Commit 38314539 authored by konfiot's avatar konfiot

Ajout de sonarqube

parents
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
# OWNERS file for Kubernetes
OWNERS
appVersion: 6.7.3
description: Sonarqube is an open sourced code quality scanning tool
home: https://www.sonarqube.org/
icon: https://www.sonarqube.org/assets/logo-31ad3115b1b4b120f3d1efd63e6b13ac9f1f89437f0cf6881cc4d8b5603a52b4.svg
keywords:
- coverage
- security
- code
- quality
maintainers:
- email: rjkernick@gmail.com
name: rjkernick
name: sonarqube
sources:
- https://github.com/SonarSource/docker-sonarqube
version: 0.7.3
# SonarQube
[SonarQube](https://www.sonarqube.org/) is an open sourced code quality scanning tool.
## Introduction
This chart bootstraps a SonarQube instance with a PostgreSQL database.
## Prerequisites
- Kubernetes 1.6+
## Installing the chart:
To install the chart :
```bash
$ helm install stable/sonarqube
```
The above command deploys Sonarqube on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
The default login is admin/admin.
## Uninstalling the chart
To uninstall/delete the deployment:
```bash
$ helm list
NAME REVISION UPDATED STATUS CHART NAMESPACE
kindly-newt 1 Mon Oct 2 15:05:44 2017 DEPLOYED sonarqube-0.1.0 default
$ helm delete kindly-newt
```
## Configuration
The following table lists the configurable parameters of the Sonarqube chart and their default values.
| Parameter | Description | Default |
| ------------------------------------------ | ---------------------------------------- | -------------------------------------------|
| `image.repository` | image repository | `sonarqube` |
| `image.tag` | `sonarqube` image tag. | 6.5 |
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `ingress.enabled` | Flag for enabling ingress | false |
| `service.type` | Kubernetes service type | `LoadBalancer` |
| `service.annotations` | Kubernetes service annotations | None |
| `service.loadBalancerSourceRanges` | Kubernetes service LB Allowed inbound IP addresses | 0.0.0.0/0 |
| `service.loadBalancerIP` | Kubernetes service LB Optional fixed external IP | None |
| `persistence.enabled` | Flag for enabling persistent storage | false |
| `persistence.storageClass` | Storage class to be used | "-" |
| `persistence.accessMode` | Volumes access mode to be set | `ReadWriteOnce` |
| `persistence.size` | Size of the volume | `10Gi` |
| `sonarProperties` | Custom `sonar.properties` file | None |
| `database.type` |Set to "mysql" to use mysql database | `postgresql`|
| `postgresql.enabled` | Set to `false` to use external server / mysql database | `true` |
| `postgresql.postgresServer` | Hostname of the external Postgresql server| `null` |
| `postgresql.postgresUser` | Postgresql database user | `sonarUser` |
| `postgresql.postgresPassword` | Postgresql database password | `sonarPass` |
| `postgresql.postgresDatabase` | Postgresql database name | `sonarDB` |
| `postgresql.service.port` | Postgresql port | `5432` |
| `mysql.enabled` | Set to `false` to use external server / postgresql database | `false` |
| `mysql.mysqlServer` | Hostname of the external Mysql server | `null` |
| `mysql.mysqlUser` | Mysql database user | `sonarUser` |
| `mysql.mysqlPassword` | Mysql database password | `sonarPass` |
| `mysql.mysqlDatabase` | Mysql database name | `sonarDB` |
| `mysql.service.port` | Mysql port | `3306` |
| `resources` | Sonarqube Pod resource requests & limits | `{}` |
| `affinity` | Node / Pod affinities | `{}` |
| `nodeSelector` | Node labels for pod assignment | `{}` |
| `tolerations` | List of node taints to tolerate | `[]` |
| `plugins.install` | List of plugins to install | `[]` |
| `plugins.resources` | Plugin Pod resource requests & limits | `{}` |
You can also configure values for the PostgreSQL / MySQL database via the Postgresql [README.md](https://github.com/kubernetes/charts/blob/master/stable/postgresql/README.md) / MySQL [README.md](https://github.com/kubernetes/charts/blob/master/stable/mysql/README.md)
For overriding variables see: [Customizing the chart](https://docs.helm.sh/using_helm/#customizing-the-chart-before-installing)
appVersion: 5.7.14
description: Fast, reliable, scalable, and easy to use open-source relational database
system.
engine: gotpl
home: https://www.mysql.com/
icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png
keywords:
- mysql
- database
- sql
maintainers:
- email: viglesias@google.com
name: Vic Iglesias
name: mysql
sources:
- https://github.com/kubernetes/charts
- https://github.com/docker-library/mysql
version: 0.6.0
This diff is collapsed.
MySQL can be accessed via port 3306 on the following DNS name from within your cluster:
{{ template "mysql.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
To get your root password run:
MYSQL_ROOT_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "mysql.fullname" . }} -o jsonpath="{.data.mysql-root-password}" | base64 --decode; echo)
To connect to your database:
1. Run an Ubuntu pod that you can use as a client:
kubectl run -i --tty ubuntu --image=ubuntu:16.04 --restart=Never -- bash -il
2. Install the mysql client:
$ apt-get update && apt-get install mysql-client -y
3. Connect using the mysql cli, then provide your password:
$ mysql -h {{ template "mysql.fullname" . }} -p
To connect to your database directly from outside the K8s cluster:
{{- if contains "NodePort" .Values.service.type }}
MYSQL_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath='{.items[0].status.addresses[0].address}')
MYSQL_PORT=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "mysql.fullname" . }} -o jsonpath='{.spec.ports[0].nodePort}')
{{- else if contains "ClusterIP" .Values.service.type }}
MYSQL_HOST=127.0.0.1
MYSQL_PORT={{ default "3306" .Values.service.port }}
# Execute the following commands to route the connection:
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "mysql.fullname" . }}" -o jsonpath="{.items[0].metadata.name}")
kubectl port-forward $POD_NAME {{ default "3306" .Values.service.port }}:{{ default "3306" .Values.service.port }}
{{- end }}
mysql -h ${MYSQL_HOST} -P${MYSQL_PORT} -u root -p${MYSQL_ROOT_PASSWORD}
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "mysql.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "mysql.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- printf .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- if .Values.configurationFiles }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "mysql.fullname" . }}-configuration
data:
{{- range $key, $val := .Values.configurationFiles }}
{{ $key }}: |-
{{ $val | indent 4}}
{{- end }}
{{- end -}}
\ No newline at end of file
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "mysql.fullname" . }}
labels:
app: {{ template "mysql.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
template:
metadata:
labels:
app: {{ template "mysql.fullname" . }}
spec:
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
{{ toYaml .Values.imagePullSecrets | indent 8 }}
{{- end }}
initContainers:
- name: "remove-lost-found"
image: "busybox:1.25.0"
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
command: ["rm", "-fr", "/var/lib/mysql/lost+found"]
volumeMounts:
- name: data
mountPath: /var/lib/mysql
{{- if .Values.persistence.subPath }}
subPath: {{ .Values.persistence.subPath }}
{{- end }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end }}
containers:
- name: {{ template "mysql.fullname" . }}
image: "{{ .Values.image }}:{{ .Values.imageTag }}"
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
resources:
{{ toYaml .Values.resources | indent 10 }}
env:
{{- if .Values.mysqlAllowEmptyPassword }}
- name: MYSQL_ALLOW_EMPTY_PASSWORD
value: "true"
{{- else }}
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.fullname" . }}
key: mysql-root-password
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.fullname" . }}
key: mysql-password
{{- end }}
- name: MYSQL_USER
value: {{ default "" .Values.mysqlUser | quote }}
- name: MYSQL_DATABASE
value: {{ default "" .Values.mysqlDatabase | quote }}
ports:
- name: mysql
containerPort: 3306
livenessProbe:
exec:
command:
{{- if .Values.mysqlAllowEmptyPassword }}
- mysqladmin
- ping
{{- else }}
- sh
- -c
