You've already forked reposilite-charts
Compare commits
19 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
334a8b877b
|
|||
| ba1fd42cfc | |||
| 70faa1ff8f | |||
d7d5bc4dae
|
|||
|
a3f1ab1850
|
|||
| c4919a6bfc | |||
|
6ca6f583d3
|
|||
| 0d10fb2cdc | |||
| a373c49e2a | |||
|
633d4f1bfd
|
|||
|
cc201633de
|
|||
| 64c20379a2 | |||
|
98ec01a217
|
|||
|
796c257d0a
|
|||
| 387547e813 | |||
| e16a1ff2ed | |||
|
c8d8efeae3
|
|||
|
2a7d111525
|
|||
|
64de0eb8ea
|
@@ -15,7 +15,7 @@ on:
|
||||
jobs:
|
||||
generate-parameters:
|
||||
container:
|
||||
image: docker.io/library/node:24.8.0-alpine
|
||||
image: docker.io/library/node:24.9.0-alpine
|
||||
runs-on:
|
||||
- ubuntu-latest
|
||||
steps:
|
||||
|
||||
@@ -13,7 +13,7 @@ on:
|
||||
jobs:
|
||||
helm-lint:
|
||||
container:
|
||||
image: docker.io/volkerraschek/helm:3.18.5
|
||||
image: docker.io/volkerraschek/helm:3.19.0
|
||||
runs-on:
|
||||
- ubuntu-latest
|
||||
steps:
|
||||
@@ -28,7 +28,7 @@ jobs:
|
||||
|
||||
helm-unittest:
|
||||
container:
|
||||
image: docker.io/volkerraschek/helm:3.18.5
|
||||
image: docker.io/volkerraschek/helm:3.19.0
|
||||
runs-on:
|
||||
- ubuntu-latest
|
||||
steps:
|
||||
|
||||
@@ -15,7 +15,7 @@ on:
|
||||
jobs:
|
||||
markdown-link-checker:
|
||||
container:
|
||||
image: docker.io/library/node:24.8.0-alpine
|
||||
image: docker.io/library/node:24.9.0-alpine
|
||||
runs-on:
|
||||
- ubuntu-latest
|
||||
steps:
|
||||
@@ -31,7 +31,7 @@ jobs:
|
||||
|
||||
markdown-lint:
|
||||
container:
|
||||
image: docker.io/library/node:24.8.0-alpine
|
||||
image: docker.io/library/node:24.9.0-alpine
|
||||
runs-on:
|
||||
- ubuntu-latest
|
||||
steps:
|
||||
|
||||
@@ -8,7 +8,7 @@ on:
|
||||
jobs:
|
||||
publish-chart:
|
||||
container:
|
||||
image: docker.io/volkerraschek/helm:3.18.5
|
||||
image: docker.io/volkerraschek/helm:3.19.0
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Install packages via apk
|
||||
|
||||
@@ -5,7 +5,7 @@ annotations:
|
||||
- name: support
|
||||
url: https://git.cryptic.systems/volker.raschek/reposilite-charts/issues
|
||||
apiVersion: v2
|
||||
appVersion: "3.5.25"
|
||||
appVersion: "3.5.26"
|
||||
description: |
|
||||
Lightweight and easy-to-use repository management software
|
||||
dedicated for the Maven based artifacts in the JVM ecosystem
|
||||
|
||||
17
Makefile
17
Makefile
@@ -4,13 +4,13 @@ CONTAINER_RUNTIME?=$(shell which podman)
|
||||
# HELM_IMAGE
|
||||
HELM_IMAGE_REGISTRY_HOST?=docker.io
|
||||
HELM_IMAGE_REPOSITORY?=volkerraschek/helm
|
||||
HELM_IMAGE_VERSION?=3.18.2 # renovate: datasource=docker registryUrl=https://registry-nexus.orbis.dedalus.com depName=volkerraschek/helm
|
||||
HELM_IMAGE_VERSION?=3.19.0 # renovate: datasource=docker registryUrl=https://docker.io depName=volkerraschek/helm
|
||||
HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION}
|
||||
|
||||
# NODE_IMAGE
|
||||
NODE_IMAGE_REGISTRY_HOST?=docker.io
|
||||
NODE_IMAGE_REPOSITORY?=library/node
|
||||
NODE_IMAGE_VERSION?=24.8.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node
|
||||
NODE_IMAGE_VERSION?=24.9.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node
|
||||
NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION}
|
||||
|
||||
# MISSING DOT
|
||||
@@ -18,6 +18,19 @@ NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:
|
||||
missing-dot:
|
||||
grep --perl-regexp '## @(param|skip).*[^.]$$' values.yaml
|
||||
|
||||
# README
|
||||
# ==============================================================================
|
||||
readme: readme/link readme/lint readme/parameters
|
||||
|
||||
readme/link:
|
||||
npm install && npm run readme:link
|
||||
|
||||
readme/lint:
|
||||
npm install && npm run readme:lint
|
||||
|
||||
readme/parameters:
|
||||
npm install && npm run readme:parameters
|
||||
|
||||
# CONTAINER RUN - README
|
||||
# ==============================================================================
|
||||
PHONY+=container-run/readme
|
||||
|
||||
84
README.md
84
README.md
@@ -37,7 +37,7 @@ version of the chart must be in sync with the `values.yaml`. Newer *minor* versi
|
||||
versions can break something!
