secret" | ||||
|     prometheus.metrics.podMonitor.enabled: true | ||||
|   asserts: | ||||
|   - failedTemplate: | ||||
|       errorMessage: "Name of the key in the secret that contains the password for basic auth is not defined!" | ||||
|     template: templates/deployment.yaml | ||||
							
								
								
									
										109
									
								
								unittests/deployment/prometheusServiceMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										109
									
								
								unittests/deployment/prometheusServiceMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,109 @@ | ||||
| chart: | ||||
|   appVersion: 0.1.0 | ||||
|   version: 0.1.0 | ||||
| suite: Add prometheus basic auth variables | ||||
| release: | ||||
|   name: reposilite-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/deployment.yaml | ||||
| - templates/secretPrometheusBasicAuth.yaml | ||||
| tests: | ||||
| - it: Rendering default environment variables with enabled prometheus metrics serviceMonitor | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.serviceMonitor.enabled: true | ||||
|     prometheus.metrics.secret.new.basicAuthPassword: "my-password" | ||||
|     prometheus.metrics.secret.new.basicAuthUsername: "my-username" | ||||
|   asserts: | ||||
|   - exists: | ||||
|       path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].env | ||||
|       content: | ||||
|         name: REPOSILITE_PROMETHEUS_PASSWORD | ||||
|         valueFrom: | ||||
|           secretKeyRef: | ||||
|             name: reposilite-unittest-basic-auth-credentials | ||||
|             key: password | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].env | ||||
|       content: | ||||
|         name: REPOSILITE_PROMETHEUS_USER | ||||
|         valueFrom: | ||||
|           secretKeyRef: | ||||
|             name: reposilite-unittest-basic-auth-credentials | ||||
|             key: username | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Rendering default environment variables with enabled prometheus metrics serviceMonitor and external secret | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.secret.existing.enabled: true | ||||
|     prometheus.metrics.secret.existing.basicAuthUsernameKey: my-username-key | ||||
|     prometheus.metrics.secret.existing.basicAuthPasswordKey: my-password-key | ||||
|     prometheus.metrics.secret.existing.secretName: my-secret | ||||
|     prometheus.metrics.serviceMonitor.enabled: true | ||||
|   asserts: | ||||
|   - notExists: | ||||
|       path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].env | ||||
|       content: | ||||
|         name: REPOSILITE_PROMETHEUS_PASSWORD | ||||
|         valueFrom: | ||||
|           secretKeyRef: | ||||
|             name: my-secret | ||||
|             key: my-password-key | ||||
|     template: templates/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].env | ||||
|       content: | ||||
|         name: REPOSILITE_PROMETHEUS_USER | ||||
|         valueFrom: | ||||
|           secretKeyRef: | ||||
|             name: my-secret | ||||
|             key: my-username-key | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Fail when existing secret name is undefined | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.secret.existing.enabled: true | ||||
|     prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key" | ||||
|     prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key" | ||||
|     prometheus.metrics.secret.existing.secretName: "" | ||||
|     prometheus.metrics.serviceMonitor.enabled: true | ||||
|   asserts: | ||||
|   - failedTemplate: | ||||
|       errorMessage: "Name of the existing secret that contains the credentials for basic auth is not defined!" | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Fail when the name of the key in the secret that contains the username for basic auth is undefined | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.secret.existing.enabled: true | ||||
|     prometheus.metrics.secret.existing.basicAuthUsernameKey: "" | ||||
|     prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key" | ||||
|     prometheus.metrics.secret.existing.secretName: "my-secret" | ||||
|     prometheus.metrics.serviceMonitor.enabled: true | ||||
|   asserts: | ||||
|   - failedTemplate: | ||||
|       errorMessage: "Name of the key in the secret that contains the username for basic auth is not defined!" | ||||
|     template: templates/deployment.yaml | ||||
|  | ||||
| - it: Fail when the name of the key in the secret that contains the password for basic auth is undefined | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.secret.existing.enabled: true | ||||
|     prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key" | ||||
|     prometheus.metrics.secret.existing.basicAuthPasswordKey: "" | ||||
|     prometheus.metrics.secret.existing.secretName: "my-secret" | ||||
|     prometheus.metrics.serviceMonitor.enabled: true | ||||
|   asserts: | ||||
|   - failedTemplate: | ||||
|       errorMessage: "Name of the key in the secret that contains the password for basic auth is not defined!" | ||||
|     template: templates/deployment.yaml | ||||
							