- "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}"
{{- end }}
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
readinessProbe:
exec:
command:
{{- if .Values.mysqlAllowEmptyPassword }}
- mysqladmin
- ping
{{- else }}
- sh
- -c
- "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}"
{{- end }}
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
volumeMounts:
- name: data
mountPath: /var/lib/mysql
{{- if .Values.persistence.subPath }}
subPath: {{ .Values.persistence.subPath }}
{{- end }}
{{- if .Values.configurationFiles }}
- name: configurations
mountPath: /etc/mysql/conf.d
{{- end }}
{{- if .Values.initializationFiles }}
- name: migrations
mountPath: /docker-entrypoint-initdb.d
{{- end }}
{{- if .Values.ssl.enabled }}
- name: certificates
mountPath: /ssl
{{- end }}
volumes:
{{- if .Values.configurationFiles }}
- name: configurations
configMap:
name: {{ template "mysql.fullname" . }}-configuration
{{- end }}
{{- if .Values.initializationFiles }}
- name: migrations
configMap:
name: {{ template "mysql.fullname" . }}-initialization
{{- end }}
{{- if .Values.ssl.enabled }}
- name: certificates
secret:
secretName: {{ .Values.ssl.secret }}
{{- end }}
- name: data
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim | default (include "mysql.fullname" .) }}
{{- else }}
emptyDir: {}
{{- end -}}
{{- if .Values.initializationFiles }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "mysql.fullname" . }}-initialization
data:
{{- range $key, $val := .Values.initializationFiles }}
{{ $key }}: |-
{{ $val | indent 4}}
{{- end }}
{{- end -}}
\ No newline at end of file
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ template "mysql.fullname" . }}
labels:
app: {{ template "mysql.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- if .Values.persistence.storageClass }}
{{- if (eq "-" .Values.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.persistence.storageClass }}"
{{- end }}
{{- end }}
{{- end }}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "mysql.fullname" . }}
labels:
app: {{ template "mysql.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
type: Opaque
data:
{{ if .Values.mysqlRootPassword }}
mysql-root-password: {{ .Values.mysqlRootPassword | b64enc | quote }}
{{ else }}
mysql-root-password: {{ randAlphaNum 10 | b64enc | quote }}
{{ end }}
{{ if .Values.mysqlPassword }}
mysql-password: {{ .Values.mysqlPassword | b64enc | quote }}
{{ else }}
mysql-password: {{ randAlphaNum 10 | b64enc | quote }}
{{ end }}
{{- if .Values.ssl.enabled }}
{{- range .Values.ssl.certificates }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ .name }}
labels:
app: {{ template "mysql.fullname" $ }}
chart: "{{ $.Chart.Name }}-{{ $.Chart.Version }}"
release: "{{ $.Release.Name }}"
heritage: "{{ $.Release.Service }}"
type: Opaque
data:
ca.pem: {{ .ca | b64enc }}
server-cert.pem: {{ .cert | b64enc }}
server-key.pem: {{ .key | b64enc }}
{{- end }}
{{- end }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "mysql.fullname" . }}
labels:
app: {{ template "mysql.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
type: {{ .Values.service.type }}
ports:
- name: mysql
port: {{ .Values.service.port }}
targetPort: mysql
{{- if .Values.service.nodePort }}
nodePort: {{ .Values.service.nodePort }}
{{- end }}
selector:
app: {{ template "mysql.fullname" . }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "mysql.fullname" . }}-test
labels:
app: {{ template "mysql.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
data:
run.sh: |-
{{- if .Values.ssl.enabled | and .Values.mysqlRootPassword }}
@test "Testing SSL MySQL Connection" {
mysql --host={{ template "mysql.fullname" . }} --port={{ .Values.service.port | default "3306" }} --ssl-cert=/ssl/server-cert.pem --ssl-key=ssl/server-key.pem -u root -p{{ .Values.mysqlRootPassword }}
}
{{- else if .Values.mysqlRootPassword }}
@test "Testing MySQL Connection" {
mysql --host={{ template "mysql.fullname" . }} --port={{ .Values.service.port | default "3306" }} -u root -p{{ .Values.mysqlRootPassword }}
}
{{- end }}
apiVersion: v1
kind: Pod
metadata:
name: {{ template "mysql.fullname" . }}-test
labels:
app: {{ template "mysql.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
annotations:
"helm.sh/hook": test-success
spec:
initContainers:
- name: test-framework
image: dduportal/bats:0.4.0
command:
- "bash"
- "-c"
- |
set -ex
# copy bats to tools dir
cp -R /usr/local/libexec/ /tools/bats/
volumeMounts:
- mountPath: /tools
name: tools
containers:
- name: {{ .Release.Name }}-test
image: "{{ .Values.image }}:{{ .Values.imageTag }}"
command: ["/tools/bats/bats", "-t", "/tests/run.sh"]
volumeMounts:
- mountPath: /tests
name: tests
readOnly: true
- mountPath: /tools
name: tools
{{- if .Values.ssl.enabled }}
- name: certificates
mountPath: /ssl
{{- end }}
volumes:
- name: tests
configMap:
name: {{ template "mysql.fullname" . }}-test
- name: tools
emptyDir: {}
{{- if .Values.ssl.enabled }}
- name: certificates
secret:
secretName: {{ .Values.ssl.secret }}
{{- end }}
restartPolicy: Never
## mysql image version
## ref: https://hub.docker.com/r/library/mysql/tags/
##
image: "mysql"
imageTag: "5.7.14"
## Specify password for root user
##
## Default: random 10 character string
# mysqlRootPassword: testing
## Create a database user
##
# mysqlUser:
## Default: random 10 character string
# mysqlPassword:
## Allow unauthenticated access, uncomment to enable
##
# mysqlAllowEmptyPassword: true
## Create a database
##
# mysqlDatabase:
## Specify an imagePullPolicy (Required)
## It's recommended to change this to 'Always' if the image tag is 'latest'
## ref: http://kubernetes.io/docs/user-guide/images/#updating-images
##
imagePullPolicy: IfNotPresent
# Optionally specify an array of imagePullSecrets.
# Secrets must be manually created in the namespace.
# ref: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
# imagePullSecrets:
# - name: myRegistryKeySecretName
## Node selector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
nodeSelector: {}
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
readinessProbe:
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
## Persist data to a persistent volume
persistence:
enabled: true
## database data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessMode: ReadWriteOnce
size: 8Gi
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
requests:
memory: 256Mi
cpu: 100m
# Custom mysql configuration files used to override default mysql settings
configurationFiles:
# mysql.cnf: |-
# [mysqld]
# skip-name-resolve
# ssl-ca=/ssl/ca.pem
# ssl-cert=/ssl/server-cert.pem
# ssl-key=/ssl/server-key.pem
# Custom mysql init SQL files used to initialize the database
initializationFiles:
# first-db.sql: |-
# CREATE DATABASE IF NOT EXISTS first DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
# second-db.sql: |-
# CREATE DATABASE IF NOT EXISTS second DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
## Configure the service
## ref: http://kubernetes.io/docs/user-guide/services/
service:
## Specify a service type
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services---service-types
type: ClusterIP
port: 3306
# nodePort: 32000
ssl:
enabled: false
secret: mysql-ssl-certs
certificates:
# - name: mysql-ssl-certs
# ca: |-
# -----BEGIN CERTIFICATE-----
# ...
# -----END CERTIFICATE-----
# cert: |-
# -----BEGIN CERTIFICATE-----
# ...
# -----END CERTIFICATE-----
# key: |-
# -----BEGIN RSA PRIVATE KEY-----
# ...
# -----END RSA PRIVATE KEY-----
description: Object-relational database management system (ORDBMS) with an emphasis
on extensibility and on standards-compliance.
engine: gotpl
home: https://www.postgresql.org/
icon: https://www.postgresql.org/media/img/about/press/elephant.png
keywords:
- postgresql
- postgres
- database
- sql
maintainers:
- name: swordbeta
- name: databus23
name: postgresql
sources:
- https://github.com/kubernetes/charts