|
||||
|
||||
```bash
|
||||
CHART_VERSION=0.1.3
|
||||
CHART_VERSION=0.2.0
|
||||
helm show values volker.raschek/reposilite --version "${CHART_VERSION}" > values.yaml
|
||||
```
|
||||
|
||||
@@ -51,7 +51,7 @@ The helm chart also contains a persistent volume claim definition. It persistent
|
||||
Use the `--set` argument to persist your data.
|
||||
|
||||
```bash
|
||||
CHART_VERSION=0.1.3
|
||||
CHART_VERSION=0.2.0
|
||||
helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \
|
||||
persistentVolumeClaim.enabled=true
|
||||
```
|
||||
@@ -72,7 +72,7 @@ connection problems.
|
||||
> error.
|
||||
|
||||
```bash
|
||||
CHART_VERSION=0.1.3
|
||||
CHART_VERSION=0.2.0
|
||||
helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \
|
||||
--set 'deployment.reposilite.env[1].name=REPOSILITE_LOCAL_SSLENABLED' \
|
||||
--set 'deployment.reposilite.env[1].value="true"' \
|
||||
@@ -187,7 +187,7 @@ be set the credentials manually.
|
||||
The following example enable Prometheus metrics with custom basic auth credentials:
|
||||
|
||||
```bash
|
||||
CHART_VERSION=0.1.3
|
||||
CHART_VERSION=0.2.0
|
||||
helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \
|
||||
--set 'prometheus.metrics.enabled=true' \
|
||||
--set 'prometheus.metrics.basicAuthUsername=my-username' \
|
||||
@@ -205,10 +205,10 @@ helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \
|
||||
|
||||
### Config
|
||||
|
||||
| Name | Description | Value |
|
||||
| ----------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------- |
|
||||
| `config.plugins.prometheus.enabled` | Download the Prometheus plugin via an additional init container. The Prometheus plugin will automatically enabled, when Prometheus is enabled. | `false` |
|
||||
| `config.plugins.prometheus.url` | URL to download the plugin. | `https://maven.reposilite.com/releases/com/reposilite/plugin/prometheus-plugin/3.5.25/prometheus-plugin-3.5.25-all.jar` |
|
||||
| Name | Description | Value |
|
||||
| ----------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
||||
| `config.plugins.prometheus.enabled` | Download the Prometheus plugin via an additional init container. The Prometheus plugin will automatically enabled, when Prometheus is enabled. | `false` |
|
||||
| `config.plugins.prometheus.url` | URL to download the plugin. | `https://maven.reposilite.com/releases/com/reposilite/plugin/prometheus-plugin/{{ .Chart.AppVersion }}/prometheus-plugin-{{ .Chart.AppVersion }}-all.jar` |
|
||||
|
||||
### Deployment
|
||||
|
||||
@@ -240,7 +240,7 @@ helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \
|
||||
| `deployment.pluginContainer.args` | Arguments passed to the plugin container. | `["--location","--fail","--max-time","60"]` |
|
||||
| `deployment.pluginContainer.image.registry` | Image registry, eg. `docker.io`. | `docker.io` |
|
||||
| `deployment.pluginContainer.image.repository` | Image repository, eg. `curlimages/curl`. | `curlimages/curl` |
|
||||
| `deployment.pluginContainer.image.tag` | Custom image tag, eg. `0.1.0`. | `8.15.0` |
|
||||
| `deployment.pluginContainer.image.tag` | Custom image tag, eg. `0.1.0`. | `8.16.0` |
|
||||
| `deployment.pluginContainer.image.pullPolicy` | Image pull policy. | `IfNotPresent` |
|
||||
| `deployment.priorityClassName` | PriorityClassName of the Reposilite deployment. | `""` |
|
||||
| `deployment.replicas` | Number of replicas for the Reposilite deployment. | `1` |
|
||||
@@ -304,36 +304,42 @@ helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \
|
||||
|
||||
### Prometheus
|
||||
|
||||
| Name | Description | Value |
|
||||
| --------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- | ---------- |
|
||||
| `prometheus.metrics.enabled` | Enable of scraping metrics by Prometheus. | `false` |
|
||||
| `prometheus.metrics.basicAuthUsername` | Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string. | `""` |
|
||||
| `prometheus.metrics.basicAuthPassword` | Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string. | `""` |
|
||||
| `prometheus.metrics.podMonitor.enabled` | Enable creation of a podMonitor. Excludes the existence of a serviceMonitor resource. | `false` |
|
||||
| `prometheus.metrics.podMonitor.annotations` | Additional podMonitor annotations. | `{}` |
|
||||
| `prometheus.metrics.podMonitor.enableHttp2` | Enable HTTP2. | `false` |
|
||||