								
								
									
										179
									
								
								unittests/podMonitors/podMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										179
									
								
								unittests/podMonitors/podMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,179 @@ | ||||
| chart: | ||||
|   appVersion: 0.1.0 | ||||
|   version: 0.1.0 | ||||
| suite: PodMonitor template | ||||
| release: | ||||
|   name: reposilite-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/podMonitor.yaml | ||||
| tests: | ||||
| - it: Skip podMonitor when metrics are disabled. | ||||
|   set: | ||||
|     prometheus.metrics.enabled: false | ||||
|     prometheus.metrics.podMonitor.enabled: true | ||||
|     prometheus.metrics.serviceMonitor.enabled: true | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 0 | ||||
|  | ||||
| - it: Skip podMonitor when podMonitor is disabled. | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.podMonitor.enabled: false | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 0 | ||||
|  | ||||
| - it: Skip podMonitor when both monitor types are enabled. | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.podMonitor.enabled: true | ||||
|     prometheus.metrics.serviceMonitor.enabled: true | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 0 | ||||
|  | ||||
| - it: Rendering podMonitor with default values - enabled manually. | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.podMonitor.enabled: true | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 1 | ||||
|   - containsDocument: | ||||
|       apiVersion: monitoring.coreos.com/v1 | ||||
|       kind: PodMonitor | ||||
|       name: reposilite-unittest | ||||
|       namespace: testing | ||||
|   - notExists: | ||||
|       path: metadata.annotations | ||||
|   - equal: | ||||
|       path: metadata.labels | ||||
|       value: | ||||
|         app.kubernetes.io/instance: reposilite-unittest | ||||
|         app.kubernetes.io/managed-by: Helm | ||||
|         app.kubernetes.io/name: reposilite | ||||
|         app.kubernetes.io/version: 0.1.0 | ||||
|         helm.sh/chart: reposilite-0.1.0 | ||||
|   - isSubset: | ||||
|       path: spec.podMetricsEndpoints[0].basicAuth | ||||
|       content: | ||||
|         password: | ||||
|           key: password | ||||
|           name: reposilite-unittest-basic-auth-credentials | ||||
|         username: | ||||
|           key: username | ||||
|           name: reposilite-unittest-basic-auth-credentials | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].enableHttp2 | ||||
|       value: false | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].followRedirects | ||||
|       value: false | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].honorLabels | ||||
|       value: false | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].interval | ||||
|       value: 60s | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].path | ||||
|       value: /metrics | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].port | ||||
|       value: http | ||||
|   - notExists: | ||||
|       path: spec.podMetricsEndpoints[0].relabelings | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].scrapeTimeout | ||||
|       value: 30s | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].scheme | ||||
|       value: http | ||||
|   - contains: | ||||
|       path: spec.namespaceSelector.matchNames | ||||
|       content: | ||||
|         testing | ||||
|   - equal: | ||||
|       path: spec.selector.matchLabels | ||||
|       value: | ||||
|         app.kubernetes.io/instance: reposilite-unittest | ||||
|         app.kubernetes.io/name: reposilite | ||||
|  | ||||
| - it: Render podMonitor with custom annotations and labels. | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.podMonitor.enabled: true | ||||
|     prometheus.metrics.podMonitor.annotations: | ||||
|       foo: bar | ||||
|     prometheus.metrics.podMonitor.labels: | ||||
|       bar: foo | ||||
|   asserts: | ||||
|   - equal: | ||||
|       path: metadata.annotations | ||||
|       value: | ||||
|         foo: bar | ||||
|   - equal: | ||||
|       path: metadata.labels | ||||
|       value: | ||||
|         app.kubernetes.io/instance: reposilite-unittest | ||||
|         app.kubernetes.io/managed-by: Helm | ||||
|         app.kubernetes.io/name: reposilite | ||||
|         app.kubernetes.io/version: 0.1.0 | ||||
|         bar: foo | ||||
|         helm.sh/chart: reposilite-0.1.0 | ||||
|  | ||||
| - it: Change defaults | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.podMonitor.enabled: true | ||||
|     prometheus.metrics.podMonitor.enableHttp2: false | ||||
|     prometheus.metrics.podMonitor.followRedirects: true | ||||
|     prometheus.metrics.podMonitor.honorLabels: true | ||||
|     prometheus.metrics.podMonitor.interval: "180s" | ||||
|     prometheus.metrics.podMonitor.path: "/my-metrics" | ||||
|     prometheus.metrics.podMonitor.port: "8443" | ||||
|     prometheus.metrics.podMonitor.relabelings: | ||||
|     - sourceLabels: [ container ] | ||||
|       separator: ";" | ||||
|       regex: "app" | ||||
|       replacement: "$1" | ||||
|       action: "drop" | ||||
|     prometheus.metrics.podMonitor.scheme: https | ||||
|     prometheus.metrics.podMonitor.scrapeTimeout: "5s" | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 1 | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].enableHttp2 | ||||
|       value: false | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].followRedirects | ||||
|       value: true | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].honorLabels | ||||
|       value: true | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].interval | ||||
|       value: 180s | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].path | ||||
|       value: /my-metrics | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].port | ||||
|       value: "8443" | ||||
|   - contains: | ||||
|       path: spec.podMetricsEndpoints[0].relabelings | ||||
|       content: | ||||
|         sourceLabels: [ container ] | ||||
|         separator: ";" | ||||
|         regex: "app" | ||||
|         replacement: "$1" | ||||
|         action: "drop" | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].scrapeTimeout | ||||
|       value: 5s | ||||
|   - equal: | ||||
|       path: spec.podMetricsEndpoints[0].scheme | ||||
|       value: https | ||||
							
