38 Commits

Author SHA1 Message Date
d2c329e1be docs(README): adapt jq expression to ignore reloader annotation
All checks were successful
Generate README / generate-parameters (push) Successful in 29s
Helm / helm-lint (push) Successful in 16s
Helm / helm-unittest (push) Successful in 15s
Markdown linter / markdown-link-checker (push) Successful in 31s
Markdown linter / markdown-lint (push) Successful in 29s
2025-10-21 22:32:23 +02:00
db5e38cef1 docs(README): adapt description of RespectIgnoreDifferences
All checks were successful
Generate README / generate-parameters (push) Successful in 29s
Helm / helm-lint (push) Successful in 16s
Helm / helm-unittest (push) Successful in 17s
Markdown linter / markdown-link-checker (push) Successful in 31s
Markdown linter / markdown-lint (push) Successful in 29s
2025-10-21 22:28:23 +02:00
1fe7bc604e docs(README): adjust highlighted text
All checks were successful
Generate README / generate-parameters (push) Successful in 29s
Helm / helm-lint (push) Successful in 16s
Helm / helm-unittest (push) Successful in 16s
Markdown linter / markdown-link-checker (push) Successful in 31s
Markdown linter / markdown-lint (push) Successful in 27s
2025-10-21 22:26:15 +02:00
fa43188e03 docs(README): add tip how to ignore stakater's reloader annotations
All checks were successful
Generate README / generate-parameters (push) Successful in 29s
Helm / helm-lint (push) Successful in 16s
Helm / helm-unittest (push) Successful in 15s
Markdown linter / markdown-link-checker (push) Successful in 32s
Markdown linter / markdown-lint (push) Successful in 29s
2025-10-21 22:22:26 +02:00
99ed88068a docs(README): add further jqPathExpressions if stakaters reloader is configured
All checks were successful
Generate README / generate-parameters (push) Successful in 29s
Helm / helm-lint (push) Successful in 16s
Helm / helm-unittest (push) Successful in 16s
Markdown linter / markdown-link-checker (push) Successful in 32s
Markdown linter / markdown-lint (push) Successful in 27s
2025-10-19 19:08:18 +02:00
95fd713da6 fix(renovate): update packageRule for helm-unittest/helm-unittest
All checks were successful
Helm / helm-unittest (push) Successful in 1m58s
Helm / helm-lint (push) Successful in 2m3s
2025-10-16 22:01:54 +02:00
671a635627 fix(renovate): update packageRule for helm-unittest/helm-unittest
All checks were successful
Helm / helm-unittest (push) Successful in 7s
Helm / helm-lint (push) Successful in 14s
2025-10-16 21:39:56 +02:00
13fbb0ecc0 fix(vscode): add values.schema.json for helm unittest
All checks were successful
Helm / helm-lint (push) Successful in 14s
Helm / helm-unittest (push) Successful in 15s
2025-10-16 21:11:51 +02:00
8835a8cde1 Merge pull request 'chore(deps): update dependency markdown-link-check to v3.14.1' (#34) from renovate/markdown-link-check-3.x-lockfile into master
All checks were successful
Helm / helm-lint (push) Successful in 14s
Helm / helm-unittest (push) Successful in 15s
2025-10-11 19:15:37 +00:00
7d479fe629 chore(deps): update dependency markdown-link-check to v3.14.1
All checks were successful
Helm / helm-lint (push) Successful in 7s
Helm / helm-lint (pull_request) Successful in 11s
Helm / helm-unittest (push) Successful in 21s
Helm / helm-unittest (pull_request) Successful in 6s
2025-10-11 19:15:03 +00:00
edacc04893 docs(README): ArgoCD configuration note on checksum annotations
All checks were successful
Helm / helm-lint (push) Successful in 7s
Helm / helm-unittest (push) Successful in 6s
Markdown linter / markdown-link-checker (push) Successful in 18s
Generate README / generate-parameters (push) Successful in 41s
Markdown linter / markdown-lint (push) Successful in 9s
2025-10-11 14:04:18 +02:00
3c64ebfef4 Merge pull request 'chore(deps): update dependency markdown-link-check to v3.14.0' (#33) from renovate/markdown-link-check-3.x-lockfile into master
All checks were successful
Helm / helm-unittest (push) Successful in 6s
Helm / helm-lint (push) Successful in 14s
2025-10-10 19:17:38 +00:00
15d2c31512 chore(deps): update dependency markdown-link-check to v3.14.0
All checks were successful
Helm / helm-unittest (push) Successful in 6s
Helm / helm-lint (pull_request) Successful in 6s
Helm / helm-lint (push) Successful in 14s
Helm / helm-unittest (pull_request) Successful in 16s
2025-10-10 19:16:57 +00:00
93ef09b878 Merge pull request 'chore(deps): update docker.io/library/node docker tag to v24.10.0' (#32) from renovate/update-docker.iolibrarynode into master
All checks were successful
Helm / helm-lint (push) Successful in 39s
Helm / helm-unittest (push) Successful in 8s
2025-10-09 16:19:16 +00:00
b5368314d6 chore(deps): update docker.io/library/node docker tag to v24.10.0
All checks were successful
Helm / helm-lint (push) Successful in 8s
Helm / helm-unittest (push) Successful in 19s
Helm / helm-lint (pull_request) Successful in 9s
Helm / helm-unittest (pull_request) Successful in 16s
2025-10-09 16:18:25 +00:00
60643bdaf4 fix(renovate): group docker.io/volkerraschek/helm
All checks were successful
Helm / helm-unittest (push) Successful in 6s
Helm / helm-lint (push) Successful in 14s
2025-09-30 17:40:04 +02:00
e3880f5f00 fix(renovate): group node packages
All checks were successful
Helm / helm-unittest (push) Successful in 5s
Helm / helm-lint (push) Successful in 14s
2025-09-30 17:31:36 +02:00
a20f370eaf Merge pull request 'chore(deps): update dependency volker.raschek/reposilite-charts to v0.3.0' (#31) from renovate/volker.raschek-reposilite-charts-0.x into master
All checks were successful
Generate README / generate-parameters (push) Successful in 9s
Helm / helm-lint (push) Successful in 6s
Helm / helm-unittest (push) Successful in 6s
Markdown linter / markdown-lint (push) Successful in 9s
Markdown linter / markdown-link-checker (push) Successful in 33s
2025-09-29 22:15:27 +00:00
d6de6ce37a chore(deps): update dependency volker.raschek/reposilite-charts to v0.3.0
All checks were successful
Helm / helm-lint (push) Successful in 7s
Helm / helm-unittest (push) Successful in 6s
Markdown linter / markdown-link-checker (push) Successful in 10s
Generate README / generate-parameters (push) Successful in 28s
Markdown linter / markdown-lint (push) Successful in 13s
Helm / helm-lint (pull_request) Successful in 6s
Helm / helm-unittest (pull_request) Successful in 6s
Generate README / generate-parameters (pull_request) Successful in 31s
Markdown linter / markdown-link-checker (pull_request) Successful in 11s
Markdown linter / markdown-lint (pull_request) Successful in 27s
2025-09-29 22:14:24 +00:00
334a8b877b feat(secret): support annotations and labels for the basic auth secret