| `prometheus.metrics.podMonitor.followRedirects` | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | `false` |
|
||||
| `prometheus.metrics.podMonitor.honorLabels` | Honor labels. | `false` |
|
||||
| `prometheus.metrics.podMonitor.labels` | Additional podMonitor labels. | `{}` |
|
||||
| `prometheus.metrics.podMonitor.interval` | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | `60s` |
|
||||
| `prometheus.metrics.podMonitor.path` | HTTP path of the Reposilite pod for scraping Prometheus metrics. | `/metrics` |
|
||||
| `prometheus.metrics.podMonitor.port` | HTTP port of the Reposilite pod for scraping Prometheus metrics. | `http` |
|
||||
| `prometheus.metrics.podMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | `[]` |
|
||||
| `prometheus.metrics.podMonitor.scrapeTimeout` | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | `30s` |
|
||||
| `prometheus.metrics.podMonitor.scheme` | HTTP scheme to use for scraping. For example `http` or `https`. | `http` |
|
||||
| `prometheus.metrics.podMonitor.tlsConfig` | TLS configuration to use when scraping the metric endpoint by Prometheus. | `{}` |
|
||||
| `prometheus.metrics.serviceMonitor.enabled` | Enable creation of a serviceMonitor. Excludes the existence of a podMonitor resource. | `false` |
|
||||
| `prometheus.metrics.serviceMonitor.annotations` | Additional serviceMonitor annotations. | `{}` |
|
||||
| `prometheus.metrics.serviceMonitor.labels` | Additional serviceMonitor labels. | `{}` |
|
||||
| `prometheus.metrics.serviceMonitor.enableHttp2` | Enable HTTP2. | `false` |
|
||||
| `prometheus.metrics.serviceMonitor.followRedirects` | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | `false` |
|
||||
| `prometheus.metrics.serviceMonitor.honorLabels` | Honor labels. | `false` |
|
||||
| `prometheus.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | `60s` |
|
||||
| `prometheus.metrics.serviceMonitor.path` | HTTP path for scraping Prometheus metrics. | `/metrics` |
|
||||
| `prometheus.metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | `[]` |
|
||||
| `prometheus.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | `30s` |
|
||||
| `prometheus.metrics.serviceMonitor.scheme` | HTTP scheme to use for scraping. For example `http` or `https`. | `http` |
|
||||
| `prometheus.metrics.serviceMonitor.tlsConfig` | TLS configuration to use when scraping the metric endpoint by Prometheus. | `{}` |
|
||||
| Name | Description | Value |
|
||||
| --------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- | ---------- |
|
||||
| `prometheus.metrics.enabled` | Enable of scraping metrics by Prometheus. | `false` |
|
||||
| `prometheus.metrics.secret.existing.enabled` | Use an existing secret containing the basic auth credentials. | `false` |
|
||||
| `prometheus.metrics.secret.existing.secretName` | Name of the secret containing the basic auth credentials. | `""` |
|
||||
| `prometheus.metrics.secret.existing.basicAuthUsernameKey` | Name of the key in the secret that contains the username for basic auth. | `""` |
|
||||
| `prometheus.metrics.secret.existing.basicAuthPasswordKey` | Name of the key in the secret that contains the password for basic auth. | `""` |
|
||||
| `prometheus.metrics.secret.new.annotations` | Additional secret annotations. | `{}` |
|
||||
| `prometheus.metrics.secret.new.labels` | Additional secret labels. | `{}` |
|
||||
| `prometheus.metrics.secret.new.basicAuthUsername` | Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string. | `""` |
|
||||
| `prometheus.metrics.secret.new.basicAuthPassword` | Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string. | `""` |
|
||||
| `prometheus.metrics.podMonitor.enabled` | Enable creation of a podMonitor. Excludes the existence of a serviceMonitor resource. | `false` |
|
||||
| `prometheus.metrics.podMonitor.annotations` | Additional podMonitor annotations. | `{}` |
|
||||
| `prometheus.metrics.podMonitor.enableHttp2` | Enable HTTP2. | `false` |
|
||||
| `prometheus.metrics.podMonitor.followRedirects` | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | `false` |
|
||||
| `prometheus.metrics.podMonitor.honorLabels` | Honor labels. | `false` |
|
||||
| `prometheus.metrics.podMonitor.labels` | Additional podMonitor labels. | `{}` |
|
||||
| `prometheus.metrics.podMonitor.interval` | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | `60s` |
|
||||
| `prometheus.metrics.podMonitor.path` | HTTP path of the Reposilite pod for scraping Prometheus metrics. | `/metrics` |