								
								
									
										98
									
								
								unittests/secrets/basicAuth.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										98
									
								
								unittests/secrets/basicAuth.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,98 @@ | ||||
| chart: | ||||
|   appVersion: 0.1.0 | ||||
|   version: 0.1.0 | ||||
| suite: Secret reposilite template | ||||
| release: | ||||
|   name: reposilite-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/secretPrometheusBasicAuth.yaml | ||||
| tests: | ||||
| - it: Skip rendering | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 0 | ||||
|  | ||||
| - it: Throw error for missing basic auth password | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     # prometheus.metrics.secret.new.basicAuthPassword: "my-password" | ||||
|     prometheus.metrics.secret.new.basicAuthUsername: "my-username" | ||||
|   asserts: | ||||
|     - failedTemplate: | ||||
|         errorMessage: "Password for basic auth is required!" | ||||
|  | ||||
| - it: Throw error for missing basic auth username | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.secret.new.basicAuthPassword: "my-password" | ||||
|     # prometheus.metrics.secret.new.basicAuthUsername: "my-username" | ||||
|   asserts: | ||||
|     - failedTemplate: | ||||
|         errorMessage: "Username for basic auth is required!" | ||||
|  | ||||
| - it: Rendering secret with default values. | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.secret.new.basicAuthPassword: "my-password" | ||||
|     prometheus.metrics.secret.new.basicAuthUsername: "my-username" | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 1 | ||||
|   - containsDocument: | ||||
|       apiVersion: v1 | ||||
|       kind: Secret | ||||
|       name: reposilite-unittest-basic-auth-credentials | ||||
|       namespace: testing | ||||
|   - notExists: | ||||
|       path: metadata.annotations | ||||
|   - equal: | ||||
|       path: metadata.labels | ||||
|       value: | ||||
|         app.kubernetes.io/instance: reposilite-unittest | ||||
|         app.kubernetes.io/managed-by: Helm | ||||
|         app.kubernetes.io/name: reposilite | ||||
|         app.kubernetes.io/version: 0.1.0 | ||||
|         helm.sh/chart: reposilite-0.1.0 | ||||
|   - exists: | ||||
|       path: stringData.password | ||||
|   - exists: | ||||
|       path: stringData.username | ||||
|  | ||||
| - it: Rendering secret with custom values. | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.secret.new.basicAuthPassword: foo | ||||
|     prometheus.metrics.secret.new.basicAuthUsername: bar | ||||
|     prometheus.metrics.secret.new.annotations: | ||||
|       foo: bar | ||||
|     prometheus.metrics.secret.new.labels: | ||||
|       bar: foo | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 1 | ||||
|   - isSubset: | ||||
|       path: metadata.annotations | ||||
|       content: | ||||
|         foo: bar | ||||
|   - isSubset: | ||||
|       path: metadata.labels | ||||
|       content: | ||||
|         bar: foo | ||||
|   - equal: | ||||
|       path: metadata.name | ||||
|       value: reposilite-unittest-basic-auth-credentials | ||||
|   - equal: | ||||
|       path: stringData.password | ||||
|       value: foo | ||||
|   - equal: | ||||
|       path: stringData.username | ||||
|       value: bar | ||||
|  | ||||
| - it: Skip rendering if existing secret is used | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.secret.existing.enabled: true | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 0 | ||||
| @@ -53,13 +53,13 @@ tests: | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 1 | ||||
|   - exists: | ||||
|   - isSubset: | ||||
|       path: metadata.annotations | ||||
|       value: | ||||
|       content: | ||||
|         foo: bar | ||||
|   - exists: | ||||
|   - isSubset: | ||||
|       path: metadata.labels | ||||
|       value: | ||||
|       content: | ||||
|         bar: foo | ||||
|   - equal: | ||||
|       path: metadata.name | ||||
|   | ||||
							