All checks were successful
Helm / helm-lint (push) Successful in 6s
Helm / helm-unittest (push) Successful in 6s
Generate README / generate-parameters (push) Successful in 28s
Markdown linter / markdown-link-checker (push) Successful in 18s
Release / publish-chart (push) Successful in 8s
Markdown linter / markdown-lint (push) Successful in 28s
2025-09-29 22:54:44 +02:00
ba1fd42cfc Merge pull request 'chore(deps): update docker.io/library/node docker tag to v24.9.0' (#30) from renovate/container-images into master
All checks were successful
Helm / helm-lint (push) Successful in 6s
Helm / helm-unittest (push) Successful in 14s
2025-09-26 19:19:09 +00:00
70faa1ff8f Merge pull request 'chore(deps): update docker.io/library/node docker tag to v24.9.0' (#29) from renovate/actions into master
All checks were successful
Helm / helm-lint (push) Successful in 6s
Helm / helm-unittest (push) Successful in 6s
2025-09-26 19:18:43 +00:00
d7d5bc4dae chore(deps): update docker.io/library/node docker tag to v24.9.0
All checks were successful
Helm / helm-unittest (push) Successful in 6s
Helm / helm-lint (push) Successful in 14s
Helm / helm-lint (pull_request) Successful in 6s
Helm / helm-unittest (pull_request) Successful in 15s
2025-09-26 19:18:31 +00:00
a3f1ab1850 chore(deps): update docker.io/library/node docker tag to v24.9.0
All checks were successful
Helm / helm-unittest (push) Successful in 5s
Helm / helm-lint (pull_request) Successful in 7s
Helm / helm-lint (push) Successful in 16s
Helm / helm-unittest (pull_request) Successful in 6s
2025-09-26 19:18:12 +00:00
c4919a6bfc Merge pull request 'chore(deps): update dzikoysk/reposilite docker tag to v3.5.26' (#28) from renovate/container-images into master
All checks were successful
Helm / helm-lint (push) Successful in 6s
Helm / helm-unittest (push) Successful in 6s
2025-09-21 22:17:13 +00:00
6ca6f583d3 chore(deps): update dzikoysk/reposilite docker tag to v3.5.26
All checks were successful
Helm / helm-lint (push) Successful in 6s
Helm / helm-unittest (push) Successful in 6s
Helm / helm-lint (pull_request) Successful in 6s
Helm / helm-unittest (pull_request) Successful in 6s
2025-09-21 22:16:38 +00:00
0d10fb2cdc Merge pull request 'chore(deps): update volkerraschek/helm docker tag to v3.19.0' (#27) from renovate/container-images into master
All checks were successful
Helm / helm-lint (push) Successful in 6s
Helm / helm-unittest (push) Successful in 15s
2025-09-21 13:17:51 +00:00
a373c49e2a Merge pull request 'chore(deps): update docker.io/volkerraschek/helm docker tag to v3.19.0' (#26) from renovate/actions into master
Some checks failed
Helm / helm-lint (push) Successful in 5s
Helm / helm-unittest (push) Has been cancelled
2025-09-21 13:17:38 +00:00
633d4f1bfd chore(deps): update volkerraschek/helm docker tag to v3.19.0
All checks were successful
Helm / helm-lint (push) Successful in 6s
Helm / helm-unittest (push) Successful in 7s
Helm / helm-unittest (pull_request) Successful in 6s
Helm / helm-lint (pull_request) Successful in 15s
2025-09-21 13:17:13 +00:00
cc201633de chore(deps): update docker.io/volkerraschek/helm docker tag to v3.19.0
All checks were successful
Helm / helm-lint (push) Successful in 14s
Helm / helm-lint (pull_request) Successful in 6s
Helm / helm-unittest (pull_request) Successful in 16s
Helm / helm-unittest (push) Successful in 6s
2025-09-21 13:16:57 +00:00
64c20379a2 Merge pull request 'chore(deps): update volkerraschek/helm docker tag to v3.18.5' (#25) from renovate/container-images into master
All checks were successful
Helm / helm-unittest (push) Successful in 7s
Helm / helm-lint (push) Successful in 14s
2025-09-20 19:13:01 +00:00
98ec01a217 chore(deps): update volkerraschek/helm docker tag to v3.18.5
All checks were successful
Helm / helm-lint (pull_request) Successful in 7s
Helm / helm-unittest (pull_request) Successful in 15s
Helm / helm-unittest (push) Successful in 8s
Helm / helm-lint (push) Successful in 15s
2025-09-20 16:15:29 +00:00
796c257d0a fix(renovate): update REAMDE
All checks were successful
Helm / helm-lint (push) Successful in 7s
Helm / helm-unittest (push) Successful in 18s
2025-09-20 18:05:14 +02:00
387547e813 Merge pull request 'chore(deps): update docker.io/curlimages/curl docker tag to v8.16.0' (#17) from renovate/container-images into master
Some checks failed
Generate README / generate-parameters (push) Failing after 10s
Helm / helm-lint (push) Successful in 6s
Helm / helm-unittest (push) Successful in 15s
2025-09-20 14:50:48 +00:00
e16a1ff2ed Merge pull request 'chore(deps): update dependency volker.raschek/reposilite-charts to v0.2.0' (#16) from renovate/volker.raschek-reposilite-charts-0.x into master
Some checks failed
Generate README / generate-parameters (push) Successful in 9s
Helm / helm-unittest (push) Successful in 7s
Helm / helm-lint (push) Has been cancelled
Markdown linter / markdown-link-checker (push) Successful in 12s
Markdown linter / markdown-lint (push) Successful in 9s
2025-09-20 14:49:41 +00:00
c8d8efeae3 chore(deps): update docker.io/curlimages/curl docker tag to v8.16.0
Some checks failed
Generate README / generate-parameters (push) Failing after 10s
Helm / helm-unittest (push) Successful in 6s
Helm / helm-lint (push) Successful in 16s
Generate README / generate-parameters (pull_request) Failing after 9s
Helm / helm-unittest (pull_request) Successful in 6s
Helm / helm-lint (pull_request) Successful in 15s
2025-09-20 14:47:13 +00:00
2a7d111525 chore(deps): update dependency volker.raschek/reposilite-charts to v0.2.0
All checks were successful
Generate README / generate-parameters (push) Successful in 11s
Helm / helm-lint (push) Successful in 16s
Helm / helm-unittest (push) Successful in 6s
Markdown linter / markdown-link-checker (push) Successful in 33s
Markdown linter / markdown-lint (push) Successful in 28s
Generate README / generate-parameters (pull_request) Successful in 31s
Helm / helm-lint (pull_request) Successful in 15s
Helm / helm-unittest (pull_request) Successful in 18s
Markdown linter / markdown-lint (pull_request) Successful in 10s
Markdown linter / markdown-link-checker (pull_request) Successful in 31s
2025-09-20 14:47:01 +00:00
64de0eb8ea docs(README): update parameters
All checks were successful
Generate README / generate-parameters (push) Successful in 11s
Helm / helm-lint (push) Successful in 14s
Helm / helm-unittest (push) Successful in 6s
Markdown linter / markdown-lint (push) Successful in 9s
Markdown linter / markdown-link-checker (push) Successful in 31s
2025-09-20 16:23:06 +02:00
21 changed files with 551 additions and 79 deletions