|
||||
| `prometheus.metrics.podMonitor.port` | HTTP port of the Reposilite pod for scraping Prometheus metrics. | `http` |
|
||||
| `prometheus.metrics.podMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | `[]` |
|
||||
| `prometheus.metrics.podMonitor.scrapeTimeout` | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | `30s` |
|
||||
| `prometheus.metrics.podMonitor.scheme` | HTTP scheme to use for scraping. For example `http` or `https`. | `http` |
|
||||
| `prometheus.metrics.podMonitor.tlsConfig` | TLS configuration to use when scraping the metric endpoint by Prometheus. | `{}` |
|
||||
| `prometheus.metrics.serviceMonitor.enabled` | Enable creation of a serviceMonitor. Excludes the existence of a podMonitor resource. | `false` |
|
||||
| `prometheus.metrics.serviceMonitor.annotations` | Additional serviceMonitor annotations. | `{}` |
|
||||
| `prometheus.metrics.serviceMonitor.labels` | Additional serviceMonitor labels. | `{}` |
|
||||
| `prometheus.metrics.serviceMonitor.enableHttp2` | Enable HTTP2. | `false` |
|
||||
| `prometheus.metrics.serviceMonitor.followRedirects` | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | `false` |
|
||||
| `prometheus.metrics.serviceMonitor.honorLabels` | Honor labels. | `false` |
|
||||
| `prometheus.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | `60s` |
|
||||
| `prometheus.metrics.serviceMonitor.path` | HTTP path for scraping Prometheus metrics. | `/metrics` |
|
||||
| `prometheus.metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | `[]` |
|
||||
| `prometheus.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | `30s` |
|
||||
| `prometheus.metrics.serviceMonitor.scheme` | HTTP scheme to use for scraping. For example `http` or `https`. | `http` |
|
||||
| `prometheus.metrics.serviceMonitor.tlsConfig` | TLS configuration to use when scraping the metric endpoint by Prometheus. | `{}` |
|
||||
|
||||
### Service
|
||||
|
||||
|
||||
@@ -64,5 +64,16 @@
|
||||
"patch"
|
||||
]
|
||||
}
|
||||
]
|
||||
],
|
||||
"postUpgradeTasks": {
|
||||
"commands": [
|
||||
"install-tool node",
|
||||
"make readme"
|
||||
],
|
||||
"fileFilters": [
|
||||
"README.md",
|
||||
"values.yaml"
|
||||
],
|
||||
"executionMode": "update"
|
||||
}
|
||||
}
|
||||
|
||||
@@ -27,8 +27,8 @@
|
||||
{{- end }}
|
||||
|
||||
{{- if or (eq (include "reposilite.podMonitor.enabled" $ ) "true") (eq (include "reposilite.serviceMonitor.enabled" $ ) "true") -}}
|
||||
{{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_USER" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" "username")))) }}
|
||||
{{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_PASSWORD" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" "password")))) }}
|
||||
{{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_USER" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" (include "reposilite.secrets.prometheusBasicAuth.usernameKey" $))))) }}
|
||||
{{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_PASSWORD" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" (include "reposilite.secrets.prometheusBasicAuth.passwordKey" $))))) }}
|
||||
{{- end }}
|
||||
|
||||
{{ toYaml (dict "env" $env) }}
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
|
||||
{{- define "reposilite.pod.annotations" -}}
|
||||
{{ include "reposilite.annotations" . }}
|
||||
{{- if .Values.prometheus.metrics.enabled -}}
|
||||
{{- if and .Values.prometheus.metrics.enabled (not .Values.prometheus.metrics.secret.existing.enabled) -}}
|
||||
{{- printf "checksum/secret-%s: %s" (include "reposilite.secrets.prometheusBasicAuth.name" $) (include (print $.Template.BasePath "/secretPrometheusBasicAuth.yaml") . | sha256sum) }}
|
||||
{{- end -}}
|
||||
{{- end }}
|
||||
|
||||
@@ -4,16 +4,50 @@
|
||||
|
||||
{{- define "reposilite.secrets.prometheusBasicAuth.annotations" -}}
|
||||
{{ include "reposilite.annotations" . }}
|
||||
{{- if .Values.prometheus.metrics.secret.new.annotations }}
|
||||
{{ toYaml .Values.prometheus.metrics.secret.new.annotations }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/* labels */}}
|
||||
|
||||
{{- define "reposilite.secrets.prometheusBasicAuth.labels" -}}
|
||||
{{ include "reposilite.labels" . }}
|
||||
{{- if .Values.prometheus.metrics.secret.new.labels }}
|
||||
{{ toYaml .Values.prometheus.metrics.secret.new.labels }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/* names */}}
|
||||
|
||||
{{- define "reposilite.secrets.prometheusBasicAuth.name" -}}
|
||||
{{ include "reposilite.fullname" . }}-basic-auth-credentials
|
||||
{{- end -}}
|
||||
{{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.secretName) 0) }}
|
||||
{{- print .Values.prometheus.metrics.secret.existing.secretName -}}
|
||||
{{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.secretName) 0) }}
|
||||
{{ fail "Name of the existing secret that contains the credentials for basic auth is not defined!" }}
|
||||
{{- else if not .Values.prometheus.metrics.secret.existing.enabled }}
|
||||
{{- printf "%s-basic-auth-credentials" (include "reposilite.fullname" $) -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/* secretKeyNames */}}
|
||||
|
||||
{{- define "reposilite.secrets.prometheusBasicAuth.passwordKey" -}}
|
||||
{{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey) 0) -}}
|
||||
{{- .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey -}}
|
||||
{{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey) 0) }}
|
||||
{{ fail "Name of the key in the secret that contains the password for basic auth is not defined!" }}
|
||||
{{- else if and (not .Values.prometheus.metrics.secret.existing.enabled) }}
|
||||
{{- print "password" -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- define "reposilite.secrets.prometheusBasicAuth.usernameKey" -}}
|
||||
{{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey) 0) -}}
|
||||
{{- .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey -}}
|
||||
{{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey) 0) }}
|
||||
{{ fail "Name of the key in the secret that contains the username for basic auth is not defined!" }}
|
||||
{{- else if and (not .Values.prometheus.metrics.secret.existing.enabled) }}
|
||||
{{- print "username" -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -17,10 +17,10 @@ spec:
|
||||
podMetricsEndpoints:
|
||||
- basicAuth:
|
||||
password:
|
||||
key: password
|
||||
key: {{ include "reposilite.secrets.prometheusBasicAuth.passwordKey" . }}
|
||||
name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }}
|
||||
username:
|
||||
key: username
|
||||
key: {{ include "reposilite.secrets.prometheusBasicAuth.usernameKey" . }}
|
||||
name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }}
|
||||
enableHttp2: {{ required "The enableHttp2 option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.enableHttp2 }}
|
||||
followRedirects: {{ required "The followRedirects option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.followRedirects }}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
{{- if .Values.prometheus.metrics.enabled }}
|
||||
{{- if and .Values.prometheus.metrics.enabled (not .Values.prometheus.metrics.secret.existing.enabled) }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
@@ -14,6 +14,6 @@ metadata:
|
||||
name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
stringData:
|
||||
password: {{ default (randAlphaNum 16) .Values.prometheus.metrics.basicAuthPassword }}
|
||||
username: {{ default (randAlphaNum 16) .Values.prometheus.metrics.basicAuthUsername }}
|
||||
password: {{ default (randAlphaNum 16) .Values.prometheus.metrics.secret.new.basicAuthPassword }}
|
||||
username: {{ default (randAlphaNum 16) .Values.prometheus.metrics.secret.new.basicAuthUsername }}
|
||||
{{- end }}
|
||||
|
||||
@@ -17,10 +17,10 @@ spec:
|
||||
endpoints:
|
||||
- basicAuth:
|
||||
password:
|
||||
key: password
|
||||
key: {{ include "reposilite.secrets.prometheusBasicAuth.passwordKey" . }}
|
||||
name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }}
|
||||
username:
|
||||
key: username
|
||||
key: {{ include "reposilite.secrets.prometheusBasicAuth.usernameKey" . }}
|
||||
name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }}
|
||||
enableHttp2: {{ required "The enableHttp2 option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.enableHttp2 }}
|
||||
followRedirects: {{ required "The followRedirects option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.followRedirects }}
|
||||
|
||||
@@ -35,3 +35,73 @@ tests:
|
||||
name: reposilite-unittest-basic-auth-credentials
|
||||
key: username
|
||||
template: templates/deployment.yaml
|
||||
|
||||
- it: Rendering default environment variables with enabled prometheus metrics serviceMonitor and external secret