								
								
									
										194
									
								
								unittests/serviceMonitors/serviceMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										194
									
								
								unittests/serviceMonitors/serviceMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,194 @@ | ||||
| chart: | ||||
|   appVersion: 0.1.0 | ||||
|   version: 0.1.0 | ||||
| suite: ServiceMonitor template | ||||
| release: | ||||
|   name: reposilite-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/serviceMonitor.yaml | ||||
| tests: | ||||
| - it: Skip serviceMonitor when service is disabled. | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.serviceMonitor.enabled: true | ||||
|     service.enabled: false | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 0 | ||||
|  | ||||
| - it: Skip serviceMonitor when metrics are disabled. | ||||
|   set: | ||||
|     prometheus.metrics.enabled: false | ||||
|     prometheus.metrics.serviceMonitor.enabled: true | ||||
|     services.http.enabled: true | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 0 | ||||
|  | ||||
| - it: Skip serviceMonitor when serviceMonitor is disabled. | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.serviceMonitor.enabled: false | ||||
|     services.http.enabled: true | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 0 | ||||
|  | ||||
| - it: Rendering serviceMonitor with default values - enabled manually. | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.serviceMonitor.enabled: true | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 1 | ||||
|   - containsDocument: | ||||
|       apiVersion: monitoring.coreos.com/v1 | ||||
|       kind: ServiceMonitor | ||||
|       name: reposilite-unittest | ||||
|       namespace: testing | ||||
|   - notExists: | ||||
|       path: metadata.annotations | ||||
|   - equal: | ||||
|       path: metadata.labels | ||||
|       value: | ||||
|         app.kubernetes.io/instance: reposilite-unittest | ||||
|         app.kubernetes.io/managed-by: Helm | ||||
|         app.kubernetes.io/name: reposilite | ||||
|         app.kubernetes.io/version: 0.1.0 | ||||
|         helm.sh/chart: reposilite-0.1.0 | ||||
|   - isSubset: | ||||
|       path: spec.endpoints[0].basicAuth | ||||
|       content: | ||||
|         password: | ||||
|           key: password | ||||
|           name: reposilite-unittest-basic-auth-credentials | ||||
|         username: | ||||
|           key: username | ||||
|           name: reposilite-unittest-basic-auth-credentials | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].enableHttp2 | ||||
|       value: false | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].followRedirects | ||||
|       value: false | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].honorLabels | ||||
|       value: false | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].interval | ||||
|       value: 60s | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].path | ||||
|       value: /metrics | ||||
|   - notExists: | ||||
|       path: spec.endpoints[0].relabelings | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].scrapeTimeout | ||||
|       value: 30s | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].scheme | ||||
|       value: http | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].port | ||||
|       value: http | ||||
|   - contains: | ||||
|       path: spec.namespaceSelector.matchNames | ||||
|       content: | ||||
|         testing | ||||
|   - equal: | ||||
|       path: spec.selector.matchLabels | ||||
|       value: | ||||
|         app.kubernetes.io/instance: reposilite-unittest | ||||
|         app.kubernetes.io/name: reposilite | ||||
|         app.kubernetes.io/service-name: http | ||||
|  | ||||
| - it: Render serviceMonitor with custom annotations and labels. | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.serviceMonitor.enabled: true | ||||
|     prometheus.metrics.serviceMonitor.annotations: | ||||
|       foo: bar | ||||
|     prometheus.metrics.serviceMonitor.labels: | ||||
|       bar: foo | ||||
|   asserts: | ||||
|   - equal: | ||||
|       path: metadata.annotations | ||||
|       value: | ||||
|         foo: bar | ||||
|   - equal: | ||||
|       path: metadata.labels | ||||
|       value: | ||||
|         app.kubernetes.io/instance: reposilite-unittest | ||||
|         app.kubernetes.io/managed-by: Helm | ||||
|         app.kubernetes.io/name: reposilite | ||||
|         app.kubernetes.io/version: 0.1.0 | ||||
|         bar: foo | ||||
|         helm.sh/chart: reposilite-0.1.0 | ||||
|  | ||||
| - it: Change defaults | ||||
|   set: | ||||
|     prometheus.metrics.enabled: true | ||||
|     prometheus.metrics.secret.existing.enabled: true | ||||
|     prometheus.metrics.secret.existing.secretName: "my-secret" | ||||
|     prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key" | ||||
|     prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key" | ||||
|     prometheus.metrics.serviceMonitor.enabled: true | ||||