View File

@@ -15,7 +15,7 @@ on:
jobs: jobs:
generate-parameters: generate-parameters:
container: container:
image: docker.io/library/node:24.8.0-alpine image: docker.io/library/node:24.10.0-alpine
runs-on: runs-on:
- ubuntu-latest - ubuntu-latest
steps: steps:

View File

@@ -13,7 +13,7 @@ on:
jobs: jobs:
helm-lint: helm-lint:
container: container:
image: docker.io/volkerraschek/helm:3.18.5 image: docker.io/volkerraschek/helm:3.19.0
runs-on: runs-on:
- ubuntu-latest - ubuntu-latest
steps: steps:
@@ -28,7 +28,7 @@ jobs:
helm-unittest: helm-unittest:
container: container:
image: docker.io/volkerraschek/helm:3.18.5 image: docker.io/volkerraschek/helm:3.19.0
runs-on: runs-on:
- ubuntu-latest - ubuntu-latest
steps: steps:

View File

@@ -15,7 +15,7 @@ on:
jobs: jobs:
markdown-link-checker: markdown-link-checker:
container: container:
image: docker.io/library/node:24.8.0-alpine image: docker.io/library/node:24.10.0-alpine
runs-on: runs-on:
- ubuntu-latest - ubuntu-latest
steps: steps:
@@ -31,7 +31,7 @@ jobs:
markdown-lint: markdown-lint:
container: container:
image: docker.io/library/node:24.8.0-alpine image: docker.io/library/node:24.10.0-alpine
runs-on: runs-on:
- ubuntu-latest - ubuntu-latest
steps: steps:

View File

@@ -8,7 +8,7 @@ on:
jobs: jobs:
publish-chart: publish-chart:
container: container:
image: docker.io/volkerraschek/helm:3.18.5 image: docker.io/volkerraschek/helm:3.19.0
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Install packages via apk - name: Install packages via apk

8
.vscode/settings.json vendored Normal file
View File

@@ -0,0 +1,8 @@
{
"yaml.schemas": {
"https://raw.githubusercontent.com/helm-unittest/helm-unittest/v1.0.2/schema/helm-testsuite.json": [
"/unittests/**/*.yaml"
]
},
"yaml.schemaStore.enable": true
}

View File

@@ -5,7 +5,7 @@ annotations:
- name: support - name: support
url: https://git.cryptic.systems/volker.raschek/reposilite-charts/issues url: https://git.cryptic.systems/volker.raschek/reposilite-charts/issues
apiVersion: v2 apiVersion: v2
appVersion: "3.5.25" appVersion: "3.5.26"
description: | description: |
Lightweight and easy-to-use repository management software Lightweight and easy-to-use repository management software
dedicated for the Maven based artifacts in the JVM ecosystem dedicated for the Maven based artifacts in the JVM ecosystem

View File

@@ -4,13 +4,13 @@ CONTAINER_RUNTIME?=$(shell which podman)
# HELM_IMAGE # HELM_IMAGE
HELM_IMAGE_REGISTRY_HOST?=docker.io HELM_IMAGE_REGISTRY_HOST?=docker.io
HELM_IMAGE_REPOSITORY?=volkerraschek/helm HELM_IMAGE_REPOSITORY?=volkerraschek/helm
HELM_IMAGE_VERSION?=3.18.2 # renovate: datasource=docker registryUrl=https://registry-nexus.orbis.dedalus.com depName=volkerraschek/helm HELM_IMAGE_VERSION?=3.19.0 # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/volkerraschek/helm
HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION} HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION}
# NODE_IMAGE # NODE_IMAGE
NODE_IMAGE_REGISTRY_HOST?=docker.io NODE_IMAGE_REGISTRY_HOST?=docker.io
NODE_IMAGE_REPOSITORY?=library/node NODE_IMAGE_REPOSITORY?=library/node
NODE_IMAGE_VERSION?=24.8.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node NODE_IMAGE_VERSION?=24.10.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node
NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION} NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION}
# MISSING DOT # MISSING DOT
@@ -18,6 +18,19 @@ NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:
missing-dot: missing-dot:
grep --perl-regexp '## @(param|skip).*[^.]$$' values.yaml grep --perl-regexp '## @(param|skip).*[^.]$$' values.yaml
# README
# ==============================================================================
readme: readme/link readme/lint readme/parameters
readme/link:
npm install && npm run readme:link
readme/lint:
npm install && npm run readme:lint
readme/parameters:
npm install && npm run readme:parameters
# CONTAINER RUN - README # CONTAINER RUN - README
# ============================================================================== # ==============================================================================
PHONY+=container-run/readme PHONY+=container-run/readme
@@ -88,4 +101,4 @@ container-run/helm-lint:
# ============================================================================== # ==============================================================================
# Declare the contents of the PHONY variable as phony. We keep that information # Declare the contents of the PHONY variable as phony. We keep that information
# in a variable so we can use it in if_changed. # in a variable so we can use it in if_changed.
.PHONY: ${PHONY} .PHONY: ${PHONY}