|
||||
set:
|
||||
prometheus.metrics.enabled: true
|
||||
prometheus.metrics.secret.existing.enabled: true
|
||||
prometheus.metrics.secret.existing.basicAuthUsernameKey: my-username-key
|
||||
prometheus.metrics.secret.existing.basicAuthPasswordKey: my-password-key
|
||||
prometheus.metrics.secret.existing.secretName: my-secret
|
||||
prometheus.metrics.podMonitor.enabled: true
|
||||
asserts:
|
||||
- notExists:
|
||||
path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials
|
||||
template: templates/deployment.yaml
|
||||
- contains:
|
||||
path: spec.template.spec.containers[0].env
|
||||
content:
|
||||
name: REPOSILITE_PROMETHEUS_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: my-secret
|
||||
key: my-password-key
|
||||
template: templates/deployment.yaml
|
||||
- contains:
|
||||
path: spec.template.spec.containers[0].env
|
||||
content:
|
||||
name: REPOSILITE_PROMETHEUS_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: my-secret
|
||||
key: my-username-key
|
||||
template: templates/deployment.yaml
|
||||
|
||||
- it: Fail when existing secret name is undefined
|
||||
set:
|
||||
prometheus.metrics.enabled: true
|
||||
prometheus.metrics.secret.existing.enabled: true
|
||||
prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key"
|
||||
prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key"
|
||||
prometheus.metrics.secret.existing.secretName: ""
|
||||
prometheus.metrics.podMonitor.enabled: true
|
||||
asserts:
|
||||
- failedTemplate:
|
||||
errorMessage: "Name of the existing secret that contains the credentials for basic auth is not defined!"
|
||||
template: templates/deployment.yaml
|
||||
|
||||
- it: Fail when the name of the key in the secret that contains the username for basic auth is undefined
|
||||
set:
|
||||
prometheus.metrics.enabled: true
|
||||
prometheus.metrics.secret.existing.enabled: true
|
||||
prometheus.metrics.secret.existing.basicAuthUsernameKey: ""
|
||||
prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key"
|
||||
prometheus.metrics.secret.existing.secretName: "my-secret"
|
||||
prometheus.metrics.podMonitor.enabled: true
|
||||
asserts:
|
||||
- failedTemplate:
|
||||
errorMessage: "Name of the key in the secret that contains the username for basic auth is not defined!"
|
||||
template: templates/deployment.yaml
|
||||
|
||||
- it: Fail when the name of the key in the secret that contains the password for basic auth is undefined
|
||||
set:
|
||||
prometheus.metrics.enabled: true
|
||||
prometheus.metrics.secret.existing.enabled: true
|
||||
prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key"
|
||||
prometheus.metrics.secret.existing.basicAuthPasswordKey: ""
|
||||
prometheus.metrics.secret.existing.secretName: "my-secret"
|
||||
prometheus.metrics.podMonitor.enabled: true
|
||||
asserts:
|
||||
- failedTemplate:
|
||||
errorMessage: "Name of the key in the secret that contains the password for basic auth is not defined!"
|
||||
template: templates/deployment.yaml
|
||||
107
unittests/deployment/prometheusServiceMonitor.yaml
Normal file
107
unittests/deployment/prometheusServiceMonitor.yaml
Normal file
@@ -0,0 +1,107 @@
|
||||
chart:
|
||||
appVersion: 0.1.0
|
||||
version: 0.1.0
|
||||
suite: Add prometheus basic auth variables
|
||||
release:
|
||||
name: reposilite-unittest
|
||||
namespace: testing
|
||||
templates:
|
||||
- templates/deployment.yaml
|
||||
- templates/secretPrometheusBasicAuth.yaml
|
||||
tests:
|
||||
- it: Rendering default environment variables with enabled prometheus metrics serviceMonitor
|
||||
set:
|
||||
prometheus.metrics.enabled: true
|
||||
prometheus.metrics.serviceMonitor.enabled: true
|
||||
asserts:
|
||||
- exists:
|
||||
path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials
|
||||
template: templates/deployment.yaml
|
||||
- contains:
|
||||
path: spec.template.spec.containers[0].env
|
||||
content:
|
||||
name: REPOSILITE_PROMETHEUS_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: reposilite-unittest-basic-auth-credentials
|
||||
key: password
|
||||
template: templates/deployment.yaml
|
||||
- contains:
|
||||
path: spec.template.spec.containers[0].env
|
||||
content:
|
||||
name: REPOSILITE_PROMETHEUS_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: reposilite-unittest-basic-auth-credentials
|
||||
key: username
|
||||
template: templates/deployment.yaml
|
||||
|
||||
- it: Rendering default environment variables with enabled prometheus metrics serviceMonitor and external secret
|
||||
set:
|
||||
prometheus.metrics.enabled: true
|
||||
prometheus.metrics.secret.existing.enabled: true
|
||||
prometheus.metrics.secret.existing.basicAuthUsernameKey: my-username-key
|
||||
prometheus.metrics.secret.existing.basicAuthPasswordKey: my-password-key
|
||||
prometheus.metrics.secret.existing.secretName: my-secret
|
||||
prometheus.metrics.serviceMonitor.enabled: true
|
||||
asserts:
|
||||
- notExists:
|
||||
path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials
|
||||
template: templates/deployment.yaml
|
||||
- contains:
|
||||
path: spec.template.spec.containers[0].env
|
||||
content:
|
||||
name: REPOSILITE_PROMETHEUS_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: my-secret
|
||||
key: my-password-key
|
||||
template: templates/deployment.yaml
|
||||
- contains:
|
||||
path: spec.template.spec.containers[0].env
|
||||
content:
|
||||
name: REPOSILITE_PROMETHEUS_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: my-secret
|
||||
key: my-username-key
|
||||
template: templates/deployment.yaml
|
||||
|
||||
- it: Fail when existing secret name is undefined
|
||||
set:
|
||||
prometheus.metrics.enabled: true
|
||||
prometheus.metrics.secret.existing.enabled: true
|
||||
prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key"
|
||||
prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key"
|
||||
prometheus.metrics.secret.existing.secretName: ""
|
||||
prometheus.metrics.serviceMonitor.enabled: true
|
||||
asserts:
|
||||
- failedTemplate:
|
||||
errorMessage: "Name of the existing secret that contains the credentials for basic auth is not defined!"
|
||||
template: templates/deployment.yaml
|
||||
|
||||
- it: Fail when the name of the key in the secret that contains the username for basic auth is undefined
|
||||
set:
|
||||
prometheus.metrics.enabled: true
|
||||
prometheus.metrics.secret.existing.enabled: true
|
||||
prometheus.metrics.secret.existing.basicAuthUsernameKey: ""
|
||||
prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key"
|
||||
prometheus.metrics.secret.existing.secretName: "my-secret"
|
||||
prometheus.metrics.serviceMonitor.enabled: true
|
||||
asserts:
|
||||
- failedTemplate:
|
||||
errorMessage: "Name of the key in the secret that contains the username for basic auth is not defined!"
|
||||
template: templates/deployment.yaml
|
||||
|
||||
- it: Fail when the name of the key in the secret that contains the password for basic auth is undefined
|
||||
set:
|
||||
prometheus.metrics.enabled: true
|
||||
prometheus.metrics.secret.existing.enabled: true
|
||||
prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key"
|
||||
prometheus.metrics.secret.existing.basicAuthPasswordKey: ""
|
||||
prometheus.metrics.secret.existing.secretName: "my-secret"
|
||||
prometheus.metrics.serviceMonitor.enabled: true
|
||||
asserts:
|
||||
- failedTemplate:
|
||||
errorMessage: "Name of the key in the secret that contains the password for basic auth is not defined!"
|
||||
template: templates/deployment.yaml
|
||||
78
unittests/secrets/basicAuth.yaml
Normal file
78
unittests/secrets/basicAuth.yaml
Normal file
@@ -0,0 +1,78 @@
|
||||
chart:
|
||||
appVersion: 0.1.0
|
||||
version: 0.1.0
|
||||
suite: Secret reposilite template
|
||||
release:
|
||||
name: reposilite-unittest
|
||||
namespace: testing
|
||||
templates:
|
||||
- templates/secretPrometheusBasicAuth.yaml
|
||||
tests:
|
||||
- it: Skip rendering
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
|
||||
- it: Rendering secret with default values.
|
||||
set:
|
||||
prometheus.metrics.enabled: true
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- containsDocument:
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
name: reposilite-unittest-basic-auth-credentials
|
||||
namespace: testing
|
||||
- notExists:
|
||||
path: metadata.annotations
|
||||
- equal:
|
||||
path: metadata.labels
|
||||
value:
|
||||
app.kubernetes.io/instance: reposilite-unittest
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: reposilite
|
||||
app.kubernetes.io/version: 0.1.0
|
||||
helm.sh/chart: reposilite-0.1.0
|
||||
- exists:
|
||||
path: stringData.password
|
||||
- exists:
|
||||
path: stringData.username
|
||||
|
||||
- it: Rendering secret with custom values.
