Commit 697b0dc6 authored by Will JALLET's avatar Will JALLET 💸

update sonarqube, stash, vault operator

parent 92907370
Pipeline #4344 passed with stage
in 13 seconds
# Kubernetes-helm-state
Dépôt pour l'ensemble des chartes Helm déployées sur le cluster.
\ No newline at end of file
Dépôt pour l'ensemble des chartes Helm déployées sur le cluster.
## Notes : chartes à remplacer
* stash (appscode) a maintenant une charte officielle, celle de helm/charts/stable est deprecated
* kubedb idem
\ No newline at end of file
appVersion: 6.7.3
name: sonarqube
description: Sonarqube is an open sourced code quality scanning tool
version: 0.8.0
appVersion: 6.7.3
keywords:
- coverage
- security
- code
- quality
home: https://www.sonarqube.org/
icon: https://www.sonarqube.org/assets/logo-31ad3115b1b4b120f3d1efd63e6b13ac9f1f89437f0cf6881cc4d8b5603a52b4.svg
keywords:
- coverage
- security
- code
- quality
maintainers:
- email: rjkernick@gmail.com
name: rjkernick
name: sonarqube
sources:
- https://github.com/SonarSource/docker-sonarqube
version: 0.7.3
- https://github.com/SonarSource/docker-sonarqube
maintainers:
- name: rjkernick
email: rjkernick@gmail.com
approvers:
- rjkernick
reviewers:
- rjkernick
......@@ -42,6 +42,7 @@ The following table lists the configurable parameters of the Sonarqube chart and
| `image.repository` | image repository | `sonarqube` |
| `image.tag` | `sonarqube` image tag. | 6.5 |
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `image.pullSecret` | imagePullSecret to use for private repository | |
| `ingress.enabled` | Flag for enabling ingress | false |
| `service.type` | Kubernetes service type | `LoadBalancer` |
| `service.annotations` | Kubernetes service annotations | None |
......@@ -50,7 +51,7 @@ The following table lists the configurable parameters of the Sonarqube chart and
| `persistence.enabled` | Flag for enabling persistent storage | false |
| `persistence.storageClass` | Storage class to be used | "-" |
| `persistence.accessMode` | Volumes access mode to be set | `ReadWriteOnce` |
| `persistence.size` | Size of the volume | `10Gi` |
| `persistence.size` | Size of the volume | None |
| `sonarProperties` | Custom `sonar.properties` file | None |
| `database.type` |Set to "mysql" to use mysql database | `postgresql`|
| `postgresql.enabled` | Set to `false` to use external server / mysql database | `true` |
......
......@@ -52,6 +52,10 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 8 }}
{{- end }}
{{- end }}
{{- if .Values.image.pullSecret }}
imagePullSecrets:
- name: {{ .Values.image.pullSecret }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
......
......@@ -5,6 +5,8 @@ replicaCount: 1
image:
repository: sonarqube
tag: 6.7.3
# If using a private repository, the name of the imagePullSecret to use
# pullSecret: my-repo-secret
service:
name: sonarqube
type: LoadBalancer
......