149
README.md
View File

@@ -16,7 +16,10 @@ Chapter [configuration and installation](#helm-configuration-and-installation) d
and use it to deploy the exporter. It also contains further configuration examples. and use it to deploy the exporter. It also contains further configuration examples.
Furthermore, this helm chart contains unit tests to detect regressions and stabilize the deployment. Additionally, this Furthermore, this helm chart contains unit tests to detect regressions and stabilize the deployment. Additionally, this
helm chart is tested for deployment scenarios with **ArgoCD**. helm chart is tested for deployment scenarios with **ArgoCD**, but please keep in mind, that this chart supports the
*[Automatically Roll Deployment](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments)*
concept of Helm, which can trigger unexpected rolling releases. Further configuration instructions are described in a
separate [chapter](#argocd).
## Helm: configuration and installation ## Helm: configuration and installation
@@ -37,7 +40,7 @@ version of the chart must be in sync with the `values.yaml`. Newer *minor* versi
versions can break something! versions can break something!
```bash ```bash
CHART_VERSION=0.1.3 CHART_VERSION=0.3.0
helm show values volker.raschek/reposilite --version "${CHART_VERSION}" > values.yaml helm show values volker.raschek/reposilite --version "${CHART_VERSION}" > values.yaml
``` ```
@@ -51,7 +54,7 @@ The helm chart also contains a persistent volume claim definition. It persistent
Use the `--set` argument to persist your data. Use the `--set` argument to persist your data.
```bash ```bash
CHART_VERSION=0.1.3 CHART_VERSION=0.3.0
helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \
persistentVolumeClaim.enabled=true persistentVolumeClaim.enabled=true
``` ```
@@ -72,7 +75,7 @@ connection problems.
> error. > error.
```bash ```bash
CHART_VERSION=0.1.3 CHART_VERSION=0.3.0
helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \
--set 'deployment.reposilite.env[1].name=REPOSILITE_LOCAL_SSLENABLED' \ --set 'deployment.reposilite.env[1].name=REPOSILITE_LOCAL_SSLENABLED' \
--set 'deployment.reposilite.env[1].value="true"' \ --set 'deployment.reposilite.env[1].value="true"' \
@@ -187,13 +190,73 @@ be set the credentials manually.
The following example enable Prometheus metrics with custom basic auth credentials: The following example enable Prometheus metrics with custom basic auth credentials:
```bash ```bash
CHART_VERSION=0.1.3 CHART_VERSION=0.3.0
helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \
--set 'prometheus.metrics.enabled=true' \ --set 'prometheus.metrics.enabled=true' \
--set 'prometheus.metrics.basicAuthUsername=my-username' \ --set 'prometheus.metrics.basicAuthUsername=my-username' \
--set 'prometheus.metrics.basicAuthUsername=my-password' --set 'prometheus.metrics.basicAuthUsername=my-password'
``` ```
## ArgoCD
### Daily execution of rolling updates
The behavior whereby ArgoCD triggers a rolling update even though nothing appears to have changed often occurs in
connection with the helm concept `checksum/secret`, `checksum/configmap` or more generally, [Automatically Roll
Deployments](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments). Please ensure, that no
third party application modifies the config maps or secret afterwards.
The problem with combining this concept with ArgoCD is that ArgoCD re-renders the Helm chart every time. Even if the
content of the config map or secret has not changed, there may be minimal differences (e.g., whitespace, chart version,
Helm render order, different timestamps).
This changes the SHA256 hash, Argo sees a drift and trigger a rolling update of the deployment. Among other things, this
can lead to unnecessary notifications from ArgoCD.
To avoid this, the annotation with the shasum can be ignored. However, this negates the mechanism of [Automatically Roll
Deployments](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments).
Below is a diff that adds the `Application` to ignore all annotations with the prefix `checksum`.
> [!WARNING]
> Configurations of `ignoreDifferences` always refer to the determination of a drift and whether a possible sync is
> necessary. If the selected attributes should also be ignored in deployment afterwards, define
> `RespectIgnoreDifferences=true` in your `Application` resource. Further information can be found in the ArgoCD
> [documentation](https://argo-cd.readthedocs.io/en/latest/user-guide/sync-options/#respect-ignore-differences-configs).
```diff
apiVersion: argoproj.io/v1alpha1
kind: Application
spec:
+ ignoreDifferences:
+ - group: apps
+ kind: Deployment
+ jqPathExpressions:
+ - '.spec.template.metadata.annotations | with_entries(select(.key | startswith("checksum")))'
```
The definition of ignoreDifferences ensures that annotations with the prefix checksum are ignored during a diff.
> [!TIP]
> If the [reloader](https://github.com/stakater/Reloader) is configured as described in section [TLS certificate
> rotation](#tls-certificate-rotation), ensure that the shasum defined as annotation or environment variable is also
> ignored. The [reloader](https://github.com/stakater/Reloader) will modify the deployment based on his configuration
> and append additional annotations or environment variables containing the shasum. Below are some examples how to adapt
> the `ignoreDifferences` configuration to ignore only the annotations and environment variables of stakater's
> [reloader](https://github.com/stakater/Reloader).
```diff
apiVersion: argoproj.io/v1alpha1
kind: Application
spec:
ignoreDifferences:
- group: apps
kind: Deployment
jqPathExpressions:
+ - '.spec.template.metadata.annotations | with_entries(select(.key | startswith("reloader")))'
+ - '.spec.template.spec.containers[].env[] | select(.name | startswith("STAKATER_"))'
```
## Parameters ## Parameters
### Global ### Global
@@ -205,10 +268,10 @@ helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \
### Config ### Config
| Name | Description | Value | | Name | Description | Value |
| ----------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------- | | ----------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `config.plugins.prometheus.enabled` | Download the Prometheus plugin via an additional init container. The Prometheus plugin will automatically enabled, when Prometheus is enabled. | `false` | | `config.plugins.prometheus.enabled` | Download the Prometheus plugin via an additional init container. The Prometheus plugin will automatically enabled, when Prometheus is enabled. | `false` |
| `config.plugins.prometheus.url` | URL to download the plugin. | `https://maven.reposilite.com/releases/com/reposilite/plugin/prometheus-plugin/3.5.25/prometheus-plugin-3.5.25-all.jar` | | `config.plugins.prometheus.url` | URL to download the plugin. | `https://maven.reposilite.com/releases/com/reposilite/plugin/prometheus-plugin/{{ .Chart.AppVersion }}/prometheus-plugin-{{ .Chart.AppVersion }}-all.jar` |
### Deployment ### Deployment
@@ -240,7 +303,7 @@ helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \
| `deployment.pluginContainer.args` | Arguments passed to the plugin container. | `["--location","--fail","--max-time","60"]` | | `deployment.pluginContainer.args` | Arguments passed to the plugin container. | `["--location","--fail","--max-time","60"]` |
| `deployment.pluginContainer.image.registry` | Image registry, eg. `docker.io`. | `docker.io` | | `deployment.pluginContainer.image.registry` | Image registry, eg. `docker.io`. | `docker.io` |
| `deployment.pluginContainer.image.repository` | Image repository, eg. `curlimages/curl`. | `curlimages/curl` | | `deployment.pluginContainer.image.repository` | Image repository, eg. `curlimages/curl`. | `curlimages/curl` |
| `deployment.pluginContainer.image.tag` | Custom image tag, eg. `0.1.0`. | `8.15.0` | | `deployment.pluginContainer.image.tag` | Custom image tag, eg. `0.1.0`. | `8.16.0` |
| `deployment.pluginContainer.image.pullPolicy` | Image pull policy. | `IfNotPresent` | | `deployment.pluginContainer.image.pullPolicy` | Image pull policy. | `IfNotPresent` |
| `deployment.priorityClassName` | PriorityClassName of the Reposilite deployment. | `""` | | `deployment.priorityClassName` | PriorityClassName of the Reposilite deployment. | `""` |
| `deployment.replicas` | Number of replicas for the Reposilite deployment. | `1` | | `deployment.replicas` | Number of replicas for the Reposilite deployment. | `1` |
@@ -304,36 +367,42 @@ helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \
### Prometheus ### Prometheus
| Name | Description | Value | | Name | Description | Value |
| --------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- | ---------- | | --------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- | ---------- |
| `prometheus.metrics.enabled` | Enable of scraping metrics by Prometheus. | `false` | | `prometheus.metrics.enabled` | Enable of scraping metrics by Prometheus. | `false` |
| `prometheus.metrics.basicAuthUsername` | Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string. | `""` | | `prometheus.metrics.secret.existing.enabled` | Use an existing secret containing the basic auth credentials. | `false` |
| `prometheus.metrics.basicAuthPassword` | Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string. | `""` | | `prometheus.metrics.secret.existing.secretName` | Name of the secret containing the basic auth credentials. | `""` |
| `prometheus.metrics.podMonitor.enabled` | Enable creation of a podMonitor. Excludes the existence of a serviceMonitor resource. | `false` | | `prometheus.metrics.secret.existing.basicAuthUsernameKey` | Name of the key in the secret that contains the username for basic auth. | `""` |
| `prometheus.metrics.podMonitor.annotations` | Additional podMonitor annotations. | `{}` | | `prometheus.metrics.secret.existing.basicAuthPasswordKey` | Name of the key in the secret that contains the password for basic auth. | `""` |
| `prometheus.metrics.podMonitor.enableHttp2` | Enable HTTP2. | `false` | | `prometheus.metrics.secret.new.annotations` | Additional secret annotations. | `{}` |
| `prometheus.metrics.podMonitor.followRedirects` | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | `false` | | `prometheus.metrics.secret.new.labels` | Additional secret labels. | `{}` |
| `prometheus.metrics.podMonitor.honorLabels` | Honor labels. | `false` | | `prometheus.metrics.secret.new.basicAuthUsername` | Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string. | `""` |
| `prometheus.metrics.podMonitor.labels` | Additional podMonitor labels. | `{}` | | `prometheus.metrics.secret.new.basicAuthPassword` | Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string. | `""` |
| `prometheus.metrics.podMonitor.interval` | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | `60s` | | `prometheus.metrics.podMonitor.enabled` | Enable creation of a podMonitor. Excludes the existence of a serviceMonitor resource. | `false` |
| `prometheus.metrics.podMonitor.path` | HTTP path of the Reposilite pod for scraping Prometheus metrics. | `/metrics` | | `prometheus.metrics.podMonitor.annotations` | Additional podMonitor annotations. | `{}` |
| `prometheus.metrics.podMonitor.port` | HTTP port of the Reposilite pod for scraping Prometheus metrics. | `http` | | `prometheus.metrics.podMonitor.enableHttp2` | Enable HTTP2. | `false` |
| `prometheus.metrics.podMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | `[]` | | `prometheus.metrics.podMonitor.followRedirects` | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | `false` |
| `prometheus.metrics.podMonitor.scrapeTimeout` | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | `30s` | | `prometheus.metrics.podMonitor.honorLabels` | Honor labels. | `false` |
| `prometheus.metrics.podMonitor.scheme` | HTTP scheme to use for scraping. For example `http` or `https`. | `http` | | `prometheus.metrics.podMonitor.labels` | Additional podMonitor labels. | `{}` |
| `prometheus.metrics.podMonitor.tlsConfig` | TLS configuration to use when scraping the metric endpoint by Prometheus. | `{}` | | `prometheus.metrics.podMonitor.interval` | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | `60s` |
| `prometheus.metrics.serviceMonitor.enabled` | Enable creation of a serviceMonitor. Excludes the existence of a podMonitor resource. | `false` | | `prometheus.metrics.podMonitor.path` | HTTP path of the Reposilite pod for scraping Prometheus metrics. | `/metrics` |
| `prometheus.metrics.serviceMonitor.annotations` | Additional serviceMonitor annotations. | `{}` | | `prometheus.metrics.podMonitor.port` | HTTP port of the Reposilite pod for scraping Prometheus metrics. | `http` |
| `prometheus.metrics.serviceMonitor.labels` | Additional serviceMonitor labels. | `{}` | | `prometheus.metrics.podMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | `[]` |
| `prometheus.metrics.serviceMonitor.enableHttp2` | Enable HTTP2. | `false` | | `prometheus.metrics.podMonitor.scrapeTimeout` | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | `30s` |
| `prometheus.metrics.serviceMonitor.followRedirects` | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | `false` | | `prometheus.metrics.podMonitor.scheme` | HTTP scheme to use for scraping. For example `http` or `https`. | `http` |
| `prometheus.metrics.serviceMonitor.honorLabels` | Honor labels. | `false` | | `prometheus.metrics.podMonitor.tlsConfig` | TLS configuration to use when scraping the metric endpoint by Prometheus. | `{}` |
| `prometheus.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | `60s` | | `prometheus.metrics.serviceMonitor.enabled` | Enable creation of a serviceMonitor. Excludes the existence of a podMonitor resource. | `false` |
| `prometheus.metrics.serviceMonitor.path` | HTTP path for scraping Prometheus metrics. | `/metrics` | | `prometheus.metrics.serviceMonitor.annotations` | Additional serviceMonitor annotations. | `{}` |
| `prometheus.metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | `[]` | | `prometheus.metrics.serviceMonitor.labels` | Additional serviceMonitor labels. | `{}` |
| `prometheus.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | `30s` | | `prometheus.metrics.serviceMonitor.enableHttp2` | Enable HTTP2. | `false` |
| `prometheus.metrics.serviceMonitor.scheme` | HTTP scheme to use for scraping. For example `http` or `https`. | `http` | | `prometheus.metrics.serviceMonitor.followRedirects` | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | `false` |
| `prometheus.metrics.serviceMonitor.tlsConfig` | TLS configuration to use when scraping the metric endpoint by Prometheus. | `{}` | | `prometheus.metrics.serviceMonitor.honorLabels` | Honor labels. | `false` |
| `prometheus.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | `60s` |
| `prometheus.metrics.serviceMonitor.path` | HTTP path for scraping Prometheus metrics. | `/metrics` |
| `prometheus.metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | `[]` |
| `prometheus.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | `30s` |
| `prometheus.metrics.serviceMonitor.scheme` | HTTP scheme to use for scraping. For example `http` or `https`. | `http` |
| `prometheus.metrics.serviceMonitor.tlsConfig` | TLS configuration to use when scraping the metric endpoint by Prometheus. | `{}` |
### Service ### Service

26
package-lock.json generated
View File

@@ -1078,9 +1078,9 @@
} }
}, },
"node_modules/link-check": { "node_modules/link-check": {
"version": "5.4.0", "version": "5.5.0",
"resolved": "https://registry.npmjs.org/link-check/-/link-check-5.4.0.tgz", "resolved": "https://registry.npmjs.org/link-check/-/link-check-5.5.0.tgz",
"integrity": "sha512-0Pf4xBVUnwJdbDgpBlhHNmWDtbVjHTpIFs+JaBuIsC9PKRxjv4KMGCO2Gc8lkVnqMf9B/yaNY+9zmMlO5MyToQ==", "integrity": "sha512-CpMk2zMfyEMdDvFG92wO5pU/2I/wbw72/9pvUFhU9cDKkwhmVlPuvxQJzd/jXA2iVOgNgPLnS5zyOLW7OzNpdA==",
"dev": true, "dev": true,
"license": "ISC", "license": "ISC",
"dependencies": { "dependencies": {
@@ -1137,16 +1137,16 @@
} }
}, },
"node_modules/markdown-link-check": { "node_modules/markdown-link-check": {
"version": "3.13.7", "version": "3.14.1",
"resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.13.7.tgz", "resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.14.1.tgz",
"integrity": "sha512-Btn3HU8s2Uyh1ZfzmyZEkp64zp2+RAjwfQt1u4swq2Xa6w37OW0T2inQZrkSNVxDSa2jSN2YYhw/JkAp5jF1PQ==", "integrity": "sha512-h1tihNL3kmOS3N7H4FyF4xKDxiHnNBNSgs/LWlDiRHlC8O0vfRX0LhDDvesRSs4HM7nS0F658glLxonaXBmuWw==",
"dev": true, "dev": true,
"license": "ISC", "license": "ISC",
"dependencies": { "dependencies": {
"async": "^3.2.6", "async": "^3.2.6",
"chalk": "^5.3.0", "chalk": "^5.3.0",
"commander": "^13.1.0", "commander": "^14.0.0",
"link-check": "^5.4.0", "link-check": "^5.5.0",
"markdown-link-extractor": "^4.0.2", "markdown-link-extractor": "^4.0.2",
"needle": "^3.3.1", "needle": "^3.3.1",
"progress": "^2.0.3", "progress": "^2.0.3",
@@ -1157,6 +1157,16 @@
"markdown-link-check": "markdown-link-check" "markdown-link-check": "markdown-link-check"
} }
}, },
"node_modules/markdown-link-check/node_modules/commander": {
"version": "14.0.1",
"resolved": "https://registry.npmjs.org/commander/-/commander-14.0.1.tgz",
"integrity": "sha512-2JkV3gUZUVrbNA+1sjBOYLsMZ5cEEl8GTFP2a4AVz5hvasAMCQ1D2l2le/cX+pV4N6ZU17zjUahLpIXRrnWL8A==",
"dev": true,
"license": "MIT",
"engines": {
"node": ">=20"
}
},
"node_modules/markdown-link-extractor": { "node_modules/markdown-link-extractor": {
"version": "4.0.2", "version": "4.0.2",
"resolved": "https://registry.npmjs.org/markdown-link-extractor/-/markdown-link-extractor-4.0.2.tgz", "resolved": "https://registry.npmjs.org/markdown-link-extractor/-/markdown-link-extractor-4.0.2.tgz",

View File

@@ -9,6 +9,7 @@
], ],
"customManagers": [ "customManagers": [
{ {
"customType": "regex",
"fileMatch": [ "fileMatch": [
"^Chart\\.yaml$" "^Chart\\.yaml$"
], ],
@@ -21,7 +22,10 @@
"versioningTemplate": "semver" "versioningTemplate": "semver"
}, },
{ {
"fileMatch": ["^README\\.md$"], "customType": "regex",
"fileMatch": [
"^README\\.md$"
],
"matchStrings": [ "matchStrings": [
"CHART_VERSION=(?<currentValue>.*)" "CHART_VERSION=(?<currentValue>.*)"
], ],
@@ -29,9 +33,47 @@
"packageNameTemplate": "https://git.cryptic.systems/volker.raschek/reposilite-charts", "packageNameTemplate": "https://git.cryptic.systems/volker.raschek/reposilite-charts",
"datasourceTemplate": "git-tags", "datasourceTemplate": "git-tags",
"versioningTemplate": "semver" "versioningTemplate": "semver"
},
{
"customType": "regex",
"datasourceTemplate": "github-releases",
"fileMatch": [
".vscode/settings\\.json$"
],
"matchStrings": [
"https:\\/\\/raw\\.githubusercontent\\.com\\/(?<depName>[^\\s]+?)\\/(?<currentValue>v[0-9.]+?)\\/schema\\/helm-testsuite\\.json"
]
} }
], ],
"packageRules": [ "packageRules": [
{
"groupName": "Update docker.io/volkerraschek/helm",
"matchDepNames": [
"docker.io/volkerraschek/helm",
"volkerraschek/helm"
]
},
{
"automerge": true,
"groupName": "Update helm plugin 'unittest'",
"matchDepNames": [
"helm-unittest/helm-unittest"
],
"matchDatasources": [
"github-releases"
],
"matchUpdateTypes": [
"minor",
"patch"
]
},
{
"groupName": "Update docker.io/library/node",
"matchDepNames": [
"docker.io/library/node",
"library/node"
]
},
{ {
"addLabels": [ "addLabels": [
"renovate/automerge", "renovate/automerge",
@@ -64,5 +106,16 @@
"patch" "patch"
] ]
} }
] ],
} "postUpgradeTasks": {
"commands": [
"install-tool node",
"make readme"
],
"fileFilters": [
"README.md",
"values.yaml"
],
"executionMode": "update"
}
}

View File

@@ -27,8 +27,8 @@
{{- end }} {{- end }}
{{- if or (eq (include "reposilite.podMonitor.enabled" $ ) "true") (eq (include "reposilite.serviceMonitor.enabled" $ ) "true") -}} {{- if or (eq (include "reposilite.podMonitor.enabled" $ ) "true") (eq (include "reposilite.serviceMonitor.enabled" $ ) "true") -}}
{{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_USER" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" "username")))) }} {{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_USER" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" (include "reposilite.secrets.prometheusBasicAuth.usernameKey" $))))) }}
{{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_PASSWORD" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" "password")))) }} {{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_PASSWORD" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" (include "reposilite.secrets.prometheusBasicAuth.passwordKey" $))))) }}
{{- end }} {{- end }}
{{ toYaml (dict "env" $env) }} {{ toYaml (dict "env" $env) }}

View File

@@ -4,7 +4,7 @@
{{- define "reposilite.pod.annotations" -}} {{- define "reposilite.pod.annotations" -}}
{{ include "reposilite.annotations" . }} {{ include "reposilite.annotations" . }}
{{- if .Values.prometheus.metrics.enabled -}} {{- if and .Values.prometheus.metrics.enabled (not .Values.prometheus.metrics.secret.existing.enabled) -}}
{{- printf "checksum/secret-%s: %s" (include "reposilite.secrets.prometheusBasicAuth.name" $) (include (print $.Template.BasePath "/secretPrometheusBasicAuth.yaml") . | sha256sum) }} {{- printf "checksum/secret-%s: %s" (include "reposilite.secrets.prometheusBasicAuth.name" $) (include (print $.Template.BasePath "/secretPrometheusBasicAuth.yaml") . | sha256sum) }}
{{- end -}} {{- end -}}
{{- end }} {{- end }}

View File

@@ -4,16 +4,50 @@
{{- define "reposilite.secrets.prometheusBasicAuth.annotations" -}} {{- define "reposilite.secrets.prometheusBasicAuth.annotations" -}}
{{ include "reposilite.annotations" . }} {{ include "reposilite.annotations" . }}
{{- if .Values.prometheus.metrics.secret.new.annotations }}
{{ toYaml .Values.prometheus.metrics.secret.new.annotations }}
{{- end }}
{{- end }} {{- end }}
{{/* labels */}} {{/* labels */}}
{{- define "reposilite.secrets.prometheusBasicAuth.labels" -}} {{- define "reposilite.secrets.prometheusBasicAuth.labels" -}}
{{ include "reposilite.labels" . }} {{ include "reposilite.labels" . }}
{{- if .Values.prometheus.metrics.secret.new.labels }}
{{ toYaml .Values.prometheus.metrics.secret.new.labels }}
{{- end }}
{{- end }} {{- end }}
{{/* names */}} {{/* names */}}
{{- define "reposilite.secrets.prometheusBasicAuth.name" -}} {{- define "reposilite.secrets.prometheusBasicAuth.name" -}}
{{ include "reposilite.fullname" . }}-basic-auth-credentials {{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.secretName) 0) }}
{{- end -}} {{- print .Values.prometheus.metrics.secret.existing.secretName -}}
{{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.secretName) 0) }}
{{ fail "Name of the existing secret that contains the credentials for basic auth is not defined!" }}
{{- else if not .Values.prometheus.metrics.secret.existing.enabled }}
{{- printf "%s-basic-auth-credentials" (include "reposilite.fullname" $) -}}
{{- end }}
{{- end }}
{{/* secretKeyNames */}}
{{- define "reposilite.secrets.prometheusBasicAuth.passwordKey" -}}
{{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey) 0) -}}
{{- .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey -}}
{{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey) 0) }}
{{ fail "Name of the key in the secret that contains the password for basic auth is not defined!" }}
{{- else if and (not .Values.prometheus.metrics.secret.existing.enabled) }}
{{- print "password" -}}
{{- end }}
{{- end }}
{{- define "reposilite.secrets.prometheusBasicAuth.usernameKey" -}}
{{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey) 0) -}}
{{- .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey -}}
{{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey) 0) }}
{{ fail "Name of the key in the secret that contains the username for basic auth is not defined!" }}
{{- else if and (not .Values.prometheus.metrics.secret.existing.enabled) }}
{{- print "username" -}}
{{- end }}
{{- end }}

View File

@@ -17,10 +17,10 @@ spec:
podMetricsEndpoints: podMetricsEndpoints:
- basicAuth: - basicAuth:
password: password:
key: password key: {{ include "reposilite.secrets.prometheusBasicAuth.passwordKey" . }}
name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }}
username: username:
key: username key: {{ include "reposilite.secrets.prometheusBasicAuth.usernameKey" . }}
name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }}
enableHttp2: {{ required "The enableHttp2 option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.enableHttp2 }} enableHttp2: {{ required "The enableHttp2 option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.enableHttp2 }}
followRedirects: {{ required "The followRedirects option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.followRedirects }} followRedirects: {{ required "The followRedirects option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.followRedirects }}

View File

@@ -1,4 +1,4 @@
{{- if .Values.prometheus.metrics.enabled }} {{- if and .Values.prometheus.metrics.enabled (not .Values.prometheus.metrics.secret.existing.enabled) }}
--- ---
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
@@ -14,6 +14,6 @@ metadata:
name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }}
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
stringData: stringData:
password: {{ default (randAlphaNum 16) .Values.prometheus.metrics.basicAuthPassword }} password: {{ default (randAlphaNum 16) .Values.prometheus.metrics.secret.new.basicAuthPassword }}
username: {{ default (randAlphaNum 16) .Values.prometheus.metrics.basicAuthUsername }} username: {{ default (randAlphaNum 16) .Values.prometheus.metrics.secret.new.basicAuthUsername }}
{{- end }} {{- end }}

View File

@@ -17,10 +17,10 @@ spec:
endpoints: endpoints:
- basicAuth: - basicAuth:
password: password:
key: password key: {{ include "reposilite.secrets.prometheusBasicAuth.passwordKey" . }}
name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }}
username: username:
key: username key: {{ include "reposilite.secrets.prometheusBasicAuth.usernameKey" . }}
name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }}
enableHttp2: {{ required "The enableHttp2 option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.enableHttp2 }} enableHttp2: {{ required "The enableHttp2 option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.enableHttp2 }}
followRedirects: {{ required "The followRedirects option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.followRedirects }} followRedirects: {{ required "The followRedirects option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.followRedirects }}

View File

@@ -35,3 +35,73 @@ tests:
name: reposilite-unittest-basic-auth-credentials name: reposilite-unittest-basic-auth-credentials
key: username key: username
template: templates/deployment.yaml template: templates/deployment.yaml
- it: Rendering default environment variables with enabled prometheus metrics serviceMonitor and external secret
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: my-username-key
prometheus.metrics.secret.existing.basicAuthPasswordKey: my-password-key
prometheus.metrics.secret.existing.secretName: my-secret
prometheus.metrics.podMonitor.enabled: true
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: REPOSILITE_PROMETHEUS_PASSWORD
valueFrom:
secretKeyRef:
name: my-secret
key: my-password-key
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: REPOSILITE_PROMETHEUS_USER
valueFrom:
secretKeyRef:
name: my-secret
key: my-username-key
template: templates/deployment.yaml
- it: Fail when existing secret name is undefined
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key"
prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key"
prometheus.metrics.secret.existing.secretName: ""
prometheus.metrics.podMonitor.enabled: true
asserts:
- failedTemplate:
errorMessage: "Name of the existing secret that contains the credentials for basic auth is not defined!"
template: templates/deployment.yaml
- it: Fail when the name of the key in the secret that contains the username for basic auth is undefined
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: ""
prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key"
prometheus.metrics.secret.existing.secretName: "my-secret"
prometheus.metrics.podMonitor.enabled: true
asserts:
- failedTemplate:
errorMessage: "Name of the key in the secret that contains the username for basic auth is not defined!"
template: templates/deployment.yaml
- it: Fail when the name of the key in the secret that contains the password for basic auth is undefined
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key"
prometheus.metrics.secret.existing.basicAuthPasswordKey: ""
prometheus.metrics.secret.existing.secretName: "my-secret"
prometheus.metrics.podMonitor.enabled: true
asserts:
- failedTemplate:
errorMessage: "Name of the key in the secret that contains the password for basic auth is not defined!"
template: templates/deployment.yaml

View File

@@ -0,0 +1,107 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: Add prometheus basic auth variables
release:
name: reposilite-unittest
namespace: testing
templates:
- templates/deployment.yaml
- templates/secretPrometheusBasicAuth.yaml
tests:
- it: Rendering default environment variables with enabled prometheus metrics serviceMonitor
set:
prometheus.metrics.enabled: true
prometheus.metrics.serviceMonitor.enabled: true
asserts:
- exists:
path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: REPOSILITE_PROMETHEUS_PASSWORD
valueFrom:
secretKeyRef:
name: reposilite-unittest-basic-auth-credentials
key: password
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: REPOSILITE_PROMETHEUS_USER
valueFrom:
secretKeyRef:
name: reposilite-unittest-basic-auth-credentials
key: username
template: templates/deployment.yaml
- it: Rendering default environment variables with enabled prometheus metrics serviceMonitor and external secret
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: my-username-key
prometheus.metrics.secret.existing.basicAuthPasswordKey: my-password-key
prometheus.metrics.secret.existing.secretName: my-secret
prometheus.metrics.serviceMonitor.enabled: true
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: REPOSILITE_PROMETHEUS_PASSWORD
valueFrom:
secretKeyRef:
name: my-secret
key: my-password-key
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: REPOSILITE_PROMETHEUS_USER
valueFrom:
secretKeyRef:
name: my-secret
key: my-username-key
template: templates/deployment.yaml
- it: Fail when existing secret name is undefined
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key"
prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key"
prometheus.metrics.secret.existing.secretName: ""
prometheus.metrics.serviceMonitor.enabled: true
asserts:
- failedTemplate:
errorMessage: "Name of the existing secret that contains the credentials for basic auth is not defined!"
template: templates/deployment.yaml
- it: Fail when the name of the key in the secret that contains the username for basic auth is undefined
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: ""
prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key"
prometheus.metrics.secret.existing.secretName: "my-secret"
prometheus.metrics.serviceMonitor.enabled: true
asserts:
- failedTemplate:
errorMessage: "Name of the key in the secret that contains the username for basic auth is not defined!"
template: templates/deployment.yaml
- it: Fail when the name of the key in the secret that contains the password for basic auth is undefined
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key"
prometheus.metrics.secret.existing.basicAuthPasswordKey: ""
prometheus.metrics.secret.existing.secretName: "my-secret"
prometheus.metrics.serviceMonitor.enabled: true
asserts:
- failedTemplate:
errorMessage: "Name of the key in the secret that contains the password for basic auth is not defined!"
template: templates/deployment.yaml

View File

@@ -0,0 +1,78 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: Secret reposilite template
release:
name: reposilite-unittest
namespace: testing
templates:
- templates/secretPrometheusBasicAuth.yaml
tests:
- it: Skip rendering
asserts:
- hasDocuments:
count: 0
- it: Rendering secret with default values.
set:
prometheus.metrics.enabled: true
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: v1
kind: Secret
name: reposilite-unittest-basic-auth-credentials
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: reposilite-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: reposilite
app.kubernetes.io/version: 0.1.0
helm.sh/chart: reposilite-0.1.0
- exists:
path: stringData.password
- exists:
path: stringData.username
- it: Rendering secret with custom values.
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.new.basicAuthPassword: foo
prometheus.metrics.secret.new.basicAuthUsername: bar
prometheus.metrics.secret.new.annotations:
foo: bar
prometheus.metrics.secret.new.labels:
bar: foo
asserts:
- hasDocuments:
count: 1
- exists:
path: metadata.annotations
value:
foo: bar
- exists:
path: metadata.labels
value:
bar: foo
- equal:
path: metadata.name
value: reposilite-unittest-basic-auth-credentials
- equal:
path: stringData.password
value: foo
- equal:
path: stringData.username
value: bar
- it: Skip rendering if existing secret is used
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
asserts:
- hasDocuments:
count: 0

View File

@@ -129,6 +129,10 @@ tests:
- it: Change defaults - it: Change defaults
set: set:
prometheus.metrics.enabled: true prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.secretName: "my-secret"
prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key"
prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key"
prometheus.metrics.serviceMonitor.enabled: true prometheus.metrics.serviceMonitor.enabled: true
prometheus.metrics.serviceMonitor.enableHttp2: false prometheus.metrics.serviceMonitor.enableHttp2: false
prometheus.metrics.serviceMonitor.followRedirects: true prometheus.metrics.serviceMonitor.followRedirects: true
@@ -147,6 +151,15 @@ tests:
asserts: asserts:
- hasDocuments: - hasDocuments:
count: 1 count: 1
- isSubset:
path: spec.endpoints[0].basicAuth
content:
password:
key: my-password-key
name: my-secret
username:
key: my-username-key
name: my-secret
- equal: - equal:
path: spec.endpoints[0].enableHttp2 path: spec.endpoints[0].enableHttp2
value: false value: false

View File

@@ -175,7 +175,7 @@ deployment:
image: image:
registry: docker.io registry: docker.io
repository: curlimages/curl repository: curlimages/curl
tag: "8.15.0" tag: "8.16.0"
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
## @param deployment.priorityClassName PriorityClassName of the Reposilite deployment. ## @param deployment.priorityClassName PriorityClassName of the Reposilite deployment.
@@ -396,13 +396,30 @@ persistentVolumeClaim:
## @section Prometheus ## @section Prometheus
prometheus: prometheus:
## @param prometheus.metrics.enabled Enable of scraping metrics by Prometheus.
## @param prometheus.metrics.basicAuthUsername Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string.
## @param prometheus.metrics.basicAuthPassword Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string.
metrics: metrics:
## @param prometheus.metrics.enabled Enable of scraping metrics by Prometheus.
enabled: false enabled: false
basicAuthUsername: ""
basicAuthPassword: "" secret:
## @param prometheus.metrics.secret.existing.enabled Use an existing secret containing the basic auth credentials.
## @param prometheus.metrics.secret.existing.secretName Name of the secret containing the basic auth credentials.
## @param prometheus.metrics.secret.existing.basicAuthUsernameKey Name of the key in the secret that contains the username for basic auth.
## @param prometheus.metrics.secret.existing.basicAuthPasswordKey Name of the key in the secret that contains the password for basic auth.
existing:
enabled: false
secretName: ""
basicAuthUsernameKey: ""
basicAuthPasswordKey: ""
## @param prometheus.metrics.secret.new.annotations Additional secret annotations.
## @param prometheus.metrics.secret.new.labels Additional secret labels.
## @param prometheus.metrics.secret.new.basicAuthUsername Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string.
## @param prometheus.metrics.secret.new.basicAuthPassword Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string.
new:
annotations: {}
labels: {}
basicAuthUsername: ""
basicAuthPassword: ""
## @param prometheus.metrics.podMonitor.enabled Enable creation of a podMonitor. Excludes the existence of a serviceMonitor resource. ## @param prometheus.metrics.podMonitor.enabled Enable creation of a podMonitor. Excludes the existence of a serviceMonitor resource.
## @param prometheus.metrics.podMonitor.annotations Additional podMonitor annotations. ## @param prometheus.metrics.podMonitor.annotations Additional podMonitor annotations.