|
||||
set:
|
||||
prometheus.metrics.enabled: true
|
||||
prometheus.metrics.secret.new.basicAuthPassword: foo
|
||||
prometheus.metrics.secret.new.basicAuthUsername: bar
|
||||
prometheus.metrics.secret.new.annotations:
|
||||
foo: bar
|
||||
prometheus.metrics.secret.new.labels:
|
||||
bar: foo
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- exists:
|
||||
path: metadata.annotations
|
||||
value:
|
||||
foo: bar
|
||||
- exists:
|
||||
path: metadata.labels
|
||||
value:
|
||||
bar: foo
|
||||
- equal:
|
||||
path: metadata.name
|
||||
value: reposilite-unittest-basic-auth-credentials
|
||||
- equal:
|
||||
path: stringData.password
|
||||
value: foo
|
||||
- equal:
|
||||
path: stringData.username
|
||||
value: bar
|
||||
|
||||
- it: Skip rendering if existing secret is used
|
||||
set:
|
||||
prometheus.metrics.enabled: true
|
||||
prometheus.metrics.secret.existing.enabled: true
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
@@ -129,6 +129,10 @@ tests:
|
||||
- it: Change defaults
|
||||
set:
|
||||
prometheus.metrics.enabled: true
|
||||
prometheus.metrics.secret.existing.enabled: true
|
||||
prometheus.metrics.secret.existing.secretName: "my-secret"
|
||||
prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key"
|
||||
prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key"
|
||||
prometheus.metrics.serviceMonitor.enabled: true
|
||||
prometheus.metrics.serviceMonitor.enableHttp2: false
|
||||
prometheus.metrics.serviceMonitor.followRedirects: true
|
||||
@@ -147,6 +151,15 @@ tests:
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isSubset:
|
||||
path: spec.endpoints[0].basicAuth
|
||||
content:
|
||||
password:
|
||||
key: my-password-key
|
||||
name: my-secret
|
||||
username:
|
||||
key: my-username-key
|
||||
name: my-secret
|
||||
- equal:
|
||||
path: spec.endpoints[0].enableHttp2
|
||||
value: false
|
||||
|
||||
29
values.yaml
29
values.yaml
@@ -175,7 +175,7 @@ deployment:
|
||||
image:
|
||||
registry: docker.io
|
||||
repository: curlimages/curl
|
||||
tag: "8.15.0"
|
||||
tag: "8.16.0"
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
## @param deployment.priorityClassName PriorityClassName of the Reposilite deployment.
|
||||
@@ -396,13 +396,30 @@ persistentVolumeClaim:
|
||||
|
||||
## @section Prometheus
|
||||
prometheus:
|
||||
## @param prometheus.metrics.enabled Enable of scraping metrics by Prometheus.
|
||||
## @param prometheus.metrics.basicAuthUsername Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string.
|
||||
## @param prometheus.metrics.basicAuthPassword Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string.
|
||||
metrics:
|
||||
## @param prometheus.metrics.enabled Enable of scraping metrics by Prometheus.
|
||||
enabled: false
|
||||
basicAuthUsername: ""
|
||||
basicAuthPassword: ""
|
||||
|
||||
secret:
|
||||
## @param prometheus.metrics.secret.existing.enabled Use an existing secret containing the basic auth credentials.
|
||||
## @param prometheus.metrics.secret.existing.secretName Name of the secret containing the basic auth credentials.
|
||||
## @param prometheus.metrics.secret.existing.basicAuthUsernameKey Name of the key in the secret that contains the username for basic auth.
|
||||
## @param prometheus.metrics.secret.existing.basicAuthPasswordKey Name of the key in the secret that contains the password for basic auth.
|
||||
existing:
|
||||
enabled: false
|
||||
secretName: ""
|
||||
basicAuthUsernameKey: ""
|
||||
basicAuthPasswordKey: ""
|
||||
|
||||
## @param prometheus.metrics.secret.new.annotations Additional secret annotations.
|
||||
## @param prometheus.metrics.secret.new.labels Additional secret labels.
|
||||
## @param prometheus.metrics.secret.new.basicAuthUsername Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string.
|
||||
## @param prometheus.metrics.secret.new.basicAuthPassword Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string.
|
||||
new:
|
||||
annotations: {}
|
||||
labels: {}
|
||||
basicAuthUsername: ""
|
||||
basicAuthPassword: ""
|
||||
|
||||
## @param prometheus.metrics.podMonitor.enabled Enable creation of a podMonitor. Excludes the existence of a serviceMonitor resource.
|
||||
## @param prometheus.metrics.podMonitor.annotations Additional podMonitor annotations.
|
||||
|
||||
Reference in New Issue
Block a user