support image registries with authentication
Based on spec in openstack-helm repo, support-OCI-image-registry-with-authentication-turned-on.rst Each Helm chart can configure an OCI image registry and credentials to use. A Kubernetes secret is then created with these info. Service Accounts then specify an imagePullSecret specifying the Secret with creds for the registry. Then any pod using one of these ServiceAccounts may pull images from an authenticated container registry. Change-Id: Iebda4c7a861aa13db921328776b20c14ba346269
This commit is contained in:
parent
381d066f01
commit
f31cfb2ef9
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v3.4.0
|
||||
description: OpenStack-Helm Calico
|
||||
name: calico
|
||||
version: 0.1.4
|
||||
version: 0.1.5
|
||||
home: https://github.com/projectcalico/calico
|
||||
icon: https://camo.githubusercontent.com/64c8b5ed6ac97553ae367348e8a59a24e2ed5bdc/687474703a2f2f646f63732e70726f6a65637463616c69636f2e6f72672f696d616765732f66656c69782e706e67
|
||||
sources:
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -166,6 +166,10 @@ dependencies:
|
|||
- endpoint: internal
|
||||
service: local_image_registry
|
||||
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
calico: calico-oci-image-registry
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
local_image_registry:
|
||||
|
@ -180,6 +184,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
calico:
|
||||
username: calico
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
etcd:
|
||||
auth:
|
||||
client:
|
||||
|
@ -572,4 +591,5 @@ manifests:
|
|||
job_calico_settings: true
|
||||
service_calico_etcd: true
|
||||
secret_certificates: true
|
||||
secret_registry: true
|
||||
...
|
||||
|
|
|
@ -15,6 +15,6 @@ apiVersion: v1
|
|||
appVersion: v1.0.0
|
||||
description: OpenStack-Helm Ceph Client
|
||||
name: ceph-client
|
||||
version: 0.1.36
|
||||
version: 0.1.37
|
||||
home: https://github.com/ceph/ceph-client
|
||||
...
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -188,6 +188,8 @@ secrets:
|
|||
rgw: ceph-bootstrap-rgw-keyring
|
||||
mgr: ceph-bootstrap-mgr-keyring
|
||||
admin: ceph-client-admin-keyring
|
||||
oci_image_registry:
|
||||
ceph-client: ceph-client-oci-image-registry
|
||||
|
||||
network:
|
||||
public: 192.168.0.0/16
|
||||
|
@ -517,6 +519,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
ceph-client:
|
||||
username: ceph-client
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
ceph_mon:
|
||||
namespace: null
|
||||
hosts:
|
||||
|
@ -564,4 +581,5 @@ manifests:
|
|||
helm_tests: true
|
||||
cronjob_checkPGs: true
|
||||
cronjob_defragosds: true
|
||||
secret_registry: true
|
||||
...
|
||||
|
|
|
@ -15,6 +15,6 @@ apiVersion: v1
|
|||
appVersion: v1.0.0
|
||||
description: OpenStack-Helm Ceph Mon
|
||||
name: ceph-mon
|
||||
version: 0.1.25
|
||||
version: 0.1.26
|
||||
home: https://github.com/ceph/ceph
|
||||
...
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -215,6 +215,8 @@ secrets:
|
|||
osd: ceph-bootstrap-osd-keyring
|
||||
mgr: ceph-bootstrap-mgr-keyring
|
||||
admin: ceph-client-admin-keyring
|
||||
oci_image_registry:
|
||||
ceph-mon: ceph-mon-oci-image-registry-key
|
||||
|
||||
network:
|
||||
public: 192.168.0.0/16
|
||||
|
@ -424,6 +426,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
ceph-mon:
|
||||
username: ceph-mon
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
ceph_mon:
|
||||
namespace: null
|
||||
hosts:
|
||||
|
@ -473,4 +490,5 @@ manifests:
|
|||
service_mgr: true
|
||||
service_mon_discovery: true
|
||||
job_storage_admin_keys: true
|
||||
secret_registry: true
|
||||
...
|
||||
|
|
|
@ -15,6 +15,6 @@ apiVersion: v1
|
|||
appVersion: v1.0.0
|
||||
description: OpenStack-Helm Ceph OSD
|
||||
name: ceph-osd
|
||||
version: 0.1.41
|
||||
version: 0.1.42
|
||||
home: https://github.com/ceph/ceph
|
||||
...