apiVersion: v1
appVersion: 0.7.0
description: Stash by AppsCode - Backup your Kubernetes Volumes
# This chart is deprecated and moved to https://github.com/appscode/charts. For details deprecation,
# including how to un-deprecate a chart see the PROCESSES.md file.
deprecated: true
description: DEPRECATED Stash by AppsCode - Backup your Kubernetes Volumes
name: stash
version: 0.5.3
appVersion: 0.7.0-rc.1
home: https://github.com/appscode/stash
icon: https://cdn.appscode.com/images/icon/stash.png
maintainers:
- email: support@appscode.com
name: appscode
name: stash
sources:
- https://github.com/appscode/stash
version: 0.7.0
- https://github.com/appscode/stash
approvers:
- tamalsaha
reviewers:
- tamalsaha
**This chart is DEPRECATED and moved to https://github.com/appscode/charts**
# Stash
[Stash by AppsCode](https://github.com/appscode/stash) - Backup your Kubernetes Volumes
## TL;DR;
```console
$ helm repo add appscode https://charts.appscode.com/stable/
$ helm repo update
$ helm install appscode/stash
$ helm install stable/stash
```
## Introduction
......@@ -19,7 +19,7 @@ This chart bootstraps a [Stash controller](https://github.com/appscode/stash) de
## Installing the Chart
To install the chart with the release name `my-release`:
```console
$ helm install appscode/stash --name my-release
$ helm install stable/stash --name my-release
```
The command deploys Stash operator on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
......@@ -42,37 +42,35 @@ The following table lists the configurable parameters of the Stash chart and the
| Parameter | Description | Default |
| ----------------------------------- | ----------------------------------------------------------------- | ------------------ |
| `replicaCount` | Number of stash operator replicas to create (only 1 is supported) | `1` |
| `operator.registry` | Docker registry used to pull operator image | `appscode` |
| `operator.repository` | operator container image | `stash` |
| `operator.tag` | operator container image tag | `0.7.0` |
| `pushgateway.registry` | Docker registry used to pull Prometheus pushgateway image | `prom` |
| `pushgateway.repository` | Prometheus pushgateway container image | `pushgateway` |
| `replicaCount` | Number of Stash operator replicas to create (only 1 is supported) | `1` |
| `operator.image` | operator container image | `appscode/stash` |
| `operator.tag` | operator container image tag | `0.7.0-rc.1` |
| `operator.pullPolicy` | operator container image pull policy | `IfNotPresent` |
| `pushgateway.image` | Prometheus pushgateway container image | `prom/pushgateway` |
| `pushgateway.tag` | Prometheus pushgateway container image tag | `v0.4.0` |
| `imagePullPolicy` | container image pull policy | `IfNotPresent` |
| `pushgateway.pullPolicy` | Prometheus pushgateway container image pull policy | `IfNotPresent` |
| `criticalAddon` | If true, installs Stash operator as critical addon | `false` |
| `rbac.create` | If `true`, create and use RBAC resources | `true` |
| `serviceAccount.create` | If `true`, create a new service account | `true` |
| `serviceAccount.name` | Service account to be used. If not set and `serviceAccount.create` is `true`, a name is generated using the fullname template | `` |
| `apiserver.groupPriorityMinimum` | The minimum priority the group should have. | 10000 |
| `apiserver.versionPriority` | The ordering of this API inside of the group. | 15 |
| `apiserver.groupPriorityMinimum` | The minimum priority the group should have | 10000 |
| `apiserver.versionPriority` | The ordering of this API inside of the group | 15 |
| `apiserver.enableValidatingWebhook` | Enable validating webhooks for Stash CRDs | false |
| `apiserver.enableMutatingWebhook` | Enable mutating webhooks for Kubernetes workloads | false |
| `apiserver.ca` | CA certificate used by main Kubernetes api server | `` |
| `enableAnalytics` | Send usage events to Google Analytics | `true` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example:
```console
$ helm install --name my-release --set image.tag=v0.2.1 appscode/stash
$ helm install --name my-release --set image.tag=v0.2.1 stable/stash
```
Alternatively, a YAML file that specifies the values for the parameters can be provided while
installing the chart. For example:
```console
$ helm install --name my-release --values values.yaml appscode/stash
$ helm install --name my-release --values values.yaml stable/stash
```
## RBAC
......@@ -93,5 +91,5 @@ If the output contains "beta", you may install the chart with RBAC enabled (see
To enable the creation of RBAC resources (On clusters with RBAC). Do the following:
```console
$ helm install --name my-release appscode/stash --set rbac.create=true
$ helm install --name my-release stable/stash --set rbac.create=true
```
**This chart is DEPRECATED and moved to https://github.com/appscode/charts**
To verify that Stash has started, run:
kubectl --namespace={{ .Release.Namespace }} get deployments -l "release={{ .Release.Name }}, app={{ template "stash.name" . }}"
......@@ -3,7 +3,6 @@
{{- $altName1 := printf "%s.%s" $cn .Release.Namespace }}
{{- $altName2 := printf "%s.%s.svc" $cn .Release.Namespace }}
{{- $cert := genSignedCert $cn nil (list $altName1 $altName2) 3650 $ca }}
{{- if or .Values.apiserver.enableMutatingWebhook .Values.apiserver.enableValidatingWebhook }}
apiVersion: apiregistration.k8s.io/v1beta1
kind: APIService
metadata:
......@@ -23,31 +22,10 @@ spec:
groupPriorityMinimum: {{ .Values.apiserver.groupPriorityMinimum }}
versionPriority: {{ .Values.apiserver.versionPriority }}
---
apiVersion: apiregistration.k8s.io/v1beta1
kind: APIService
metadata:
name: v1alpha1.repositories.stash.appscode.com
labels:
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
app: "{{ template "stash.name" . }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
spec:
group: repositories.stash.appscode.com
version: v1alpha1
service:
namespace: {{ .Release.Namespace }}
name: {{ template "stash.fullname" . }}
caBundle: {{ b64enc $ca.Cert }}
groupPriorityMinimum: {{ .Values.apiserver.groupPriorityMinimum }}
versionPriority: {{ .Values.apiserver.versionPriority }}
{{ end }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ template "stash.fullname" . }}-apiserver-cert
namespace: {{ .Release.Namespace }}
labels:
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
app: "{{ template "stash.name" . }}"
......
......@@ -67,7 +67,6 @@ rules:
- apiGroups: [""]
resources:
- pods
- pods/exec
verbs: ["get", "create", "list", "delete", "deletecollection"]
- apiGroups: [""]
resources:
......
......@@ -2,7 +2,6 @@ apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: {{ template "stash.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
app: "{{ template "stash.name" . }}"
......@@ -31,18 +30,17 @@ spec:
{{- end }}
containers:
- name: operator
image: {{ .Values.operator.registry }}/{{ .Values.operator.repository }}:{{ .Values.operator.tag }}
imagePullPolicy: {{ .Values.imagePullPolicy }}
image: {{ .Values.operator.image }}:{{ .Values.operator.tag }}
imagePullPolicy: {{ .Values.imagePullPolicy }}
args:
- run
- --v=3
- --rbac={{ .Values.rbac.create }}
- --docker-registry={{ .Values.operator.registry }}
- --docker-registry={{ .Values.dockerRegistry }}
- --secure-port=8443
- --audit-log-path=-
- --tls-cert-file=/var/serving-cert/tls.crt
- --tls-private-key-file=/var/serving-cert/tls.key
- --enable-analytics={{ .Values.enableAnalytics }}
ports:
- containerPort: 8443
- containerPort: 56790
......@@ -55,7 +53,7 @@ spec:
- mountPath: /var/serving-cert
name: serving-cert
- name: pushgateway
image: '{{ .Values.pushgateway.registry }}/{{ .Values.pushgateway.repository }}:{{ .Values.pushgateway.tag }}'
image: '{{ .Values.pushgateway.image }}:{{ .Values.pushgateway.tag }}'
imagePullPolicy: {{ .Values.imagePullPolicy }}
args:
- -web.listen-address=:56789
......
{{- if .Values.apiserver.enableMutatingWebhook }}
apiVersion: admissionregistration.k8s.io/v1beta1
kind: MutatingWebhookConfiguration
metadata:
name: admission.stash.appscode.com
labels:
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
app: "{{ template "stash.name" . }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
webhooks:
- name: deployment.admission.stash.appscode.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.stash.appscode.com/v1alpha1/deployments
caBundle: {{ b64enc .Values.apiserver.ca }}
rules:
- operations:
- CREATE
- UPDATE
apiGroups:
- apps
- extensions
apiVersions:
- "*"
resources:
- deployments
failurePolicy: Fail
- name: daemonset.admission.stash.appscode.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.stash.appscode.com/v1alpha1/daemonsets
caBundle: {{ b64enc .Values.apiserver.ca }}
rules:
- operations:
- CREATE
- UPDATE
apiGroups:
- apps
- extensions
apiVersions:
- "*"
resources:
- daemonsets
failurePolicy: Fail
- name: statefulset.admission.stash.appscode.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.stash.appscode.com/v1alpha1/statefulsets
caBundle: {{ b64enc .Values.apiserver.ca }}
rules:
- operations:
- CREATE
apiGroups:
- apps
apiVersions:
- "*"
resources:
- statefulsets
failurePolicy: Fail
- name: replicationcontroller.admission.stash.appscode.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.stash.appscode.com/v1alpha1/replicationcontrollers
caBundle: {{ b64enc .Values.apiserver.ca }}
rules:
- operations:
- CREATE
- UPDATE
apiGroups:
- ""
apiVersions:
- "*"
resources:
- replicationcontrollers
failurePolicy: Fail
- name: replicaset.admission.stash.appscode.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.stash.appscode.com/v1alpha1/replicasets
caBundle: {{ b64enc .Values.apiserver.ca }}
rules:
- operations:
- CREATE
- UPDATE
apiGroups:
- apps
- extensions
apiVersions:
- "*"
resources:
- replicasets
failurePolicy: Fail
{{ end }}
......@@ -3,7 +3,6 @@ apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "stash.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
labels:
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
app: "{{ template "stash.name" . }}"
......
......@@ -2,7 +2,6 @@ apiVersion: v1
kind: Service
metadata:
name: {{ template "stash.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
app: "{{ template "stash.name" . }}"
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
......
......@@ -6,16 +6,12 @@ metadata:
labels:
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
annotations:
"helm.sh/hook": post-install,post-upgrade
"helm.sh/hook-delete-policy": before-hook-creation
rules:
- apiGroups:
- stash.appscode.com
resources:
- restics
- recoveries
- repositories
verbs:
- create
- delete
......@@ -32,16 +28,12 @@ metadata:
name: appscode:stash:view
labels:
rbac.authorization.k8s.io/aggregate-to-view: "true"
annotations:
"helm.sh/hook": post-install,post-upgrade
"helm.sh/hook-delete-policy": before-hook-creation
rules:
- apiGroups:
- stash.appscode.com
resources:
- restics
- recoveries
- repositories
verbs:
- get
- list
......
{{- if .Values.apiserver.enableValidatingWebhook }}
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingWebhookConfiguration
metadata:
name: admission.stash.appscode.com
labels:
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
app: "{{ template "stash.name" . }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
webhooks:
- name: restic.admission.stash.appscode.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.stash.appscode.com/v1alpha1/restics
caBundle: {{ b64enc .Values.apiserver.ca }}
rules:
- operations:
- CREATE
- UPDATE
apiGroups:
- stash.appscode.com
apiVersions:
- "*"
resources:
- restics
failurePolicy: Fail
- name: recovery.admission.stash.appscode.com
clientConfig:
service:
namespace: default
name: kubernetes
path: /apis/admission.stash.appscode.com/v1alpha1/recoveries
caBundle: {{ b64enc .Values.apiserver.ca }}
rules:
- operations:
- CREATE
- UPDATE
apiGroups:
- stash.appscode.com
apiVersions:
- "*"
resources:
- recoveries
failurePolicy: Fail
{{ end }}
......@@ -2,14 +2,11 @@
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
# Docker registry containing Stash images
operator:
registry: appscode
repository: stash
tag: 0.7.0
image: appscode/stash
tag: 0.7.0-rc.1
pushgateway:
registry: prom
repository: pushgateway
image: prom/pushgateway
tag: v0.4.0
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
......@@ -46,12 +43,7 @@ apiserver:
# https://github.com/kubernetes/kube-aggregator/blob/release-1.9/pkg/apis/apiregistration/v1beta1/types.go#L66-L70
# for more information on proper values of this field
versionPriority: 15
# enableMutatingWebhook is used to configure mutating webhook for Kubernetes workloads
enableMutatingWebhook: false
# enableValidatingWebhook is used to configure validating webhook for Stash CRDss
enableValidatingWebhook: false
# enableAdmissionWebhook is used to configure apiserver as ValidationWebhook for Voyager CRDs
enableAdmissionWebhook: false
# CA certificate used by main Kubernetes api server
ca:
# Send usage events to Google Analytics
enableAnalytics: true
apiVersion: v1
appVersion: 0.1.9
description: CoreOS vault-operator Helm chart for Kubernetes
name: vault-operator
version: 0.1.0
appVersion: 0.1.9
home: https://github.com/coreos/vault-operator
icon: https://s3.amazonaws.com/hashicorp-marketing-web-assets/brand/Vault_VerticalLogo_FullColor.B1xPC0pSax.svg
maintainers:
- email: michael@laccetti.com
name: mlaccetti
name: vault-operator
sources:
- https://github.com/coreos/vault-operator
version: 0.1.0
maintainers:
- name: mlaccetti
email: michael@laccetti.com
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment