You've already forked reposilite-charts
							
							Compare commits
	
		
			37 Commits
		
	
	
		
			28cfcfe95c
			...
			master
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 16a7fa16a9 | |||
| 19dc6b4aef | |||
| 0dd267a0df | |||
| d790cd3ec4 | |||
| d2c329e1be | |||
| db5e38cef1 | |||
| 1fe7bc604e | |||
| fa43188e03 | |||
| 99ed88068a | |||
| 95fd713da6 | |||
| 671a635627 | |||
| 13fbb0ecc0 | |||
| 8835a8cde1 | |||
| 7d479fe629 | |||
| edacc04893 | |||
| 3c64ebfef4 | |||
| 15d2c31512 | |||
| 93ef09b878 | |||
| b5368314d6 | |||
| 60643bdaf4 | |||
| e3880f5f00 | |||
| a20f370eaf | |||
| d6de6ce37a | |||
| 334a8b877b | |||
| ba1fd42cfc | |||
| 70faa1ff8f | |||
| d7d5bc4dae | |||
| a3f1ab1850 | |||
| c4919a6bfc | |||
| 6ca6f583d3 | |||
| 0d10fb2cdc | |||
| a373c49e2a | |||
| 633d4f1bfd | |||
| cc201633de | |||
| 64c20379a2 | |||
| 98ec01a217 | |||
| 796c257d0a | 
| @@ -15,7 +15,7 @@ on: | |||||||
| jobs: | jobs: | ||||||
|   generate-parameters: |   generate-parameters: | ||||||
|     container: |     container: | ||||||
|       image: docker.io/library/node:24.8.0-alpine |       image: docker.io/library/node:24.10.0-alpine | ||||||
|     runs-on: |     runs-on: | ||||||
|     - ubuntu-latest |     - ubuntu-latest | ||||||
|     steps: |     steps: | ||||||
|   | |||||||
| @@ -13,7 +13,7 @@ on: | |||||||
| jobs: | jobs: | ||||||
|   helm-lint: |   helm-lint: | ||||||
|     container: |     container: | ||||||
|       image: docker.io/volkerraschek/helm:3.18.5 |       image: docker.io/volkerraschek/helm:3.19.0 | ||||||
|     runs-on: |     runs-on: | ||||||
|     - ubuntu-latest |     - ubuntu-latest | ||||||
|     steps: |     steps: | ||||||
| @@ -28,7 +28,7 @@ jobs: | |||||||
|  |  | ||||||
|   helm-unittest: |   helm-unittest: | ||||||
|     container: |     container: | ||||||
|       image: docker.io/volkerraschek/helm:3.18.5 |       image: docker.io/volkerraschek/helm:3.19.0 | ||||||
|     runs-on: |     runs-on: | ||||||
|     - ubuntu-latest |     - ubuntu-latest | ||||||
|     steps: |     steps: | ||||||
|   | |||||||
| @@ -15,7 +15,7 @@ on: | |||||||
| jobs: | jobs: | ||||||
|   markdown-link-checker: |   markdown-link-checker: | ||||||
|     container: |     container: | ||||||
|       image: docker.io/library/node:24.8.0-alpine |       image: docker.io/library/node:24.10.0-alpine | ||||||
|     runs-on: |     runs-on: | ||||||
|     - ubuntu-latest |     - ubuntu-latest | ||||||
|     steps: |     steps: | ||||||
| @@ -31,7 +31,7 @@ jobs: | |||||||
|  |  | ||||||
|   markdown-lint: |   markdown-lint: | ||||||
|     container: |     container: | ||||||
|       image: docker.io/library/node:24.8.0-alpine |       image: docker.io/library/node:24.10.0-alpine | ||||||
|     runs-on: |     runs-on: | ||||||
|     - ubuntu-latest |     - ubuntu-latest | ||||||
|     steps: |     steps: | ||||||
|   | |||||||
| @@ -8,7 +8,7 @@ on: | |||||||
| jobs: | jobs: | ||||||
|   publish-chart: |   publish-chart: | ||||||
|     container: |     container: | ||||||
|       image: docker.io/volkerraschek/helm:3.18.5 |       image: docker.io/volkerraschek/helm:3.19.0 | ||||||
|     runs-on: ubuntu-latest |     runs-on: ubuntu-latest | ||||||
|     steps: |     steps: | ||||||
|       - name: Install packages via apk |       - name: Install packages via apk | ||||||
|   | |||||||
							
								
								
									
										8
									
								
								.vscode/settings.json
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										8
									
								
								.vscode/settings.json
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,8 @@ | |||||||
|  | { | ||||||
|  |   "yaml.schemas": { | ||||||
|  |     "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v1.0.2/schema/helm-testsuite.json": [ | ||||||
|  |       "/unittests/**/*.yaml" | ||||||
|  |     ] | ||||||
|  |   }, | ||||||
|  |   "yaml.schemaStore.enable": true | ||||||
|  | } | ||||||
| @@ -5,7 +5,7 @@ annotations: | |||||||
|     - name: support |     - name: support | ||||||
|       url: https://git.cryptic.systems/volker.raschek/reposilite-charts/issues |       url: https://git.cryptic.systems/volker.raschek/reposilite-charts/issues | ||||||
| apiVersion: v2 | apiVersion: v2 | ||||||
| appVersion: "3.5.25" | appVersion: "3.5.26" | ||||||
| description: | | description: | | ||||||
|   Lightweight and easy-to-use repository management software |   Lightweight and easy-to-use repository management software | ||||||
|   dedicated for the Maven based artifacts in the JVM ecosystem |   dedicated for the Maven based artifacts in the JVM ecosystem | ||||||
|   | |||||||
							
								
								
									
										17
									
								
								Makefile
									
									
									
									
									
								
							
							
						
						
									
										17
									
								
								Makefile
									
									
									