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -142,6 +142,8 @@ secrets:
|
|||
keyrings:
|
||||
osd: ceph-bootstrap-osd-keyring
|
||||
admin: ceph-client-admin-keyring
|
||||
oci_image_registry:
|
||||
ceph-osd: ceph-osh-oci-image-registry-key
|
||||
|
||||
network:
|
||||
public: 192.168.0.0/16
|
||||
|
@ -373,6 +375,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
ceph-osd:
|
||||
username: ceph-osd
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
ceph_mon:
|
||||
namespace: null
|
||||
hosts:
|
||||
|
@ -395,4 +412,5 @@ manifests:
|
|||
job_post_apply: true
|
||||
job_image_repo_sync: true
|
||||
helm_tests: true
|
||||
secret_registry: true
|
||||
...
|
||||
|
|
|
@ -15,6 +15,6 @@ apiVersion: v1
|
|||
appVersion: v1.0.0
|
||||
description: OpenStack-Helm Ceph Provisioner
|
||||
name: ceph-provisioners
|
||||
version: 0.1.20
|
||||
version: 0.1.21
|
||||
home: https://github.com/ceph/ceph
|
||||
...
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -277,6 +277,8 @@ secrets:
|
|||
keyrings:
|
||||
admin: ceph-client-admin-keyring
|
||||
prov_adminSecretName: pvc-ceph-conf-combined-storageclass
|
||||
oci_image_registry:
|
||||
ceph-provisioners: ceph-provisioners-oci-image-registry-key
|
||||
|
||||
network:
|
||||
public: 192.168.0.0/16
|
||||
|
@ -431,6 +433,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
ceph-provisioners:
|
||||
username: ceph-provisioners
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
ceph_mon:
|
||||
namespace: null
|
||||
hosts:
|
||||
|
@ -462,4 +479,5 @@ manifests:
|
|||
job_namespace_client_ceph_config: true
|
||||
storageclass: true
|
||||
helm_tests: true
|
||||
secret_registry: true
|
||||
...
|
||||
|
|
|
@ -15,6 +15,6 @@ apiVersion: v1
|
|||
appVersion: v1.0.0
|
||||
description: OpenStack-Helm Ceph RadosGW
|
||||
name: ceph-rgw
|
||||
version: 0.1.22
|
||||
version: 0.1.23
|
||||
home: https://github.com/ceph/ceph
|
||||
...
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -259,6 +259,8 @@ secrets:
|
|||
admin: ceph-keystone-admin
|
||||
swift: ceph-keystone-user
|
||||
user_rgw: ceph-keystone-user-rgw
|
||||
oci_image_registry:
|
||||
ceph-rgw: ceph-rgw-oci-image-registry-key
|
||||
rgw_s3:
|
||||
admin: radosgw-s3-admin-creds
|
||||
tls:
|
||||
|
@ -548,6 +550,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
ceph-rgw:
|
||||
username: ceph-rgw
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
identity:
|
||||
name: keystone
|
||||
namespace: null
|
||||
|
@ -682,6 +699,7 @@ manifests:
|
|||
secret_keystone_rgw: true
|
||||
secret_ingress_tls: true
|
||||
secret_keystone: true
|
||||
secret_registry: true
|
||||
service_ingress_rgw: true
|
||||
service_rgw: true
|
||||
helm_tests: true
|
||||
|
|
|
@ -16,5 +16,5 @@ appVersion: "1.0"
|
|||
description: Rotate the certificates generated by cert-manager
|
||||
home: https://cert-manager.io/
|
||||
name: cert-rotation
|
||||
version: 0.1.5
|
||||
version: 0.1.6
|
||||
...
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -54,8 +54,29 @@ pod:
|
|||
dependencies:
|
||||
static:
|
||||
cert_rotate: null
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
cert-rotation: cert-rotation-oci-image-registry-key
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
cert-rotation:
|
||||
username: cert-rotation
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
manifests:
|
||||
configmap_bin: true
|
||||
cron_job_cert_rotate: false
|
||||
job_cert_rotate: false
|
||||
secret_registry: true
|
||||
...
|
||||
|
|
|
@ -15,6 +15,6 @@ apiVersion: v1
|
|||
appVersion: v1.0.0
|
||||
description: A Helm chart for DaemonjobController
|
||||
name: daemonjob-controller
|
||||
version: 0.1.5
|
||||
version: 0.1.6
|
||||
home: https://opendev.org/openstack
|
||||
...
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -67,6 +67,9 @@ pod:
|
|||
controller:
|
||||
runAsUser: 0
|
||||
readOnlyRootFilesystem: true
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
daemonjob-controller: daemonjob-controller-oci-image-registry-key
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
local_image_registry:
|
||||
|
@ -81,6 +84,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
daemonjob-controller:
|
||||
username: daemonjob-controller
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
daemonjob_controller:
|
||||
hosts:
|
||||
default: daemonjob-controller
|
||||
|
@ -112,5 +130,6 @@ manifests:
|
|||
crds_create: true
|
||||
job_image_repo_sync: true
|
||||
configmap_bin: true
|
||||
secret_registry: true
|
||||
service: true
|
||||
...