|     prometheus.metrics.serviceMonitor.enableHttp2: false | ||||
|     prometheus.metrics.serviceMonitor.followRedirects: true | ||||
|     prometheus.metrics.serviceMonitor.honorLabels: true | ||||
|     prometheus.metrics.serviceMonitor.interval: "180s" | ||||
|     prometheus.metrics.serviceMonitor.path: "/my-metrics" | ||||
|     prometheus.metrics.serviceMonitor.relabelings: | ||||
|     - sourceLabels: [ container ] | ||||
|       separator: ";" | ||||
|       regex: "app" | ||||
|       replacement: "$1" | ||||
|       action: "drop" | ||||
|     prometheus.metrics.serviceMonitor.scrapeTimeout: "5s" | ||||
|     prometheus.metrics.serviceMonitor.scheme: "https" | ||||
|     service.scheme: https | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 1 | ||||
|   - isSubset: | ||||
|       path: spec.endpoints[0].basicAuth | ||||
|       content: | ||||
|         password: | ||||
|           key: my-password-key | ||||
|           name: my-secret | ||||
|         username: | ||||
|           key: my-username-key | ||||
|           name: my-secret | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].enableHttp2 | ||||
|       value: false | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].followRedirects | ||||
|       value: true | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].honorLabels | ||||
|       value: true | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].interval | ||||
|       value: 180s | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].path | ||||
|       value: /my-metrics | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].port | ||||
|       value: https | ||||
|   - contains: | ||||
|       path: spec.endpoints[0].relabelings | ||||
|       content: | ||||
|         sourceLabels: [ container ] | ||||
|         separator: ";" | ||||
|         regex: "app" | ||||
|         replacement: "$1" | ||||
|         action: "drop" | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].scrapeTimeout | ||||
|       value: 5s | ||||
|   - equal: | ||||
|       path: spec.endpoints[0].scheme | ||||
|       value: https | ||||
| @@ -32,6 +32,7 @@ tests: | ||||
|         app.kubernetes.io/instance: reposilite-unittest | ||||
|         app.kubernetes.io/managed-by: Helm | ||||
|         app.kubernetes.io/name: reposilite | ||||
|         app.kubernetes.io/service-name: http | ||||
|         app.kubernetes.io/version: 0.1.0 | ||||
|         helm.sh/chart: reposilite-0.1.0 | ||||
|   - notExists: | ||||
| @@ -77,28 +78,35 @@ tests: | ||||
|     service.internalTrafficPolicy: "" | ||||
|   asserts: | ||||
|   - failedTemplate: | ||||
|     errorMessage: No internal traffic policy defined! | ||||
|       errorMessage: No internal traffic policy defined! | ||||
|  | ||||
| - it: Require port. | ||||
|   set: | ||||
|     service.port: "" | ||||
|   asserts: | ||||
|   - failedTemplate: | ||||
|     errorMessage: No service port defined! | ||||
|       errorMessage: No service port defined! | ||||
|  | ||||
| - it: Require scheme. | ||||
|   set: | ||||
|     service.scheme: "" | ||||
|   asserts: | ||||
|   - failedTemplate: | ||||
|       errorMessage: The scheme of the serviceMonitor is not defined! | ||||
|  | ||||
| - it: Require sessionAffinity. | ||||
|   set: | ||||
|     service.sessionAffinity: "" | ||||
|   asserts: | ||||
|   - failedTemplate: | ||||
|     errorMessage: No session affinity defined! | ||||
|       errorMessage: No session affinity defined! | ||||
|  | ||||
| - it: Require service type. | ||||
|   set: | ||||
|     service.type: "" | ||||
|   asserts: | ||||
|   - failedTemplate: | ||||
|     errorMessage: No service type defined! | ||||
|       errorMessage: No service type defined! | ||||
|  | ||||
| - it: Render service with custom annotations and labels. | ||||
|   set: | ||||
| @@ -106,6 +114,7 @@ tests: | ||||
|       foo: bar | ||||
|     service.labels: | ||||
|       bar: foo | ||||
|     service.scheme: https | ||||
|   asserts: | ||||
|   - equal: | ||||
|       path: metadata.annotations | ||||
| @@ -117,6 +126,7 @@ tests: | ||||
|         app.kubernetes.io/instance: reposilite-unittest | ||||
|         app.kubernetes.io/managed-by: Helm | ||||
|         app.kubernetes.io/name: reposilite | ||||
|         app.kubernetes.io/service-name: https | ||||
|         app.kubernetes.io/version: 0.1.0 | ||||
|         helm.sh/chart: reposilite-0.1.0 | ||||
|         bar: foo | ||||
| @@ -134,6 +144,7 @@ tests: | ||||
|     service.loadBalancerSourceRanges: | ||||
|     - "11.12.0.0/17" | ||||
|     service.port: 10443 | ||||
|     service.scheme: https | ||||
|     service.sessionAffinity: ClientIP | ||||
|     service.type: LoadBalancer | ||||
|   asserts: | ||||
| @@ -161,6 +172,9 @@ tests: | ||||
|       path: spec.loadBalancerSourceRanges | ||||
|       value: | ||||
|       - "11.12.0.0/17" | ||||
|   - equal: | ||||
|       path: spec.ports[0].name | ||||
|       value: https | ||||
|   - equal: | ||||
|       path: spec.ports[0].port | ||||
|       value: 10443 | ||||
|   | ||||
							
								
								
									
										130
									
								
								values.yaml
									
									
									
									
									
								
							
							
						
						
									
										130
									
								
								values.yaml
									
									
									
									
									
								
							| @@ -6,6 +6,17 @@ | ||||
| nameOverride: "" | ||||
| fullnameOverride: "" | ||||
|  | ||||
|  | ||||
| ## @section Config | ||||
| config: | ||||
|   plugins: | ||||
|     ## @param config.plugins.prometheus.enabled Download the Prometheus plugin via an additional init container. The Prometheus plugin will automatically enabled, when Prometheus is enabled. | ||||
|     ## @param config.plugins.prometheus.url URL to download the plugin. | ||||
|     prometheus: | ||||
|       enabled: false | ||||
|       url: https://maven.reposilite.com/releases/com/reposilite/plugin/prometheus-plugin/{{ .Chart.AppVersion }}/prometheus-plugin-{{ .Chart.AppVersion }}-all.jar | ||||
|  | ||||
|  | ||||
| ## @section Deployment | ||||
| deployment: | ||||
|   ## @param deployment.annotations Additional deployment annotations. | ||||
| @@ -149,6 +160,24 @@ deployment: | ||||
|   ## @param deployment.nodeSelector NodeSelector of the Reposilite deployment. | ||||
|   nodeSelector: {} | ||||
|  | ||||
|   pluginContainer: | ||||
|     ## @param deployment.pluginContainer.args Arguments passed to the plugin container. | ||||
|     args: | ||||
|     - "--location" | ||||
|     - "--fail" | ||||
|     - "--max-time" | ||||
|     - "60" | ||||
|  | ||||
|     ## @param deployment.pluginContainer.image.registry Image registry, eg. `docker.io`. | ||||
|     ## @param deployment.pluginContainer.image.repository Image repository, eg. `curlimages/curl`. | ||||
|     ## @param deployment.pluginContainer.image.tag Custom image tag, eg. `0.1.0`. | ||||
|     ## @param deployment.pluginContainer.image.pullPolicy Image pull policy. | ||||
|     image: | ||||
|       registry: docker.io | ||||
|       repository: curlimages/curl | ||||
|       tag: "8.16.0" | ||||
|       pullPolicy: IfNotPresent | ||||
|  | ||||
|   ## @param deployment.priorityClassName PriorityClassName of the Reposilite deployment. | ||||
|   priorityClassName: "" | ||||
|  | ||||
| @@ -183,13 +212,14 @@ deployment: | ||||
|  | ||||
|   ## @param deployment.topologySpreadConstraints TopologySpreadConstraints of the Reposilite deployment. | ||||
|   topologySpreadConstraints: [] | ||||
|   # - topologyKey: kubernetes.io/hostname | ||||
|   # - maxSkew: 1 | ||||
|   #   topologyKey: kubernetes.io/hostname | ||||
|   #   whenUnsatisfiable: DoNotSchedule | ||||
|   #   labelSelector: | ||||
|   #     matchLabels: | ||||
|   #       app.kubernetes.io/instance: prometheus-reposilite | ||||
|   #       app.kubernetes.io/instance: reposilite | ||||
|  | ||||
|   ## @param deployment.volumes Additional volumes to mount into the pods of the prometheus-exporter deployment. | ||||
|   ## @param deployment.volumes Additional volumes to mount into the pods of the reposilite deployment. | ||||
|   volumes: [] | ||||
|   # - name: my-configmap-volume | ||||
|   #   config: | ||||
| @@ -301,6 +331,11 @@ networkPolicy: | ||||
|   #   - port: 53 | ||||
|   #     protocol: UDP | ||||
|  | ||||
|   ## Allow outgoing HTTP traffic. For example to download maven artifacts from Apache Maven Central or Reposlite plugins from upstream. | ||||
|   # - ports: | ||||
|   #   - port: 443 | ||||
|   #     protocol: TCP | ||||
|  | ||||
|   ingress: [] | ||||
|   # Allow incoming HTTP traffic from prometheus. | ||||
|   # | ||||
| @@ -314,6 +349,8 @@ networkPolicy: | ||||
|   #   ports: | ||||
|   #   - port: http | ||||
|   #     protocol: TCP | ||||
|   #   - port: https | ||||
|   #     protocol: TCP | ||||
|  | ||||
|   # Allow incoming HTTP traffic from ingress-nginx. | ||||
|   # | ||||
| @@ -327,6 +364,8 @@ networkPolicy: | ||||
|   #   ports: | ||||
|   #   - port: http | ||||
|   #     protocol: TCP | ||||
|   #   - port: https | ||||
|   #     protocol: TCP | ||||
|  | ||||
|  | ||||
| ## @section Persistent Volume Claim | ||||
| @@ -355,6 +394,89 @@ persistentVolumeClaim: | ||||
|     storageClass: "" | ||||
|  | ||||
|  | ||||
| ## @section Prometheus | ||||
| prometheus: | ||||
|   metrics: | ||||
|     ## @param prometheus.metrics.enabled Enable of scraping metrics by Prometheus. | ||||
|     enabled: false | ||||
|  | ||||
|     secret: | ||||
|       ## @param prometheus.metrics.secret.existing.enabled Use an existing secret containing the basic auth credentials. | ||||
|       ## @param prometheus.metrics.secret.existing.secretName Name of the secret containing the basic auth credentials. | ||||
|       ## @param prometheus.metrics.secret.existing.basicAuthUsernameKey Name of the key in the secret that contains the username for basic auth. | ||||
|       ## @param prometheus.metrics.secret.existing.basicAuthPasswordKey Name of the key in the secret that contains the password for basic auth. | ||||
|       existing: | ||||
|         enabled: false | ||||
|         secretName: "" | ||||
|         basicAuthUsernameKey: "" | ||||
|         basicAuthPasswordKey: "" | ||||
|  | ||||
|       ## @param prometheus.metrics.secret.new.annotations Additional secret annotations. | ||||
|       ## @param prometheus.metrics.secret.new.labels Additional secret labels. | ||||
|       ## @param prometheus.metrics.secret.new.basicAuthUsername Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string. | ||||
|       ## @param prometheus.metrics.secret.new.basicAuthPassword Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string. | ||||
|       new: | ||||
|         annotations: {} | ||||
|         labels: {} | ||||
|         basicAuthUsername: "" | ||||
|         basicAuthPassword: "" | ||||
|  | ||||
|     ## @param prometheus.metrics.podMonitor.enabled Enable creation of a podMonitor. Excludes the existence of a serviceMonitor resource. | ||||
|     ## @param prometheus.metrics.podMonitor.annotations Additional podMonitor annotations. | ||||
|     ## @param prometheus.metrics.podMonitor.enableHttp2 Enable HTTP2. | ||||
|     ## @param prometheus.metrics.podMonitor.followRedirects FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | ||||
|     ## @param prometheus.metrics.podMonitor.honorLabels Honor labels. | ||||
|     ## @param prometheus.metrics.podMonitor.labels Additional podMonitor labels. | ||||
|     ## @param prometheus.metrics.podMonitor.interval Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | ||||
|     ## @param prometheus.metrics.podMonitor.path HTTP path of the Reposilite pod for scraping Prometheus metrics. | ||||
|     ## @param prometheus.metrics.podMonitor.port HTTP port of the Reposilite pod for scraping Prometheus metrics. | ||||
|     ## @param prometheus.metrics.podMonitor.relabelings RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | ||||
|     ## @param prometheus.metrics.podMonitor.scrapeTimeout Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | ||||
|     ## @param prometheus.metrics.podMonitor.scheme HTTP scheme to use for scraping. For example `http` or `https`. | ||||
|     ## @param prometheus.metrics.podMonitor.tlsConfig TLS configuration to use when scraping the metric endpoint by Prometheus. | ||||
|     ## @skip prometheus.metrics.podMonitor.tlsConfig Skip individual TLS configuration. | ||||
|     podMonitor: | ||||
|       enabled: false | ||||
|       annotations: {} | ||||
|       enableHttp2: false | ||||
|       followRedirects: false | ||||
|       honorLabels: false | ||||
|       labels: {} | ||||
|       interval: "60s" | ||||
|       path: "/metrics" | ||||
|       port: "http" | ||||
|       relabelings: [] | ||||
|       scrapeTimeout: "30s" | ||||
|       scheme: "http" | ||||
|       tlsConfig: {} | ||||
|  | ||||
|     ## @param prometheus.metrics.serviceMonitor.enabled Enable creation of a serviceMonitor. Excludes the existence of a podMonitor resource. | ||||
|     ## @param prometheus.metrics.serviceMonitor.annotations Additional serviceMonitor annotations. | ||||
|     ## @param prometheus.metrics.serviceMonitor.labels Additional serviceMonitor labels. | ||||
|     ## @param prometheus.metrics.serviceMonitor.enableHttp2 Enable HTTP2. | ||||
|     ## @param prometheus.metrics.serviceMonitor.followRedirects FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | ||||
|     ## @param prometheus.metrics.serviceMonitor.honorLabels Honor labels. | ||||
|     ## @param prometheus.metrics.serviceMonitor.interval Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | ||||
|     ## @param prometheus.metrics.serviceMonitor.path HTTP path for scraping Prometheus metrics. | ||||
|     ## @param prometheus.metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | ||||
|     ## @param prometheus.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | ||||
|     ## @param prometheus.metrics.serviceMonitor.scheme HTTP scheme to use for scraping. For example `http` or `https`. | ||||
|     ## @param prometheus.metrics.serviceMonitor.tlsConfig TLS configuration to use when scraping the metric endpoint by Prometheus. | ||||
|     ## @skip prometheus.metrics.serviceMonitor.tlsConfig Skip individual TLS configuration. | ||||
|     serviceMonitor: | ||||
|       enabled: false | ||||
|       annotations: {} | ||||
|       labels: {} | ||||
|       enableHttp2: false | ||||
|       followRedirects: false | ||||
|       honorLabels: false | ||||
|       interval: "60s" | ||||
|       path: "/metrics" | ||||
|       relabelings: [] | ||||
|       scrapeTimeout: "30s" | ||||
|       scheme: "http" | ||||
|       tlsConfig: {} | ||||
|  | ||||
| ## @section Service | ||||
| ## @param service.enabled Enable the service. | ||||
| ## @param service.annotations Additional service annotations. | ||||
| @@ -367,6 +489,7 @@ persistentVolumeClaim: | ||||
| ## @param service.loadBalancerIP LoadBalancer will get created with the IP specified in this field. Requires service from type `LoadBalancer`. | ||||
| ## @param service.loadBalancerSourceRanges Source range filter for LoadBalancer. Requires service from type `LoadBalancer`. | ||||
| ## @param service.port Port to forward the traffic to. | ||||
| ## @param service.scheme Name of the service port. This name is also used as scheme / port name of the service monitor resource. | ||||
| ## @param service.sessionAffinity Supports `ClientIP` and `None`. Enable client IP based session affinity via `ClientIP`. | ||||
| ## @param service.sessionAffinityConfig Contains the configuration of the session affinity. | ||||
| ## @param service.type Kubernetes service type for the traffic. | ||||
| @@ -382,6 +505,7 @@ service: | ||||
|   loadBalancerIP: "" | ||||
|   loadBalancerSourceRanges: [] | ||||
|   port: 8080 | ||||
|   scheme: http | ||||
|   sessionAffinity: "None" | ||||
|   sessionAffinityConfig: {} | ||||
|   type: "ClusterIP" | ||||
|   | ||||
		Reference in New Issue
	
	Block a user