									
									
								
							| @@ -4,13 +4,13 @@ CONTAINER_RUNTIME?=$(shell which podman) | |||||||
| # HELM_IMAGE | # HELM_IMAGE | ||||||
| HELM_IMAGE_REGISTRY_HOST?=docker.io | HELM_IMAGE_REGISTRY_HOST?=docker.io | ||||||
| HELM_IMAGE_REPOSITORY?=volkerraschek/helm | HELM_IMAGE_REPOSITORY?=volkerraschek/helm | ||||||
| HELM_IMAGE_VERSION?=3.18.2 # renovate: datasource=docker registryUrl=https://registry-nexus.orbis.dedalus.com depName=volkerraschek/helm | HELM_IMAGE_VERSION?=3.19.0 # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/volkerraschek/helm | ||||||
| HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION} | HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION} | ||||||
|  |  | ||||||
| # NODE_IMAGE | # NODE_IMAGE | ||||||
| NODE_IMAGE_REGISTRY_HOST?=docker.io | NODE_IMAGE_REGISTRY_HOST?=docker.io | ||||||
| NODE_IMAGE_REPOSITORY?=library/node | NODE_IMAGE_REPOSITORY?=library/node | ||||||
| NODE_IMAGE_VERSION?=24.8.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node | NODE_IMAGE_VERSION?=24.10.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node | ||||||
| NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION} | NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION} | ||||||
|  |  | ||||||
| # MISSING DOT | # MISSING DOT | ||||||
| @@ -18,6 +18,19 @@ NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}: | |||||||
| missing-dot: | missing-dot: | ||||||
| 	grep --perl-regexp '## @(param|skip).*[^.]$$' values.yaml | 	grep --perl-regexp '## @(param|skip).*[^.]$$' values.yaml | ||||||
|  |  | ||||||
|  | # README | ||||||
|  | # ============================================================================== | ||||||
|  | readme: readme/link readme/lint readme/parameters | ||||||
|  |  | ||||||
|  | readme/link: | ||||||
|  | 	npm install && npm run readme:link | ||||||
|  |  | ||||||
|  | readme/lint: | ||||||
|  | 	npm install && npm run readme:lint | ||||||
|  |  | ||||||
|  | readme/parameters: | ||||||
|  | 	npm install && npm run readme:parameters | ||||||
|  |  | ||||||
| # CONTAINER RUN - README | # CONTAINER RUN - README | ||||||
| # ============================================================================== | # ============================================================================== | ||||||
| PHONY+=container-run/readme | PHONY+=container-run/readme | ||||||
|   | |||||||
							
								
								
									
										85
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										85
									
								
								README.md
									
									
									
									
									
								
							| @@ -37,7 +37,7 @@ version of the chart must be in sync with the `values.yaml`. Newer *minor* versi | |||||||
| versions can break something! | versions can break something! | ||||||
|  |  | ||||||
| ```bash | ```bash | ||||||
| CHART_VERSION=0.2.0 | CHART_VERSION=1.0.0 | ||||||
| helm show values volker.raschek/reposilite --version "${CHART_VERSION}" > values.yaml | helm show values volker.raschek/reposilite --version "${CHART_VERSION}" > values.yaml | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| @@ -51,7 +51,7 @@ The helm chart also contains a persistent volume claim definition. It persistent | |||||||
| Use the `--set` argument to persist your data. | Use the `--set` argument to persist your data. | ||||||
|  |  | ||||||
| ```bash | ```bash | ||||||
| CHART_VERSION=0.2.0 | CHART_VERSION=1.0.0 | ||||||
| helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | ||||||
|   persistentVolumeClaim.enabled=true |   persistentVolumeClaim.enabled=true | ||||||
| ``` | ``` | ||||||
| @@ -72,7 +72,7 @@ connection problems. | |||||||
| > error. | > error. | ||||||
|  |  | ||||||
| ```bash | ```bash | ||||||
| CHART_VERSION=0.2.0 | CHART_VERSION=1.0.0 | ||||||
| helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | ||||||
|   --set 'deployment.reposilite.env[1].name=REPOSILITE_LOCAL_SSLENABLED' \ |   --set 'deployment.reposilite.env[1].name=REPOSILITE_LOCAL_SSLENABLED' \ | ||||||
|   --set 'deployment.reposilite.env[1].value="true"' \ |   --set 'deployment.reposilite.env[1].value="true"' \ | ||||||
| @@ -122,6 +122,20 @@ deployment: | |||||||
|     secret.reloader.stakater.com/reload: "reposilite-tls" |     secret.reloader.stakater.com/reload: "reposilite-tls" | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
|  | If the application is rolled out using ArgoCD, a rolling update from stakater's | ||||||
|  | [reloader](https://github.com/stakater/Reloader) can lead to a drift. ArgoCD will attempt to restore the original state | ||||||
|  | with a rolling update. To avoid this, instead of a rolling update triggered by the reloader, a restart of the pod can be | ||||||
|  | initiated. Further information are available in the official | ||||||
|  | [README](https://github.com/stakater/Reloader?tab=readme-ov-file#4-%EF%B8%8F-workload-specific-rollout-strategy) of | ||||||
|  | stakater's reloader. | ||||||
|  |  | ||||||
|  | ```diff | ||||||
|  |   deployment: | ||||||
|  |     annotations: | ||||||
|  |       reloader.stakater.com/auto: "true" | ||||||
|  | +     reloader.stakater.com/rollout-strategy: "restart" | ||||||
|  | ``` | ||||||
|  |  | ||||||
| #### Network policies | #### Network policies | ||||||
|  |  | ||||||
| Network policies can only take effect, when the used CNI plugin support network policies. The chart supports no custom | Network policies can only take effect, when the used CNI plugin support network policies. The chart supports no custom | ||||||
| @@ -187,13 +201,62 @@ be set the credentials manually. | |||||||
| The following example enable Prometheus metrics with custom basic auth credentials: | The following example enable Prometheus metrics with custom basic auth credentials: | ||||||
|  |  | ||||||
| ```bash | ```bash | ||||||
| CHART_VERSION=0.2.0 | CHART_VERSION=1.0.0 | ||||||
| helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | ||||||
|   --set 'prometheus.metrics.enabled=true' \ |   --set 'prometheus.metrics.enabled=true' \ | ||||||
|   --set 'prometheus.metrics.basicAuthUsername=my-username' \ |   --set 'prometheus.metrics.basicAuthUsername=my-username' \ | ||||||
|   --set 'prometheus.metrics.basicAuthUsername=my-password' |   --set 'prometheus.metrics.basicAuthUsername=my-password' | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
|  | ## ArgoCD | ||||||
|  |  | ||||||
|  | ### Example Application | ||||||
|  |  | ||||||
|  | An application resource for the Helm chart is defined below. It serves as an example for your own deployment. | ||||||
|  |  | ||||||
|  | ```yaml | ||||||
|  | apiVersion: argoproj.io/v1alpha1 | ||||||
|  | kind: Application | ||||||
|  | spec: | ||||||
|  |   destination: | ||||||
|  |     server: https://kubernetes.default.svc | ||||||
|  |     namespace: reposilite | ||||||
|  |   ignoreDifferences: | ||||||
|  |   - group: apps | ||||||
|  |     kind: Deployment | ||||||
|  |     jqPathExpressions: | ||||||
|  |     # When HPA is enabled, ensure that a modification of the replicas does not lead to a | ||||||
|  |     # drift. | ||||||
|  |       - '.spec.replicas' | ||||||
|  |     # Ensure that changes of the annotations or environment variables added or modified by | ||||||
|  |     # stakater's reloader does not lead to a drift. | ||||||
|  |     - '.spec.template.metadata.annotations | with_entries(select(.key | startswith("reloader")))' | ||||||
|  |     - '.spec.template.spec.containers[].env[] | select(.name | startswith("STAKATER_"))' | ||||||
|  |   sources: | ||||||
|  |   - repoURL: https://charts.cryptic.systems/volker.raschek | ||||||
|  |     chart: reposilite | ||||||
|  |     targetRevision: '0.*' | ||||||
|  |     helm: | ||||||
|  |       valueFiles: | ||||||
|  |       - $values/values.yaml | ||||||
|  |       releaseName: reposilite | ||||||
|  |   syncPolicy: | ||||||
|  |     automated: | ||||||
|  |       prune: true | ||||||
|  |       selfHeal: true | ||||||
|  |     managedNamespaceMetadata: | ||||||
|  |       annotations: {} | ||||||
|  |       labels: {} | ||||||
|  |     syncOptions: | ||||||
|  |     - ApplyOutOfSyncOnly=true | ||||||
|  |     - CreateNamespace=true | ||||||
|  |     - FailOnSharedResource=false | ||||||
|  |     - Replace=false | ||||||
|  |     - RespectIgnoreDifferences=false | ||||||
|  |     - ServerSideApply=true | ||||||
|  |     - Validate=true | ||||||
|  | ``` | ||||||
|  |  | ||||||
| ## Parameters | ## Parameters | ||||||
|  |  | ||||||
| ### Global | ### Global | ||||||
| @@ -240,7 +303,7 @@ helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | |||||||
| | `deployment.pluginContainer.args`                  | Arguments passed to the plugin container.                                                                  | `["--location","--fail","--max-time","60"]` | | | `deployment.pluginContainer.args`                  | Arguments passed to the plugin container.                                                                  | `["--location","--fail","--max-time","60"]` | | ||||||
| | `deployment.pluginContainer.image.registry`        | Image registry, eg. `docker.io`.                                                                           | `docker.io`                                 | | | `deployment.pluginContainer.image.registry`        | Image registry, eg. `docker.io`.                                                                           | `docker.io`                                 | | ||||||
| | `deployment.pluginContainer.image.repository`      | Image repository, eg. `curlimages/curl`.                                                                   | `curlimages/curl`                           | | | `deployment.pluginContainer.image.repository`      | Image repository, eg. `curlimages/curl`.                                                                   | `curlimages/curl`                           | | ||||||
| | `deployment.pluginContainer.image.tag`             | Custom image tag, eg. `0.1.0`.                                                                             | `8.15.0`                                    | | | `deployment.pluginContainer.image.tag`             | Custom image tag, eg. `0.1.0`.                                                                             | `8.16.0`                                    | | ||||||
| | `deployment.pluginContainer.image.pullPolicy`      | Image pull policy.                                                                                         | `IfNotPresent`                              | | | `deployment.pluginContainer.image.pullPolicy`      | Image pull policy.                                                                                         | `IfNotPresent`                              | | ||||||
| | `deployment.priorityClassName`                     | PriorityClassName of the Reposilite deployment.                                                            | `""`                                        | | | `deployment.priorityClassName`                     | PriorityClassName of the Reposilite deployment.                                                            | `""`                                        | | ||||||
| | `deployment.replicas`                              | Number of replicas for the Reposilite deployment.                                                          | `1`                                         | | | `deployment.replicas`                              | Number of replicas for the Reposilite deployment.                                                          | `1`                                         | | ||||||
| @@ -305,10 +368,16 @@ helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | |||||||
| ### Prometheus | ### Prometheus | ||||||
|  |  | ||||||
| | Name                                                      | Description                                                                                                                                  | Value      | | | Name                                                      | Description                                                                                                                                  | Value      | | ||||||
| | --------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- | ---------- | | | --------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- | ---------- | | ||||||
| | `prometheus.metrics.enabled`                              | Enable of scraping metrics by Prometheus.                                                                                                    | `false`    | | | `prometheus.metrics.enabled`                              | Enable of scraping metrics by Prometheus.                                                                                                    | `false`    | | ||||||
| | `prometheus.metrics.basicAuthUsername`              | Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string.        | `""`       | | | `prometheus.metrics.secret.existing.enabled`              | Use an existing secret containing the basic auth credentials.                                                                                | `false`    | | ||||||
| | `prometheus.metrics.basicAuthPassword`              | Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string.         | `""`       | | | `prometheus.metrics.secret.existing.secretName`           | Name of the secret containing the basic auth credentials.                                                                                    | `""`       | | ||||||
|  | | `prometheus.metrics.secret.existing.basicAuthUsernameKey` | Name of the key in the secret that contains the username for basic auth.                                                                     | `""`       | | ||||||
|  | | `prometheus.metrics.secret.existing.basicAuthPasswordKey` | Name of the key in the secret that contains the password for basic auth.                                                                     | `""`       | | ||||||
|  | | `prometheus.metrics.secret.new.annotations`               | Additional secret annotations.                                                                                                               | `{}`       | | ||||||
|  | | `prometheus.metrics.secret.new.labels`                    | Additional secret labels.                                                                                                                    | `{}`       | | ||||||
|  | | `prometheus.metrics.secret.new.basicAuthUsername`         | Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string.        | `""`       | | ||||||
|  | | `prometheus.metrics.secret.new.basicAuthPassword`         | Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string.         | `""`       | | ||||||
| | `prometheus.metrics.podMonitor.enabled`                   | Enable creation of a podMonitor. Excludes the existence of a serviceMonitor resource.                                                        | `false`    | | | `prometheus.metrics.podMonitor.enabled`                   | Enable creation of a podMonitor. Excludes the existence of a serviceMonitor resource.                                                        | `false`    | | ||||||
| | `prometheus.metrics.podMonitor.annotations`               | Additional podMonitor annotations.                                                                                                           | `{}`       | | | `prometheus.metrics.podMonitor.annotations`               | Additional podMonitor annotations.                                                                                                           | `{}`       | | ||||||
| | `prometheus.metrics.podMonitor.enableHttp2`               | Enable HTTP2.                                                                                                                                | `false`    | | | `prometheus.metrics.podMonitor.enableHttp2`               | Enable HTTP2.                                                                                                                                | `false`    | | ||||||
|   | |||||||
							
								
								
									
										26
									
								
								package-lock.json
									
									
									
										generated
									
									
									
								
							
							
						
						
									
										26
									
								
								package-lock.json
									
									
									
										generated
									
									
									
								
							| @@ -1078,9 +1078,9 @@ | |||||||
|       } |       } | ||||||
|     }, |     }, | ||||||
|     "node_modules/link-check": { |     "node_modules/link-check": { | ||||||
|       "version": "5.4.0", |       "version": "5.5.0", | ||||||
|       "resolved": "https://registry.npmjs.org/link-check/-/link-check-5.4.0.tgz", |       "resolved": "https://registry.npmjs.org/link-check/-/link-check-5.5.0.tgz", | ||||||
|       "integrity": "sha512-0Pf4xBVUnwJdbDgpBlhHNmWDtbVjHTpIFs+JaBuIsC9PKRxjv4KMGCO2Gc8lkVnqMf9B/yaNY+9zmMlO5MyToQ==", |       "integrity": "sha512-CpMk2zMfyEMdDvFG92wO5pU/2I/wbw72/9pvUFhU9cDKkwhmVlPuvxQJzd/jXA2iVOgNgPLnS5zyOLW7OzNpdA==", | ||||||
|       "dev": true, |       "dev": true, | ||||||
|       "license": "ISC", |       "license": "ISC", | ||||||
|       "dependencies": { |       "dependencies": { | ||||||
| @@ -1137,16 +1137,16 @@ | |||||||
|       } |       } | ||||||
|     }, |     }, | ||||||
|     "node_modules/markdown-link-check": { |     "node_modules/markdown-link-check": { | ||||||
|       "version": "3.13.7", |       "version": "3.14.1", | ||||||
|       "resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.13.7.tgz", |       "resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.14.1.tgz", | ||||||
|       "integrity": "sha512-Btn3HU8s2Uyh1ZfzmyZEkp64zp2+RAjwfQt1u4swq2Xa6w37OW0T2inQZrkSNVxDSa2jSN2YYhw/JkAp5jF1PQ==", |       "integrity": "sha512-h1tihNL3kmOS3N7H4FyF4xKDxiHnNBNSgs/LWlDiRHlC8O0vfRX0LhDDvesRSs4HM7nS0F658glLxonaXBmuWw==", | ||||||
|       "dev": true, |       "dev": true, | ||||||
|       "license": "ISC", |       "license": "ISC", | ||||||
|       "dependencies": { |       "dependencies": { | ||||||
|         "async": "^3.2.6", |         "async": "^3.2.6", | ||||||
|         "chalk": "^5.3.0", |         "chalk": "^5.3.0", | ||||||
|         "commander": "^13.1.0", |         "commander": "^14.0.0", | ||||||
|         "link-check": "^5.4.0", |         "link-check": "^5.5.0", | ||||||
|         "markdown-link-extractor": "^4.0.2", |         "markdown-link-extractor": "^4.0.2", | ||||||
|         "needle": "^3.3.1", |         "needle": "^3.3.1", | ||||||
|         "progress": "^2.0.3", |         "progress": "^2.0.3", | ||||||
| @@ -1157,6 +1157,16 @@ | |||||||
|         "markdown-link-check": "markdown-link-check" |         "markdown-link-check": "markdown-link-check" | ||||||
|       } |       } | ||||||
|     }, |     }, | ||||||
|  |     "node_modules/markdown-link-check/node_modules/commander": { | ||||||
|  |       "version": "14.0.1", | ||||||
|  |       "resolved": "https://registry.npmjs.org/commander/-/commander-14.0.1.tgz", | ||||||
|  |       "integrity": "sha512-2JkV3gUZUVrbNA+1sjBOYLsMZ5cEEl8GTFP2a4AVz5hvasAMCQ1D2l2le/cX+pV4N6ZU17zjUahLpIXRrnWL8A==", | ||||||
|  |       "dev": true, | ||||||
|  |       "license": "MIT", | ||||||
|  |       "engines": { | ||||||
|  |         "node": ">=20" | ||||||
|  |       } | ||||||
|  |     }, | ||||||
|     "node_modules/markdown-link-extractor": { |     "node_modules/markdown-link-extractor": { | ||||||
|       "version": "4.0.2", |       "version": "4.0.2", | ||||||
|       "resolved": "https://registry.npmjs.org/markdown-link-extractor/-/markdown-link-extractor-4.0.2.tgz", |       "resolved": "https://registry.npmjs.org/markdown-link-extractor/-/markdown-link-extractor-4.0.2.tgz", | ||||||
|   | |||||||
| @@ -9,6 +9,7 @@ | |||||||
|   ], |   ], | ||||||
|   "customManagers": [ |   "customManagers": [ | ||||||
|     { |     { | ||||||
|  |       "customType": "regex", | ||||||
|       "fileMatch": [ |       "fileMatch": [ | ||||||
|         "^Chart\\.yaml$" |         "^Chart\\.yaml$" | ||||||
|       ], |       ], | ||||||
| @@ -21,7 +22,10 @@ | |||||||
|       "versioningTemplate": "semver" |       "versioningTemplate": "semver" | ||||||
|     }, |     }, | ||||||
|     { |     { | ||||||
|       "fileMatch": ["^README\\.md$"], |       "customType": "regex", | ||||||
|  |       "fileMatch": [ | ||||||
|  |         "^README\\.md$" | ||||||
|  |       ], | ||||||
|       "matchStrings": [ |       "matchStrings": [ | ||||||
|         "CHART_VERSION=(?<currentValue>.*)" |         "CHART_VERSION=(?<currentValue>.*)" | ||||||
|       ], |       ], | ||||||
| @@ -29,9 +33,47 @@ | |||||||
|       "packageNameTemplate": "https://git.cryptic.systems/volker.raschek/reposilite-charts", |       "packageNameTemplate": "https://git.cryptic.systems/volker.raschek/reposilite-charts", | ||||||
|       "datasourceTemplate": "git-tags", |       "datasourceTemplate": "git-tags", | ||||||
|       "versioningTemplate": "semver" |       "versioningTemplate": "semver" | ||||||
|  |     }, | ||||||
|  |     { | ||||||
|  |       "customType": "regex", | ||||||
|  |       "datasourceTemplate": "github-releases", | ||||||
|  |       "fileMatch": [ | ||||||
|  |         ".vscode/settings\\.json$" | ||||||
|  |       ], | ||||||
|  |       "matchStrings": [ | ||||||
|  |         "https:\\/\\/raw\\.githubusercontent\\.com\\/(?<depName>[^\\s]+?)\\/(?<currentValue>v[0-9.]+?)\\/schema\\/helm-testsuite\\.json" | ||||||
|  |       ] | ||||||
|     } |     } | ||||||
|   ], |   ], | ||||||
|   "packageRules": [ |   "packageRules": [ | ||||||
|  |     { | ||||||
|  |       "groupName": "Update docker.io/volkerraschek/helm", | ||||||
|  |       "matchDepNames": [ | ||||||
|  |         "docker.io/volkerraschek/helm", | ||||||
|  |         "volkerraschek/helm" | ||||||
|  |       ] | ||||||
|  |     }, | ||||||
|  |     { | ||||||
|  |       "automerge": true, | ||||||
|  |       "groupName": "Update helm plugin 'unittest'", | ||||||
|  |       "matchDepNames": [ | ||||||
|  |         "helm-unittest/helm-unittest" | ||||||
|  |       ], | ||||||
|  |       "matchDatasources": [ | ||||||
|  |         "github-releases" | ||||||
|  |       ], | ||||||
|  |       "matchUpdateTypes": [ | ||||||
|  |         "minor", | ||||||
|  |         "patch" | ||||||
|  |       ] | ||||||
|  |     }, | ||||||
|  |     { | ||||||
|  |       "groupName": "Update docker.io/library/node", | ||||||
|  |       "matchDepNames": [ | ||||||
|  |         "docker.io/library/node", | ||||||
|  |         "library/node" | ||||||
|  |       ] | ||||||
|  |     }, | ||||||
|     { |     { | ||||||
|       "addLabels": [ |       "addLabels": [ | ||||||
|         "renovate/automerge", |         "renovate/automerge", | ||||||
| @@ -64,5 +106,16 @@ | |||||||
|         "patch" |         "patch" | ||||||
|       ] |       ] | ||||||
|     } |     } | ||||||
|   ] |   ], | ||||||
|  |   "postUpgradeTasks": { | ||||||
|  |     "commands": [ | ||||||
|  |       "install-tool node", | ||||||
|  |       "make readme" | ||||||
|  |     ], | ||||||
|  |     "fileFilters": [ | ||||||
|  |       "README.md", | ||||||
|  |       "values.yaml" | ||||||
|  |     ], | ||||||
|  |     "executionMode": "update" | ||||||
|  |   } | ||||||
| } | } | ||||||
| @@ -27,8 +27,8 @@ | |||||||
| {{- end }} | {{- end }} | ||||||
|  |  | ||||||
| {{- if or (eq (include "reposilite.podMonitor.enabled" $ ) "true") (eq (include "reposilite.serviceMonitor.enabled" $ ) "true") -}} | {{- if or (eq (include "reposilite.podMonitor.enabled" $ ) "true") (eq (include "reposilite.serviceMonitor.enabled" $ ) "true") -}} | ||||||
| {{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_USER" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" "username")))) }} | {{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_USER" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" (include "reposilite.secrets.prometheusBasicAuth.usernameKey" $))))) }} | ||||||
| {{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_PASSWORD" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" "password")))) }} | {{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_PASSWORD" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" (include "reposilite.secrets.prometheusBasicAuth.passwordKey" $))))) }} | ||||||
| {{- end }} | {{- end }} | ||||||
|  |  | ||||||
| {{ toYaml (dict "env" $env) }} | {{ toYaml (dict "env" $env) }} | ||||||
|   | |||||||
| @@ -4,7 +4,7 @@ | |||||||
|  |  | ||||||
| {{- define "reposilite.pod.annotations" -}} | {{- define "reposilite.pod.annotations" -}} | ||||||
| {{ include "reposilite.annotations" . }} | {{ include "reposilite.annotations" . }} | ||||||
| {{- if .Values.prometheus.metrics.enabled -}} | {{- if and .Values.prometheus.metrics.enabled (not .Values.prometheus.metrics.secret.existing.enabled) -}} | ||||||
| {{- printf "checksum/secret-%s: %s" (include "reposilite.secrets.prometheusBasicAuth.name" $) (include (print $.Template.BasePath "/secretPrometheusBasicAuth.yaml") . | sha256sum) }} | {{- printf "checksum/secret-%s: %s" (include "reposilite.secrets.prometheusBasicAuth.name" $) (include (print $.Template.BasePath "/secretPrometheusBasicAuth.yaml") . | sha256sum) }} | ||||||
| {{- end -}} | {{- end -}} | ||||||
| {{- end }} | {{- end }} | ||||||
|   | |||||||
| @@ -4,16 +4,50 @@ | |||||||
|  |  | ||||||
| {{- define "reposilite.secrets.prometheusBasicAuth.annotations" -}} | {{- define "reposilite.secrets.prometheusBasicAuth.annotations" -}} | ||||||
| {{ include "reposilite.annotations" . }} | {{ include "reposilite.annotations" . }} | ||||||
|  | {{- if .Values.prometheus.metrics.secret.new.annotations }} | ||||||
|  | {{ toYaml .Values.prometheus.metrics.secret.new.annotations }} | ||||||
|  | {{- end }} | ||||||
| {{- end }} | {{- end }} | ||||||
|  |  | ||||||
| {{/* labels */}} | {{/* labels */}} | ||||||
|  |  | ||||||
| {{- define "reposilite.secrets.prometheusBasicAuth.labels" -}} | {{- define "reposilite.secrets.prometheusBasicAuth.labels" -}} | ||||||
| {{ include "reposilite.labels" . }} | {{ include "reposilite.labels" . }} | ||||||
|  | {{- if .Values.prometheus.metrics.secret.new.labels }} | ||||||
|  | {{ toYaml .Values.prometheus.metrics.secret.new.labels }} | ||||||
|  | {{- end }} | ||||||
| {{- end }} | {{- end }} | ||||||
|  |  | ||||||
| {{/* names */}} | {{/* names */}} | ||||||
|  |  | ||||||
| {{- define "reposilite.secrets.prometheusBasicAuth.name" -}} | {{- define "reposilite.secrets.prometheusBasicAuth.name" -}} | ||||||
| {{ include "reposilite.fullname" . }}-basic-auth-credentials | {{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.secretName) 0) }} | ||||||
| {{- end -}} | {{- print .Values.prometheus.metrics.secret.existing.secretName -}} | ||||||
|  | {{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.secretName) 0) }} | ||||||
|  | {{ fail "Name of the existing secret that contains the credentials for basic auth is not defined!" }} | ||||||
|  | {{- else if not .Values.prometheus.metrics.secret.existing.enabled }} | ||||||
|  | {{- printf "%s-basic-auth-credentials" (include "reposilite.fullname" $) -}} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* secretKeyNames */}} | ||||||
|  |  | ||||||
|  | {{- define "reposilite.secrets.prometheusBasicAuth.passwordKey" -}} | ||||||
|  | {{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey) 0) -}} | ||||||
|  | {{- .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey -}} | ||||||
|  | {{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey) 0) }} | ||||||
|  | {{ fail "Name of the key in the secret that contains the password for basic auth is not defined!" }} | ||||||
|  | {{- else if and (not .Values.prometheus.metrics.secret.existing.enabled) }} | ||||||
|  | {{- print "password" -}} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- define "reposilite.secrets.prometheusBasicAuth.usernameKey" -}} | ||||||
|  | {{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey) 0) -}} | ||||||
|  | {{- .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey -}} | ||||||
|  | {{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey) 0) }} | ||||||
|  | {{ fail "Name of the key in the secret that contains the username for basic auth is not defined!" }} | ||||||
|  | {{- else if and (not .Values.prometheus.metrics.secret.existing.enabled) }} | ||||||
|  | {{- print "username" -}} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|   | |||||||
| @@ -17,10 +17,10 @@ spec: | |||||||
|   podMetricsEndpoints: |   podMetricsEndpoints: | ||||||
|   - basicAuth: |   - basicAuth: | ||||||
|       password: |       password: | ||||||
|         key: password |         key: {{ include "reposilite.secrets.prometheusBasicAuth.passwordKey" . }} | ||||||
|         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} |         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} | ||||||
|       username: |       username: | ||||||
|         key: username |         key: {{ include "reposilite.secrets.prometheusBasicAuth.usernameKey" . }} | ||||||
|         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} |         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} | ||||||
|     enableHttp2: {{ required "The enableHttp2 option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.enableHttp2 }} |     enableHttp2: {{ required "The enableHttp2 option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.enableHttp2 }} | ||||||
|     followRedirects: {{ required "The followRedirects option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.followRedirects }} |     followRedirects: {{ required "The followRedirects option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.followRedirects }} | ||||||
|   | |||||||
| @@ -1,4 +1,4 @@ | |||||||
| {{- if .Values.prometheus.metrics.enabled }} | {{- if and .Values.prometheus.metrics.enabled (not .Values.prometheus.metrics.secret.existing.enabled) }} | ||||||
| --- | --- | ||||||
| apiVersion: v1 | apiVersion: v1 | ||||||
| kind: Secret | kind: Secret | ||||||
| @@ -14,6 +14,6 @@ metadata: | |||||||
|   name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} |   name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} | ||||||
|   namespace: {{ .Release.Namespace }} |   namespace: {{ .Release.Namespace }} | ||||||
| stringData: | stringData: | ||||||
|   password: {{ default (randAlphaNum 16) .Values.prometheus.metrics.basicAuthPassword }} |   password: {{ required "Password for basic auth is required!" .Values.prometheus.metrics.secret.new.basicAuthPassword }} | ||||||
|   username: {{ default (randAlphaNum 16) .Values.prometheus.metrics.basicAuthUsername }} |   username: {{ required "Username for basic auth is required!" .Values.prometheus.metrics.secret.new.basicAuthUsername }} | ||||||
| {{- end }} | {{- end }} | ||||||
|   | |||||||
| @@ -17,10 +17,10 @@ spec: | |||||||
|   endpoints: |   endpoints: | ||||||
|   - basicAuth: |   - basicAuth: | ||||||
|       password: |       password: | ||||||
|         key: password |         key: {{ include "reposilite.secrets.prometheusBasicAuth.passwordKey" . }} | ||||||
|         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} |         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} | ||||||
|       username: |       username: | ||||||
|         key: username |         key: {{ include "reposilite.secrets.prometheusBasicAuth.usernameKey" . }} | ||||||
|         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} |         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} | ||||||
|     enableHttp2: {{ required "The enableHttp2 option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.enableHttp2 }} |     enableHttp2: {{ required "The enableHttp2 option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.enableHttp2 }} | ||||||
|     followRedirects: {{ required "The followRedirects option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.followRedirects }} |     followRedirects: {{ required "The followRedirects option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.followRedirects }} | ||||||
|   | |||||||
| @@ -13,6 +13,8 @@ tests: | |||||||
|   set: |   set: | ||||||
|     prometheus.metrics.enabled: true |     prometheus.metrics.enabled: true | ||||||
|     prometheus.metrics.podMonitor.enabled: true |     prometheus.metrics.podMonitor.enabled: true | ||||||
|  |     prometheus.metrics.secret.new.basicAuthPassword: "my-password" | ||||||
|  |     prometheus.metrics.secret.new.basicAuthUsername: "my-username" | ||||||
|   asserts: |   asserts: | ||||||
|   - exists: |   - exists: | ||||||
|       path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials |       path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials | ||||||
| @@ -35,3 +37,73 @@ tests: | |||||||
|             name: reposilite-unittest-basic-auth-credentials |             name: reposilite-unittest-basic-auth-credentials | ||||||
|             key: username |             key: username | ||||||
|     template: templates/deployment.yaml |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Rendering default environment variables with enabled prometheus metrics serviceMonitor and external secret | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: my-username-key | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: my-password-key | ||||||
|  |     prometheus.metrics.secret.existing.secretName: my-secret | ||||||
|  |     prometheus.metrics.podMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.containers[0].env | ||||||
|  |       content: | ||||||
|  |         name: REPOSILITE_PROMETHEUS_PASSWORD | ||||||
|  |         valueFrom: | ||||||
|  |           secretKeyRef: | ||||||
|  |             name: my-secret | ||||||
|  |             key: my-password-key | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.containers[0].env | ||||||
|  |       content: | ||||||
|  |         name: REPOSILITE_PROMETHEUS_USER | ||||||
|  |         valueFrom: | ||||||
|  |           secretKeyRef: | ||||||
|  |             name: my-secret | ||||||
|  |             key: my-username-key | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Fail when existing secret name is undefined | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key" | ||||||
|  |     prometheus.metrics.secret.existing.secretName: "" | ||||||
|  |     prometheus.metrics.podMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: "Name of the existing secret that contains the credentials for basic auth is not defined!" | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Fail when the name of the key in the secret that contains the username for basic auth is undefined | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: "" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key" | ||||||
|  |     prometheus.metrics.secret.existing.secretName: "my-secret" | ||||||
|  |     prometheus.metrics.podMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: "Name of the key in the secret that contains the username for basic auth is not defined!" | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Fail when the name of the key in the secret that contains the password for basic auth is undefined | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: "" | ||||||
|  |     prometheus.metrics.secret.existing.secretName: "my-secret" | ||||||
|  |     prometheus.metrics.podMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: "Name of the key in the secret that contains the password for basic auth is not defined!" | ||||||
|  |     template: templates/deployment.yaml | ||||||
							
								
								
									
										109
									
								
								unittests/deployment/prometheusServiceMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										109
									
								
								unittests/deployment/prometheusServiceMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,109 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Add prometheus basic auth variables | ||||||
|  | release: | ||||||
|  |   name: reposilite-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/deployment.yaml | ||||||
|  | - templates/secretPrometheusBasicAuth.yaml | ||||||
|  | tests: | ||||||
|  | - it: Rendering default environment variables with enabled prometheus metrics serviceMonitor | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |     prometheus.metrics.secret.new.basicAuthPassword: "my-password" | ||||||
|  |     prometheus.metrics.secret.new.basicAuthUsername: "my-username" | ||||||
|  |   asserts: | ||||||
|  |   - exists: | ||||||
|  |       path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.containers[0].env | ||||||
|  |       content: | ||||||
|  |         name: REPOSILITE_PROMETHEUS_PASSWORD | ||||||
|  |         valueFrom: | ||||||
|  |           secretKeyRef: | ||||||
|  |             name: reposilite-unittest-basic-auth-credentials | ||||||
|  |             key: password | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.containers[0].env | ||||||
|  |       content: | ||||||
|  |         name: REPOSILITE_PROMETHEUS_USER | ||||||
|  |         valueFrom: | ||||||
|  |           secretKeyRef: | ||||||
|  |             name: reposilite-unittest-basic-auth-credentials | ||||||
|  |             key: username | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Rendering default environment variables with enabled prometheus metrics serviceMonitor and external secret | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: my-username-key | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: my-password-key | ||||||
|  |     prometheus.metrics.secret.existing.secretName: my-secret | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.containers[0].env | ||||||
|  |       content: | ||||||
|  |         name: REPOSILITE_PROMETHEUS_PASSWORD | ||||||
|  |         valueFrom: | ||||||
|  |           secretKeyRef: | ||||||
|  |             name: my-secret | ||||||
|  |             key: my-password-key | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.containers[0].env | ||||||
|  |       content: | ||||||
|  |         name: REPOSILITE_PROMETHEUS_USER | ||||||
|  |         valueFrom: | ||||||
|  |           secretKeyRef: | ||||||
|  |             name: my-secret | ||||||
|  |             key: my-username-key | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Fail when existing secret name is undefined | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key" | ||||||
|  |     prometheus.metrics.secret.existing.secretName: "" | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: "Name of the existing secret that contains the credentials for basic auth is not defined!" | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Fail when the name of the key in the secret that contains the username for basic auth is undefined | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: "" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key" | ||||||
|  |     prometheus.metrics.secret.existing.secretName: "my-secret" | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: "Name of the key in the secret that contains the username for basic auth is not defined!" | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Fail when the name of the key in the secret that contains the password for basic auth is undefined | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: "" | ||||||
|  |     prometheus.metrics.secret.existing.secretName: "my-secret" | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: "Name of the key in the secret that contains the password for basic auth is not defined!" | ||||||
|  |     template: templates/deployment.yaml | ||||||
							
								
								
									
										98
									
								
								unittests/secrets/basicAuth.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										98
									
								
								unittests/secrets/basicAuth.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,98 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Secret reposilite template | ||||||
|  | release: | ||||||
|  |   name: reposilite-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/secretPrometheusBasicAuth.yaml | ||||||
|  | tests: | ||||||
|  | - it: Skip rendering | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Throw error for missing basic auth password | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     # prometheus.metrics.secret.new.basicAuthPassword: "my-password" | ||||||
|  |     prometheus.metrics.secret.new.basicAuthUsername: "my-username" | ||||||
|  |   asserts: | ||||||
|  |     - failedTemplate: | ||||||
|  |         errorMessage: "Password for basic auth is required!" | ||||||
|  |  | ||||||
|  | - it: Throw error for missing basic auth username | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.new.basicAuthPassword: "my-password" | ||||||
|  |     # prometheus.metrics.secret.new.basicAuthUsername: "my-username" | ||||||
|  |   asserts: | ||||||
|  |     - failedTemplate: | ||||||
|  |         errorMessage: "Username for basic auth is required!" | ||||||
|  |  | ||||||
|  | - it: Rendering secret with default values. | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.new.basicAuthPassword: "my-password" | ||||||
|  |     prometheus.metrics.secret.new.basicAuthUsername: "my-username" | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: v1 | ||||||
|  |       kind: Secret | ||||||
|  |       name: reposilite-unittest-basic-auth-credentials | ||||||
|  |       namespace: testing | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: reposilite-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: reposilite | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: reposilite-0.1.0 | ||||||
|  |   - exists: | ||||||
|  |       path: stringData.password | ||||||
|  |   - exists: | ||||||
|  |       path: stringData.username | ||||||
|  |  | ||||||
|  | - it: Rendering secret with custom values. | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.new.basicAuthPassword: foo | ||||||
|  |     prometheus.metrics.secret.new.basicAuthUsername: bar | ||||||
|  |     prometheus.metrics.secret.new.annotations: | ||||||
|  |       foo: bar | ||||||
|  |     prometheus.metrics.secret.new.labels: | ||||||
|  |       bar: foo | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - isSubset: | ||||||
|  |       path: metadata.annotations | ||||||
|  |       content: | ||||||
|  |         foo: bar | ||||||
|  |   - isSubset: | ||||||
|  |       path: metadata.labels | ||||||
|  |       content: | ||||||
|  |         bar: foo | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.name | ||||||
|  |       value: reposilite-unittest-basic-auth-credentials | ||||||
|  |   - equal: | ||||||
|  |       path: stringData.password | ||||||
|  |       value: foo | ||||||
|  |   - equal: | ||||||
|  |       path: stringData.username | ||||||
|  |       value: bar | ||||||
|  |  | ||||||
|  | - it: Skip rendering if existing secret is used | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
| @@ -53,13 +53,13 @@ tests: | |||||||
|   asserts: |   asserts: | ||||||
|   - hasDocuments: |   - hasDocuments: | ||||||
|       count: 1 |       count: 1 | ||||||
|   - exists: |   - isSubset: | ||||||
|       path: metadata.annotations |       path: metadata.annotations | ||||||
|       value: |       content: | ||||||
|         foo: bar |         foo: bar | ||||||
|   - exists: |   - isSubset: | ||||||
|       path: metadata.labels |       path: metadata.labels | ||||||
|       value: |       content: | ||||||
|         bar: foo |         bar: foo | ||||||
|   - equal: |   - equal: | ||||||
|       path: metadata.name |       path: metadata.name | ||||||
|   | |||||||
| @@ -129,6 +129,10 @@ tests: | |||||||
| - it: Change defaults | - it: Change defaults | ||||||
|   set: |   set: | ||||||
|     prometheus.metrics.enabled: true |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.secretName: "my-secret" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key" | ||||||
|     prometheus.metrics.serviceMonitor.enabled: true |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|     prometheus.metrics.serviceMonitor.enableHttp2: false |     prometheus.metrics.serviceMonitor.enableHttp2: false | ||||||
|     prometheus.metrics.serviceMonitor.followRedirects: true |     prometheus.metrics.serviceMonitor.followRedirects: true | ||||||
| @@ -147,6 +151,15 @@ tests: | |||||||
|   asserts: |   asserts: | ||||||
|   - hasDocuments: |   - hasDocuments: | ||||||
|       count: 1 |       count: 1 | ||||||
|  |   - isSubset: | ||||||
|  |       path: spec.endpoints[0].basicAuth | ||||||
|  |       content: | ||||||
|  |         password: | ||||||
|  |           key: my-password-key | ||||||
|  |           name: my-secret | ||||||
|  |         username: | ||||||
|  |           key: my-username-key | ||||||
|  |           name: my-secret | ||||||
|   - equal: |   - equal: | ||||||
|       path: spec.endpoints[0].enableHttp2 |       path: spec.endpoints[0].enableHttp2 | ||||||
|       value: false |       value: false | ||||||
|   | |||||||
| @@ -92,7 +92,7 @@ tests: | |||||||
|     service.scheme: "" |     service.scheme: "" | ||||||
|   asserts: |   asserts: | ||||||
|   - failedTemplate: |   - failedTemplate: | ||||||
|     errorMessage: No service scheme defined! |       errorMessage: The scheme of the serviceMonitor is not defined! | ||||||
|  |  | ||||||
| - it: Require sessionAffinity. | - it: Require sessionAffinity. | ||||||
|   set: |   set: | ||||||
|   | |||||||
							
								
								
									
										23
									
								
								values.yaml
									
									
									
									
									
								
							
							
						
						
									
										23
									
								
								values.yaml
									
									
									
									
									
								
							| @@ -396,11 +396,28 @@ persistentVolumeClaim: | |||||||
|  |  | ||||||
| ## @section Prometheus | ## @section Prometheus | ||||||
| prometheus: | prometheus: | ||||||
|   ## @param prometheus.metrics.enabled Enable of scraping metrics by Prometheus. |  | ||||||
|   ## @param prometheus.metrics.basicAuthUsername Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string. |  | ||||||
|   ## @param prometheus.metrics.basicAuthPassword Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string. |  | ||||||
|   metrics: |   metrics: | ||||||
|  |     ## @param prometheus.metrics.enabled Enable of scraping metrics by Prometheus. | ||||||
|     enabled: false |     enabled: false | ||||||
|  |  | ||||||
|  |     secret: | ||||||
|  |       ## @param prometheus.metrics.secret.existing.enabled Use an existing secret containing the basic auth credentials. | ||||||
|  |       ## @param prometheus.metrics.secret.existing.secretName Name of the secret containing the basic auth credentials. | ||||||
|  |       ## @param prometheus.metrics.secret.existing.basicAuthUsernameKey Name of the key in the secret that contains the username for basic auth. | ||||||
|  |       ## @param prometheus.metrics.secret.existing.basicAuthPasswordKey Name of the key in the secret that contains the password for basic auth. | ||||||
|  |       existing: | ||||||
|  |         enabled: false | ||||||
|  |         secretName: "" | ||||||
|  |         basicAuthUsernameKey: "" | ||||||
|  |         basicAuthPasswordKey: "" | ||||||
|  |  | ||||||
|  |       ## @param prometheus.metrics.secret.new.annotations Additional secret annotations. | ||||||
|  |       ## @param prometheus.metrics.secret.new.labels Additional secret labels. | ||||||
|  |       ## @param prometheus.metrics.secret.new.basicAuthUsername Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string. | ||||||
|  |       ## @param prometheus.metrics.secret.new.basicAuthPassword Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string. | ||||||
|  |       new: | ||||||
|  |         annotations: {} | ||||||
|  |         labels: {} | ||||||
|         basicAuthUsername: "" |         basicAuthUsername: "" | ||||||
|         basicAuthPassword: "" |         basicAuthPassword: "" | ||||||
|  |  | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user