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v6.2.3
|
||||
description: OpenStack-Helm Elastic APM Server
|
||||
name: elastic-apm-server
|
||||
version: 0.1.3
|
||||
version: 0.1.4
|
||||
home: https://www.elastic.co/guide/en/apm/get-started/current/index.html
|
||||
sources:
|
||||
- https://github.com/elastic/apm-server
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -40,6 +40,8 @@ images:
|
|||
secrets:
|
||||
elasticsearch:
|
||||
user: elastic-apm-server-elasticsearch-user
|
||||
oci_image_registry:
|
||||
elastic-apm-server: elastic-apm-server-oci-image-registry
|
||||
|
||||
dependencies:
|
||||
dynamic:
|
||||
|
@ -84,6 +86,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
elastic-apm-server:
|
||||
username: elastic-apm-server
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
elasticsearch:
|
||||
namespace: null
|
||||
name: elasticsearch
|
||||
|
@ -163,4 +180,5 @@ manifests:
|
|||
service: true
|
||||
job_image_repo_sync: true
|
||||
secret_elasticsearch: true
|
||||
secret_registry: true
|
||||
...
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v7.1.0
|
||||
description: OpenStack-Helm Elastic Filebeat
|
||||
name: elastic-filebeat
|
||||
version: 0.1.3
|
||||
version: 0.1.4
|
||||
home: https://www.elastic.co/products/beats/filebeat
|
||||
sources:
|
||||
- https://github.com/elastic/beats/tree/master/filebeat
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -40,6 +40,8 @@ images:
|
|||
secrets:
|
||||
elasticsearch:
|
||||
user: filebeat-elasticsearch-user
|
||||
oci_image_registry:
|
||||
elastic-filebeat: elastic-filebeat-oci-image-registry-key
|
||||
|
||||
dependencies:
|
||||
dynamic:
|
||||
|
@ -167,6 +169,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
elastic-filebeat:
|
||||
username: elastic-filebeat
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
elasticsearch:
|
||||
namespace: null
|
||||
name: elasticsearch
|
||||
|
@ -264,4 +281,5 @@ manifests:
|
|||
daemonset: true
|
||||
job_image_repo_sync: true
|
||||
secret_elasticsearch: true
|
||||
secret_registry: true
|
||||
...
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v7.1.0
|
||||
description: OpenStack-Helm Elastic Metricbeat
|
||||
name: elastic-metricbeat
|
||||
version: 0.1.4
|
||||
version: 0.1.5
|
||||
home: https://www.elastic.co/products/beats/metricbeat
|
||||
sources:
|
||||
- https://github.com/elastic/beats/tree/master/metricbeat
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -40,6 +40,8 @@ images:
|
|||
secrets:
|
||||
elasticsearch:
|
||||
user: metricbeat-elasticsearch-user
|
||||
oci_image_registry:
|
||||
elastic-metricbeat: elastic-metricbeat-oci-image-registry-key
|
||||
|
||||
dependencies:
|
||||
dynamic:
|
||||
|
@ -163,6 +165,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
elastic-metricbeat:
|
||||
username: elastic-metricbeat
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
kube_state_metrics:
|
||||
namespace: null
|
||||
hosts:
|
||||
|
@ -263,4 +280,5 @@ manifests:
|
|||
deployment: true
|
||||
job_image_repo_sync: true
|
||||
secret_elasticsearch: true
|
||||
secret_registry: true
|
||||
...
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v7.1.0
|
||||
description: OpenStack-Helm Elastic Packetbeat
|
||||
name: elastic-packetbeat
|
||||
version: 0.1.3
|
||||
version: 0.1.4
|
||||
home: https://www.elastic.co/products/beats/packetbeat
|
||||
sources:
|
||||
- https://github.com/elastic/beats/tree/master/packetbeat
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -40,6 +40,8 @@ images:
|
|||
secrets:
|
||||
elasticsearch:
|
||||
user: packetbeat-elasticsearch-user
|
||||
oci_image_registry:
|
||||
elastic-packetbeat: elastic-packetbeat-oci-image-registry-key
|
||||
|
||||
dependencies:
|
||||
dynamic:
|
||||
|
@ -106,6 +108,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
elastic-packetbeat:
|
||||
username: elastic-packetbeat
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
elasticsearch:
|
||||
name: elasticsearch
|
||||
namespace: null
|
||||
|
@ -182,4 +199,5 @@ manifests:
|
|||
daemonset: true
|
||||
job_image_repo_sync: true
|
||||
secret_elasticsearch: true
|
||||
secret_registry: true
|
||||
...
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v7.6.2
|
||||
description: OpenStack-Helm ElasticSearch
|
||||
name: elasticsearch
|
||||
version: 0.2.20
|
||||
version: 0.2.21
|
||||
home: https://www.elastic.co/
|
||||
sources:
|
||||
- https://github.com/elastic/elasticsearch
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -422,6 +422,8 @@ secrets:
|
|||
elasticsearch: elasticsearch-s3-user-creds
|
||||
elasticsearch:
|
||||
user: elasticsearch-user-secrets
|
||||
oci_image_registry:
|
||||
elasticsearch: elasticsearch-oci-image-registry-key
|
||||
tls:
|
||||
elasticsearch:
|
||||
elasticsearch:
|
||||
|
@ -775,6 +777,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
elasticsearch:
|
||||
username: elasticsearch
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
elasticsearch:
|
||||
name: elasticsearch
|
||||
namespace: null
|
||||
|
@ -960,6 +977,7 @@ manifests:
|
|||
service_exporter: true
|
||||
network_policy: false
|
||||
secret_ingress_tls: true
|
||||
secret_registry: true
|
||||
service_data: true
|
||||
service_discovery: true
|
||||
service_ingress: true
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v3.4.3
|
||||
description: OpenStack-Helm etcd
|
||||
name: etcd
|
||||
version: 0.1.4
|
||||
version: 0.1.5
|
||||
home: https://coreos.com/etcd/
|
||||
icon: https://raw.githubusercontent.com/CloudCoreo/etcd-cluster/master/images/icon.png
|
||||
sources:
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -92,6 +92,10 @@ pod:
|
|||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
etcd: etcd-oci-image-registry-key
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
local_image_registry:
|
||||
|
@ -106,6 +110,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
etcd:
|
||||
username: etcd
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
etcd:
|
||||
name: etcd
|
||||
hosts:
|
||||
|
@ -124,5 +143,6 @@ manifests:
|
|||
configmap_bin: true
|
||||
deployment: true
|
||||
job_image_repo_sync: true
|
||||
secret_registry: true
|
||||
service: true
|
||||
...
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
name: falco
|
||||
version: 0.1.6
|
||||
version: 0.1.7
|
||||
appVersion: 0.11.1
|
||||
description: Sysdig Falco
|
||||
keywords:
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -23,6 +23,27 @@ images:
|
|||
- dep_check
|
||||
- image_repo_sync
|
||||
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
falco: falco-oci-image-registry-key
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
falco:
|
||||
username: falco
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
|
||||
pod:
|
||||
resources:
|
||||
|
@ -1361,4 +1382,5 @@ manifests:
|
|||
configmap_etc: true
|
||||
configmap_custom_rules: false
|
||||
configmap_bin: true
|
||||
secret_registry: true
|
||||
...
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v0.8.0
|
||||
description: OpenStack-Helm BootStrap Flannel
|
||||
name: flannel
|
||||
version: 0.1.3
|
||||
version: 0.1.4
|
||||
home: https://github.com/coreos/flannel
|
||||
icon: https://raw.githubusercontent.com/coreos/flannel/master/logos/flannel-horizontal-color.png
|
||||
sources:
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -63,6 +63,10 @@ dependencies:
|
|||
- endpoint: internal
|
||||
service: local_image_registry
|
||||
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
flannel: flannel-oci-image-registry-key
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
local_image_registry:
|
||||
|
@ -77,10 +81,26 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
flannel:
|
||||
username: flannel
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
|
||||
manifests:
|
||||
configmap_bin: true
|
||||
configmap_kube_flannel_cfg: true
|
||||
daemonset_kube_flannel_ds: true
|
||||
job_image_repo_sync: true
|
||||
secret_registry: true
|
||||
...
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v0.14.2
|
||||
description: OpenStack-Helm Fluentbit
|
||||
name: fluentbit
|
||||
version: 0.1.3
|
||||
version: 0.1.4
|
||||
home: https://www.fluentbit.io/
|
||||
sources:
|
||||
- https://github.com/fluent/fluentbit
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -173,6 +173,10 @@ conf:
|
|||
Time_Keep true
|
||||
Time_Key time
|
||||
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
fluentbit: fluentbit-oci-image-registry-key
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
local_image_registry:
|
||||
|
@ -187,6 +191,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
fluentbit:
|
||||
username: fluentbit
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
fluentd:
|
||||
namespace: null
|
||||
name: fluentd
|
||||
|
@ -254,4 +273,5 @@ manifests:
|
|||
configmap_etc: true
|
||||
daemonset_fluentbit: true
|
||||
job_image_repo_sync: true
|
||||
secret_registry: true
|
||||
...
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v1.10.1
|
||||
description: OpenStack-Helm Fluentd
|
||||
name: fluentd
|
||||
version: 0.1.7
|
||||
version: 0.1.8
|
||||
home: https://www.fluentd.org/
|
||||
sources:
|
||||
- https://github.com/fluent/fluentd
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -99,6 +99,11 @@ conf:
|
|||
user "#{ENV['ELASTICSEARCH_USERNAME']}"
|
||||
</match>
|
||||
</label>
|
||||
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
fluentd: fluentd-oci-image-registry-key
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
local_image_registry:
|
||||
|
@ -113,6 +118,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
fluentd:
|
||||
username: fluentd
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
elasticsearch:
|
||||
namespace: null
|
||||
name: elasticsearch
|
||||
|
@ -255,5 +275,6 @@ manifests:
|
|||
secret_elasticsearch: true
|
||||
secret_fluentd_env: true
|
||||
secret_kafka: false
|
||||
secret_registry: true
|
||||
service_fluentd: true
|
||||
...
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v7.4.5
|
||||
description: OpenStack-Helm Grafana
|
||||
name: grafana
|
||||
version: 0.1.14
|
||||
version: 0.1.15
|
||||
home: https://grafana.com/
|
||||
sources:
|
||||
- https://github.com/grafana/grafana
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -196,6 +196,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
grafana:
|
||||
username: grafana
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
oslo_db:
|
||||
namespace: null
|
||||
auth:
|
||||
|
@ -370,6 +385,8 @@ network_policy:
|
|||
- {}
|
||||
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
grafana: grafana-oci-image-registry-key
|
||||
oslo_db:
|
||||
admin: grafana-db-admin
|
||||
user: grafana-db-user
|
||||
|
@ -403,6 +420,7 @@ manifests:
|
|||
secret_admin_creds: true
|
||||
secret_ingress_tls: true
|
||||
secret_prom_creds: true
|
||||
secret_registry: true
|
||||
service: true
|
||||
service_ingress: true
|
||||
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v1.0.0
|
||||
description: OpenStack-Helm Helm-Toolkit
|
||||
name: helm-toolkit
|
||||
version: 0.2.43
|
||||
version: 0.2.44
|
||||
home: https://docs.openstack.org/openstack-helm
|
||||
icon: https://www.openstack.org/themes/openstack/images/project-mascots/OpenStack-Helm/OpenStack_Project_OpenStackHelm_vertical.png
|
||||
sources:
|
||||
|
|
|
@ -0,0 +1,93 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{/*
|
||||
abstract: |
|
||||
Creates a manifest for a authenticating a registry with a secret
|
||||
examples:
|
||||
- values: |
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
{{ $serviceName }}: {{ $keyName }}
|
||||
endpoints:
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
auth:
|
||||
enabled: true
|
||||
{{ $serviceName }}:
|
||||
name: {{ $userName }}
|
||||
password: {{ $password }}
|
||||
usage: |
|
||||
{{- include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) -}}
|
||||
return: |
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $secretName }}
|
||||
type: kubernetes.io/dockerconfigjson
|
||||
data:
|
||||
dockerconfigjson: {{ $dockerAuth }}
|
||||
|
||||
- values: |
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
{{ $serviceName }}: {{ $keyName }}
|
||||
endpoints:
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
auth:
|
||||
enabled: true
|
||||
{{ $serviceName }}:
|
||||
name: {{ $userName }}
|
||||
password: {{ $password }}
|
||||
usage: |
|
||||
{{- include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) -}}
|
||||
return: |
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $secretName }}
|
||||
type: kubernetes.io/dockerconfigjson
|
||||
data:
|
||||
dockerconfigjson: {{ $dockerAuth }}
|
||||
*/}}
|
||||
|
||||
{{- define "helm-toolkit.manifests.secret_registry" }}
|
||||
{{- $envAll := index . "envAll" }}
|
||||
{{- $registryUser := index . "registryUser" }}
|
||||
{{- $secretName := index $envAll.Values.secrets.oci_image_registry $registryUser }}
|
||||
{{- $registryHost := tuple "oci_image_registry" "internal" $envAll | include "helm-toolkit.endpoints.endpoint_host_lookup" }}
|
||||
{{/*
|
||||
We only use "host:port" when port is non-null, else just use "host"
|
||||
*/}}
|
||||
{{- $registryPort := "" }}
|
||||
{{- $port := $envAll.Values.endpoints.oci_image_registry.port.registry.default }}
|
||||
{{- if $port }}
|
||||
{{- $port = tuple "oci_image_registry" "internal" "registry" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
{{- $registryPort = printf ":%s" $port }}
|
||||
{{- end }}
|
||||
{{- $imageCredentials := index $envAll.Values.endpoints.oci_image_registry.auth $registryUser }}
|
||||
{{- $dockerAuthToken := printf "%s:%s" $imageCredentials.username $imageCredentials.password | b64enc }}
|
||||
{{- $dockerAuth := printf "{\"auths\": {\"%s%s\": {\"auth\": \"%s\"}}}" $registryHost $registryPort $dockerAuthToken | b64enc }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $secretName }}
|
||||
type: kubernetes.io/dockerconfigjson
|
||||
data:
|
||||
.dockerconfigjson: {{ $dockerAuth }}
|
||||
{{- end -}}
|
|
@ -42,6 +42,12 @@ kind: ServiceAccount
|
|||
metadata:
|
||||
name: {{ $saName }}
|
||||
namespace: {{ $saNamespace }}
|
||||
{{- if $envAll.Values.manifests.secret_registry }}
|
||||
{{- if $envAll.Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
imagePullSecrets:
|
||||
- name: {{ index $envAll.Values.secrets.oci_image_registry $envAll.Chart.Name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- range $k, $v := $deps -}}
|
||||
{{- if eq $k "services" }}
|
||||
{{- range $serv := $v }}
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v0.42.0
|
||||
description: OpenStack-Helm Ingress Controller
|
||||
name: ingress
|
||||
version: 0.2.8
|
||||
version: 0.2.9
|
||||
home: https://github.com/kubernetes/ingress
|
||||
sources:
|
||||
- https://github.com/kubernetes/ingress
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -204,6 +204,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
ingress:
|
||||
username: ingress
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
ingress:
|
||||
hosts:
|
||||
default: ingress
|
||||
|
@ -270,6 +285,8 @@ network_policy:
|
|||
- {}
|
||||
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
ingress: ingress-oci-image-registry-key
|
||||
tls:
|
||||
ingress:
|
||||
api:
|
||||
|
@ -333,4 +350,5 @@ manifests:
|
|||
prometheus:
|
||||
service_exporter: true
|
||||
network_policy: false
|
||||
secret_registry: true
|
||||
...
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v7.1.0
|
||||
description: OpenStack-Helm Kibana
|
||||
name: kibana
|
||||
version: 0.1.10
|
||||
version: 0.1.11
|
||||
home: https://www.elastic.co/products/kibana
|
||||
sources:
|
||||
- https://github.com/elastic/kibana
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -140,6 +140,8 @@ network_policy:
|
|||
secrets:
|
||||
elasticsearch:
|
||||
user: kibana-elasticsearch-user
|
||||
oci_image_registry:
|
||||
kibana: kibana-oci-image-registry-key
|
||||
tls:
|
||||
kibana:
|
||||
kibana:
|
||||
|
@ -330,6 +332,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
kibana:
|
||||
username: kibana
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
elasticsearch:
|
||||
name: elasticsearch
|
||||
namespace: null
|
||||
|
@ -421,6 +438,7 @@ manifests:
|
|||
network_policy: false
|
||||
secret_elasticsearch: true
|
||||
secret_ingress_tls: true
|
||||
secret_registry: true
|
||||
service: true
|
||||
service_ingress: true
|
||||
job_register_kibana_indexes: true
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v1.14.5
|
||||
description: OpenStack-Helm Kube-DNS
|
||||
name: kube-dns
|
||||
version: 0.1.4
|
||||
version: 0.1.5
|
||||
home: https://github.com/coreos/flannel
|
||||
icon: https://raw.githubusercontent.com/coreos/flannel/master/logos/flannel-horizontal-color.png
|
||||
sources:
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -22,4 +22,10 @@ metadata:
|
|||
labels:
|
||||
kubernetes.io/cluster-service: "true"
|
||||
addonmanager.kubernetes.io/mode: Reconcile
|
||||
{{- if $envAll.Values.manifests.secret_registry }}
|
||||
{{- if $envAll.Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
imagePullSecrets:
|
||||
- name: {{ index $envAll.Values.secrets.oci_image_registry $envAll.Chart.Name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end }}
|
||||
|
|
|
@ -66,6 +66,10 @@ dependencies:
|
|||
kube_dns:
|
||||
services: null
|
||||
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
kube-dns: kube-dns-oci-image-registry-key
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
local_image_registry:
|
||||
|
@ -80,12 +84,28 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
kube-dns:
|
||||
username: kube-dns
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
|
||||
manifests:
|
||||
configmap_bin: true
|
||||
configmap_kube_dns: true
|
||||
deployment_kube_dns: true
|
||||
job_image_repo_sync: true
|
||||
secret_registry: true
|
||||
service_kube_dns: true
|
||||
serviceaccount_kube_dns: true
|
||||
...
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v0.2.0
|
||||
description: OpenStack-Helm Kubernetes keystone webhook
|
||||
name: kubernetes-keystone-webhook
|
||||
version: 0.1.6
|
||||
version: 0.1.7
|
||||
home: https://github.com/kubernetes/cloud-provider-openstack
|
||||
sources:
|
||||
- https://opendev.org/openstack/openstack-helm-infra
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -478,9 +478,26 @@ secrets:
|
|||
admin: kubernetes-keystone-webhook-admin
|
||||
certificates:
|
||||
api: kubernetes-keystone-webhook-certs
|
||||
oci_image_registry:
|
||||
kubernetes-keystone-webhook: kubernetes-keystone-webhook-oci-image-registry-key
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
kubernetes-keystone-webhook:
|
||||
username: kubernetes-keystone-webhook
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
kubernetes:
|
||||
auth:
|
||||
api:
|
||||
|
@ -552,6 +569,7 @@ manifests:
|
|||
pod_test: true
|
||||
secret_certificates: true
|
||||
secret_keystone: true
|
||||
secret_registry: true
|
||||
service_ingress_api: true
|
||||
service: true
|
||||
...
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v1.0.0
|
||||
description: OpenStack-Helm Kubernetes Node Problem Detector
|
||||
name: kubernetes-node-problem-detector
|
||||
version: 0.1.6
|
||||
version: 0.1.7
|
||||
home: https://github.com/kubernetes/node-problem-detector
|
||||
sources:
|
||||
- https://github.com/kubernetes/node-problem-detector
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -35,6 +35,10 @@ labels:
|
|||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
kubernetes-node-problem-detector: kubernetes-node-problem-detector-oci-image-registry-key
|
||||
|
||||
pod:
|
||||
security_context:
|
||||
node_problem_detector:
|
||||
|
@ -135,6 +139,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
kubernetes-node-problem-detector:
|
||||
username: kubernetes-node-problem-detector
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
node_problem_detector:
|
||||
name: node-problem-detector
|
||||
namespace: null
|
||||
|
@ -153,6 +172,7 @@ manifests:
|
|||
configmap_etc: true
|
||||
daemonset: true
|
||||
job_image_repo_sync: true
|
||||
secret_registry: true
|
||||
service: false
|
||||
|
||||
conf:
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v1.2.0
|
||||
description: OpenStack-Helm LDAP
|
||||
name: ldap
|
||||
version: 0.1.3
|
||||
version: 0.1.4
|
||||
home: https://www.openldap.org/
|
||||
maintainers:
|
||||
- name: OpenStack-Helm Authors
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -137,6 +137,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
ldap:
|
||||
username: ldap
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
ldap:
|
||||
hosts:
|
||||
default: ldap
|
||||
|
@ -230,6 +245,8 @@ secrets:
|
|||
identity:
|
||||
admin: admin
|
||||
ldap: ldap
|
||||
oci_image_registry:
|
||||
ldap: ldap-oci-image-registry-key
|
||||
|
||||
openldap:
|
||||
domain: cluster.local
|
||||
|
@ -241,6 +258,7 @@ manifests:
|
|||
job_bootstrap: true
|
||||
job_image_repo_sync: true
|
||||
network_policy: false
|
||||
secret_registry: true
|
||||
statefulset: true
|
||||
service: true
|
||||
...
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v1.0.0
|
||||
description: OpenStack-Helm libvirt
|
||||
name: libvirt
|
||||
version: 0.1.12
|
||||
version: 0.1.13
|
||||
home: https://libvirt.org
|
||||
sources:
|
||||
- https://libvirt.org/git/?p=libvirt.git;a=summary
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -58,6 +58,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
libvirt:
|
||||
username: libvirt
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
libvirt_exporter:
|
||||
port:
|
||||
metrics:
|
||||
|
@ -237,8 +252,11 @@ manifests:
|
|||
daemonset_libvirt: true
|
||||
job_image_repo_sync: true
|
||||
network_policy: false
|
||||
secret_registry: true
|
||||
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
libvirt: libvirt-oci-image-registry-key
|
||||
tls:
|
||||
server: libvirt-tls-server
|
||||
client: libvirt-tls-client
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v10.2.31
|
||||
description: OpenStack-Helm MariaDB
|
||||
name: mariadb
|
||||
version: 0.2.25
|
||||
version: 0.2.26
|
||||
home: https://mariadb.com/kb/en/
|
||||
icon: http://badges.mariadb.org/mariadb-badge-180x60.png
|
||||
sources:
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -496,6 +496,8 @@ secrets:
|
|||
mariadb: mariadb-backup-user
|
||||
mariadb:
|
||||
backup_restore: mariadb-backup-restore
|
||||
oci_image_registry:
|
||||
mariadb: mariadb-oci-image-registry-key
|
||||
tls:
|
||||
oslo_db:
|
||||
server:
|
||||
|
@ -519,6 +521,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
mariadb:
|
||||
username: mariadb
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
monitoring:
|
||||
name: prometheus
|
||||
namespace: null
|
||||
|
@ -677,6 +694,7 @@ manifests:
|
|||
secret_dbaudit_password: true
|
||||
secret_backup_restore: false
|
||||
secret_etc: true
|
||||
secret_registry: true
|
||||
service_discovery: true
|
||||
service_ingress: true
|
||||
service_error: true
|
||||
|
|
|
@ -15,6 +15,6 @@ apiVersion: v1
|
|||
appVersion: v1.5.5
|
||||
description: OpenStack-Helm Memcached
|
||||
name: memcached
|
||||
version: 0.1.11
|
||||
version: 0.1.12
|
||||
home: https://github.com/memcached/memcached
|
||||
...
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -42,6 +42,10 @@ dependencies:
|
|||
- endpoint: internal
|
||||
service: local_image_registry
|
||||
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
memcached: memcached-oci-image-registry-key
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
local_image_registry:
|
||||
|
@ -56,6 +60,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
memcached:
|
||||
username: memcached
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
oslo_cache:
|
||||
namespace: null
|
||||
host_fqdn_override:
|
||||
|
@ -121,6 +140,7 @@ manifests:
|
|||
job_image_repo_sync: true
|
||||
network_policy: false
|
||||
service: true
|
||||
secret_registry: true
|
||||
|
||||
pod:
|
||||
security_context:
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v0.4.2
|
||||
description: A Helm chart for Metacontroller
|
||||
name: metacontroller
|
||||
version: 0.1.5
|
||||
version: 0.1.6
|
||||
home: https://metacontroller.app/
|
||||
keywords:
|
||||
- CRDs
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -81,6 +81,10 @@ pod:
|
|||
readOnlyRootFilesystem: true
|
||||
allowPrivilegeEscalation: false
|
||||
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
metacontroller: metacontroller-oci-image-registry-key
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
local_image_registry:
|
||||
|
@ -95,6 +99,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
metacontroller:
|
||||
username: metacontroller
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
metacontroller:
|
||||
hosts:
|
||||
default: metacontroller
|
||||
|
@ -105,6 +124,7 @@ endpoints:
|
|||
default: 8083
|
||||
|
||||
manifests:
|
||||
secret_registry: true
|
||||
service: true
|
||||
statefulset: true
|
||||
job_image_repo_sync: true
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v3.4.9
|
||||
description: OpenStack-Helm MongoDB
|
||||
name: mongodb
|
||||
version: 0.1.3
|
||||
version: 0.1.4
|
||||
home: https://www.mongodb.com
|
||||
sources:
|
||||
- https://github.com/mongodb/mongo
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -74,6 +74,10 @@ labels:
|
|||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
mongodb: mongodb-oci-image-registry-key
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
local_image_registry:
|
||||
|
@ -88,6 +92,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
mongodb:
|
||||
username: mongodb
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
mongodb:
|
||||
auth:
|
||||
admin:
|
||||
|
@ -124,6 +143,7 @@ manifests:
|
|||
configmap_bin: true
|
||||
job_image_repo_sync: true
|
||||
secret_db_root_creds: true
|
||||
secret_registry: true
|
||||
service: true
|
||||
statefulset: true
|
||||
...
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v1.0.0
|
||||
description: OpenStack-Helm Nagios
|
||||
name: nagios
|
||||
version: 0.1.5
|
||||
version: 0.1.6
|
||||
home: https://www.nagios.org
|
||||
sources:
|
||||
- https://opendev.org/openstack/openstack-helm-addons
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -63,6 +63,8 @@ dependencies:
|
|||
secrets:
|
||||
nagios:
|
||||
admin: nagios-admin-creds
|
||||
oci_image_registry:
|
||||
nagios: nagios-oci-image-registry-key
|
||||
tls:
|
||||
nagios:
|
||||
nagios:
|
||||
|
@ -82,6 +84,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
nagios:
|
||||
username: nagios
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
monitoring:
|
||||
name: prometheus
|
||||
auth:
|
||||
|
@ -295,6 +312,7 @@ manifests:
|
|||
pod_helm_test: true
|
||||
secret_nagios: true
|
||||
secret_ingress_tls: true
|
||||
secret_registry: true
|
||||
service: true
|
||||
service_ingress: true
|
||||
|
||||
|
|
|
@ -15,7 +15,7 @@ apiVersion: v1
|
|||
appVersion: v2.2.1
|
||||
description: OpenStack-Helm NFS
|
||||
name: nfs-provisioner
|
||||
version: 0.1.3
|
||||
version: 0.1.4
|
||||
home: https://github.com/kubernetes-incubator/external-storage
|
||||
sources:
|
||||
- https://github.com/kubernetes-incubator/external-storage
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
|
||||
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
|
||||
{{- end }}
|
|
@ -102,6 +102,10 @@ dependencies:
|
|||
nfs:
|
||||
services: null
|
||||
|
||||
secrets:
|
||||
oci_image_registry:
|
||||
nfs-provisioner: nfs-provisioner-oci-image-registry-key
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
local_image_registry:
|
||||
|
@ -116,6 +120,21 @@ endpoints:
|
|||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
oci_image_registry:
|
||||
name: oci-image-registry
|
||||
namespace: oci-image-registry
|
||||
auth:
|
||||
enabled: false
|
||||
nfs-provisioner:
|
||||
username: nfs-provisioner
|
||||
password: password
|
||||
hosts:
|
||||
default: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
default: null
|
||||
nfs:
|
||||
hosts:
|
||||
default: nfs-provisioner
|
||||
|
@ -131,6 +150,7 @@ manifests:
|
|||
configmap_bin: true
|
||||
deployment: true
|
||||
job_image_repo_sync: true
|
||||
secret_registry: true
|
||||
service: true
|
||||
storage_class: true
|
||||
volume_claim: true
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue