bump artifactory chart to version v0.7.6 (#68)

charts/artifactory-ha/latest/CHANGELOG.md

 # JFrog Artifactory-ha Chart Changelog
 All changes to this chart will be documented in this file.
 
+## [0.7.6] - Nov 18, 2018
+* Added support for configMap to use custom Reverse Proxy Configuration with Nginx
+
+## [0.7.5] - Nov 14, 2018
+* Updated Artifactory version to 6.5.3
+
+## [0.7.4] - Nov 13, 2018
+* Allow pod anti-affinity settings to include primary node
+
+## [0.7.3] - Nov 12, 2018
+* Support artifactory.preStartCommand for running command before entrypoint starts
+
+## [0.7.2] - Nov 7, 2018
+* Support database.url parameter (DB_URL)
+
+## [0.7.1] - Oct 29, 2018
+* Change probes port to 8040 (so they will not be blocked when all tomcat threads on 8081 are exhausted)
+
 ## [0.7.0] - Oct 28, 2018
 * Update postgresql chart to version 0.9.5 to be able and use `postgresConfig` options
 

charts/artifactory-ha/latest/Chart.yaml

 apiVersion: v1
 name: artifactory-ha
 home: https://www.jfrog.com/artifactory/
-version: 0.7.0
-appVersion: 6.5.2
+version: 0.7.6
+appVersion: 6.5.3
 description: Universal Repository Manager supporting all major packaging formats,
   build tools and CI servers.
 keywords:

charts/artifactory-ha/latest/README.md

@@ -289,7 +289,7 @@ This can be done with the following parameters
 # Make sure your Artifactory Docker image has the MySQL database driver in it
 ...
 --set postgresql.enabled=false \
---set artifactory.postStartCommand="curl -L -o /opt/jfrog/artifactory/tomcat/lib/mysql-connector-java-5.1.41.jar https://jcenter.bintray.com/mysql/mysql-connector-java/5.1.41/mysql-connector-java-5.1.41.jar && chown 1030:1030 /opt/jfrog/artifactory/tomcat/lib/mysql-connector-java-5.1.41.jar" \
+--set artifactory.preStartCommand="curl -L -o /opt/jfrog/artifactory/tomcat/lib/mysql-connector-java-5.1.41.jar https://jcenter.bintray.com/mysql/mysql-connector-java/5.1.41/mysql-connector-java-5.1.41.jar" \
 --set database.type=mysql \
 --set database.host=${DB_HOST} \
 --set database.port=${DB_PORT} \
@@ -353,6 +353,8 @@ The following table lists the configurable parameters of the artifactory chart a
 | `artifactory.image.version`          | Container image tag                  | `.Chart.AppVersion`                        |
 | `artifactory.masterKey`           | Artifactory Master Key. Can be generated with `openssl rand -hex 32` |`FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF`|
 | `artifactory.masterKeySecretName` | Artifactory Master Key secret name                                   |                                                                  |
+| `artifactory.preStartCommand`                    | Command to run before entrypoint starts |                             |
+| `artifactory.postStartCommand`                   | Command to run after container starts   |                             |
 | `artifactory.license.secret` | Artifactory license secret name              |                                            |
 | `artifactory.license.dataKey`| Artifactory license secret data key          |                                            |
 | `artifactory.service.name`   | Artifactory service name to be set in Nginx configuration | `artifactory`                 |
@@ -460,6 +462,7 @@ The following table lists the configurable parameters of the artifactory chart a
 | `nginx.env.ssl`                   | Nginx Environment enable ssl               | `true`                                  |
 | `nginx.env.skipAutoConfigUpdate`  | Nginx Environment to disable auto configuration update | `false`                     |
 | `nginx.customConfigMap`           | Nginx CustomeConfigMap name for `nginx.conf` | ` `                                   |
+| `nginx.customArtifactoryConfigMap`| Nginx CustomeConfigMap name for `artifactory-ha.conf` | ` `                          |
 | `nginx.resources.requests.memory` | Nginx initial memory request               | `250Mi`                                 |
 | `nginx.resources.requests.cpu`    | Nginx initial cpu request                  | `100m`                                  |
 | `nginx.resources.limits.memory`   | Nginx memory limit                         | `250Mi`                                 |
@@ -478,12 +481,15 @@ The following table lists the configurable parameters of the artifactory chart a
 | `database.type`                  | External database type (`postgresql`, `mysql`, `oracle` or `mssql`)  |                       |
 | `database.host`                  | External database hostname                         |                                         |
 | `database.port`                  | External database port                             |                                         |
+| `database.url`                   | External database connection URL                   |                                         |
 | `database.user`                  | External database username                         |                                         |
 | `database.password`              | External database password                         |                                         |
 | `database.secrets.user.name`     | External database username `Secret` name           |                                         |
 | `database.secrets.user.key`      | External database username `Secret` key            |                                         |
 | `database.secrets.password.name` | External database password `Secret` name           |                                         |
 | `database.secrets.password.key`  | External database password `Secret` key            |                                         |
+| `database.secrets.url.name     ` | External database url `Secret` name                |                                         |
+| `database.secrets.url.key`       | External database url `Secret` key                 |                                         |
 
 
 Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.

charts/artifactory-ha/latest/ReverseProxyConfiguration.md

+# JFrog Artifactory Reverse Proxy Settings using Nginx
+
+#### Reverse Proxy
+*   To use Artifactory as docker registry it's mandatory to use Reverse Proxy.
+*   Artifactory provides a Reverse Proxy Configuration Generator screen in which you can fill in a set of fields to generate 
+the required configuration snippet which you can then download and install directly in the corresponding directory of your reverse proxy server.   
+*   To learn about configuring NGINX or Apache for reverse proxy refer to documentation provided on [JFrog wiki](https://www.jfrog.com/confluence/display/RTF/Configuring+a+Reverse+Proxy)
+*   By default Artifactory helm chart uses Nginx for reverse proxy and load balancing.
+  
+**Note**: Nginx image distributed with Artifactory helm chart is custom image managed and maintained by JFrog.  
+  
+####  Features of Artifactory Nginx
+*   Provides default configuration with self signed SSL certificate.
+*   Auto update reverse proxy configuration by pulling configuration generated by Reverse Proxy Configuration Generator from Artifactory using [REST API](https://www.jfrog.com/confluence/display/RTF/Configuring+a+Reverse+Proxy#ConfiguringaReverseProxy-RESTAPI)
+*   Persist configuration and SSL certificate in `/var/opt/jfrog/nginx` directory
+  
+#### Steps to use Reverse Proxy Configuration Generator to configuration for reverse proxy in nginx (Artifactory Pro/Enterprise).  
+*   Deploy Artifactory using helm chart with Nginx enabled.
+*   Go to Artifactory Admin -> HTTP Settings. 
+    Example values: 
+    ```
+    Docker Access Method: SubDomain
+    Server Provider: Nginx
+    Internal Hostname: $ARTIFACTORY_SERVICE_NAME (Get Artifactory Service Name by running `kubectl get svc` command)
+    Public Server Name: $DOMAIN_NAME
+    SSL Key Path: /var/opt/jfrog/nginx/ssl/tls.key (If SSL Cert is provided via Secret)
+    SSL Certificate Path: /var/opt/jfrog/nginx/ssl/tls.crt (If SSL Cert is provided via Secret)
+    ```
+*   Provide appropriate values and save configuration.
+*   Once configuration is saved Nginx will automatically fetch reverse proxy configuration snippet from Artifactory and apply it immediately.
+  
+#### Steps to use static configuration for reverse proxy in nginx.
+1.  Create `artifactory-ha.conf` file with nginx configuration. More [nginx configuration examples](https://github.com/jfrog/artifactory-docker-examples/tree/master/files/nginx/conf.d) 
+    * Following is example `artifactory-ha.conf`
+    ```bash
+    ## add HA entries when ha is configure
+    upstream artifactory {
+        server artifactory-ha-artifactory-ha-primary:8081;
+        server artifactory-ha:8081;
+    }
+    ## add ssl entries when https has been set in config
+    ssl_certificate      /var/opt/jfrog/nginx/ssl/tls.crt;
+    ssl_certificate_key  /var/opt/jfrog/nginx/ssl/tls.key;
+    ssl_session_cache shared:SSL:1m;
+    ssl_prefer_server_ciphers   on;
+    ## server configuration
+    server {
+        listen 443 ssl;
+        listen 80 ;
+        server_name ~(?<repo>.+)\.jfrog.team jfrog.team;
+        
+        if ($http_x_forwarded_proto = '') {
+            set $http_x_forwarded_proto  $scheme;
+        }
+        ## Application specific logs
+        ## access_log /var/log/nginx/jfrog.team-access.log timing;
+        ## error_log /var/log/nginx/jfrog.team-error.log;
+        rewrite ^/$ /artifactory/webapp/ redirect;
+        rewrite ^/artifactory/?(/webapp)?$ /artifactory/webapp/ redirect;
+        rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/$repo/$1/$2;
+        chunked_transfer_encoding on;
+        client_max_body_size 0;
+        location /artifactory/ {
+        proxy_read_timeout  900;
+        proxy_pass_header   Server;
+        proxy_cookie_path   ~*^/.* /;
+        if ( $request_uri ~ ^/artifactory/(.*)$ ) {
+            proxy_pass          http://artifactory/artifactory/$1;
+        }
+        proxy_pass          http://artifactory/artifactory/;
+        proxy_next_upstream http_503 non_idempotent;
+        proxy_set_header    X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host:$server_port/artifactory;
+        proxy_set_header    X-Forwarded-Port  $server_port;
+        proxy_set_header    X-Forwarded-Proto $http_x_forwarded_proto;
+        proxy_set_header    Host              $http_host;
+        proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
+        }
+    }
+    ```
+    
+2.  Create configMap of `artifactory-ha.conf` created with step above.
+    ```bash
+    kubectl create configmap art-nginx-conf --from-file=artifactory-ha.conf
+    ```
+3.  Deploy Artifactory using helm chart with auto configuration update disabled in nginx.
+    You can achieve it by setting value to `true` for `nginx.env.skipAutoConfigUpdate` and providing name of configMap created above to `nginx.customArtifactoryConfigMap` in [values.yaml](values.yaml)
+    Which sets Environment Variable `SKIP_AUTO_UPDATE_CONFIG=true` in Nginx container. 
+    
+    Following is command to set values at runtime:
+    ```bash
+    helm install --name artifactory-ha --set nginx.env.skipAutoConfigUpdate=true,nginx.customArtifactoryConfigMap=art-nginx-conf jfrog/artifactory-ha
+    ```
\ No newline at end of file

charts/artifactory-ha/latest/ci/test-values.yaml

+artifactory:
+  persistence:
+    enabled: false
+
+postgresql:
+  postgresPassword: "password"
+  postgresConfig:
+    maxConnections: "102"
+  persistence:
+    enabled: false
+
+nginx:
+  enabled: false
+  service:
+    ## For minikube, set this to NodePort, elsewhere use LoadBalancer
+    type: NodePort

charts/artifactory-ha/latest/templates/artifactory-node-statefulset.yaml

@@ -61,7 +61,11 @@ spec:
       {{- if .Values.postgresql.enabled }}
           until nc -z -w 2 {{ .Release.Name }}-postgresql {{ .Values.postgresql.service.port }} && echo database ok; do
       {{- else }}
+        {{- if and .Values.database.host .Values.database.port }}
           until nc -z -w 2 {{ .Values.database.host }} {{ .Values.database.port }} && echo database ok; do
+        {{- else }}
+          until true; do
+        {{- end }}
       {{- end }}
             sleep 2;
           done;
@@ -71,6 +75,15 @@ spec:
         imagePullPolicy: {{ .Values.artifactory.image.pullPolicy }}
         securityContext:
           allowPrivilegeEscalation: false
+      {{- if .Values.artifactory.preStartCommand }}
+        command:
+        - '/bin/sh'
+        - '-c'
+        - >
+          echo "Running custom preStartCommand command";
+          {{ .Values.artifactory.preStartCommand }};
+          /entrypoint-artifactory.sh
+      {{- end }}
         lifecycle:
           postStart:
             exec:
@@ -100,7 +113,7 @@ spec:
         - name: DB_PORT
           value: '{{ .Values.postgresql.service.port }}'
         - name: DB_USER
-          value: '{{.Values.postgresql.postgresUser }}'
+          value: '{{ .Values.postgresql.postgresUser }}'
         - name: DB_PASSWORD
           valueFrom:
             secretKeyRef:
@@ -108,23 +121,38 @@ spec:
               key: postgres-password
       {{- else }}
         - name: DB_TYPE
-          value: '{{ .Values.database.type }}'
+          value: '{{ required "Must set database.type when not using the PostgreSQL sub-chart (postgresql.enabled=false) " .Values.database.type }}'
+        {{- if or .Values.database.url .Values.database.secrets.url }}
+        - name: DB_URL
+        {{- if .Values.database.url }}
+          value: '{{.Values.database.url }}'
+        {{- else }}
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.database.secrets.url.name }}
+              key: {{ .Values.database.secrets.url.key }}
+        {{- end }}
+        {{- else }}
         - name: DB_HOST
           value: '{{ .Values.database.host }}'
         - name: DB_PORT
           value: '{{ .Values.database.port }}'
-      {{- if .Values.database.secrets }}
+        {{- end }}
+        {{- if .Values.database.secrets.user }}
         - name: DB_USER
           valueFrom:
             secretKeyRef:
               name: {{ .Values.database.secrets.user.name }}
               key: {{ .Values.database.secrets.user.key }}
+        {{- end }}
+        {{- if .Values.database.secrets.password }}
         - name: DB_PASSWORD
           valueFrom:
             secretKeyRef:
               name: {{ .Values.database.secrets.password.name }}
               key: {{ .Values.database.secrets.password.key }}
-      {{- else }}
+        {{- else }}
+        {{- if and .Values.database.type .Values.database.user }}
         - name: DB_USER
           value: '{{ .Values.database.user }}'
         - name: DB_PASSWORD
@@ -132,7 +160,8 @@ spec:
             secretKeyRef:
               name: {{ template "artifactory-ha.fullname" . }}
               key: db-password
-      {{- end }}
+        {{- end }}
+        {{- end }}
       {{- end }}
         - name: EXTRA_JAVA_OPTIONS
           value: "
@@ -206,7 +235,7 @@ spec:
         readinessProbe:
           httpGet:
             path: '/artifactory/webapp/#/login'
-            port: 8081
+            port: 8040
           initialDelaySeconds: {{ .Values.artifactory.readinessProbe.initialDelaySeconds }}
           periodSeconds: {{ .Values.artifactory.readinessProbe.periodSeconds }}
           timeoutSeconds: {{ .Values.artifactory.readinessProbe.timeoutSeconds }}
@@ -217,7 +246,7 @@ spec:
         livenessProbe:
           httpGet:
             path: '/artifactory/webapp/#/login'
-            port: 8081
+            port: 8040
           initialDelaySeconds: {{ .Values.artifactory.livenessProbe.initialDelaySeconds }}
           periodSeconds: {{ .Values.artifactory.livenessProbe.periodSeconds }}
           timeoutSeconds: {{ .Values.artifactory.livenessProbe.timeoutSeconds }}
@@ -244,7 +273,9 @@ spec:
                 matchLabels:
                   app: {{ template "artifactory-ha.name" . }}
                   release: {{ .Release.Name }}
+                  {{- if eq .Values.artifactory.service.pool "members" }}
                   role: {{ template "artifactory-ha.node.name" . }}
+                  {{- end }}
     {{- else if eq .Values.artifactory.node.podAntiAffinity.type "hard" }}
       affinity:
         podAntiAffinity:
@@ -254,7 +285,9 @@ spec:
               matchLabels:
                 app: {{ template "artifactory-ha.name" . }}
                 release: {{ .Release.Name }}
+                {{- if eq .Values.artifactory.service.pool "members" }}
                 role: {{ template "artifactory-ha.node.name" . }}
+                {{- end }}
     {{- end }}
     {{- with .Values.artifactory.node.tolerations }}
       tolerations:

charts/artifactory-ha/latest/templates/artifactory-primary-statefulset.yaml

@@ -61,7 +61,11 @@ spec:
       {{- if .Values.postgresql.enabled }}
           until nc -z -w 2 {{ .Release.Name }}-postgresql {{ .Values.postgresql.service.port }} && echo database ok; do
       {{- else }}
+        {{- if and .Values.database.host .Values.database.port }}
           until nc -z -w 2 {{ .Values.database.host }} {{ .Values.database.port }} && echo database ok; do
+        {{- else }}
+          until true; do
+        {{- end }}
       {{- end }}
             sleep 2;
           done;
@@ -71,6 +75,15 @@ spec:
         imagePullPolicy: {{ .Values.artifactory.image.pullPolicy }}
         securityContext:
           allowPrivilegeEscalation: false
+      {{- if .Values.artifactory.preStartCommand }}
+        command:
+        - '/bin/sh'
+        - '-c'
+        - >
+          echo "Running custom preStartCommand command";
+          {{ .Values.artifactory.preStartCommand }};
+          /entrypoint-artifactory.sh
+      {{- end }}
         lifecycle:
           postStart:
             exec:
@@ -79,7 +92,7 @@ spec:
               - '-c'
               - >
                 {{- if .Values.artifactory.configMapName }}
-                cp -Lrfv /bootstrap/* /artifactory_extra_conf/
+                cp -Lrf /bootstrap/* /artifactory_extra_conf/;
                 {{- end }}
                 {{- if .Values.artifactory.replicator.enabled }}
                 mkdir -p {{ .Values.artifactory.persistence.mountPath }}/replicator/etc;
@@ -111,23 +124,38 @@ spec:
               key: postgres-password
       {{- else }}
         - name: DB_TYPE
-          value: '{{ .Values.database.type }}'
+          value: '{{ required "Must set database.type when not using the PostgreSQL sub-chart (postgresql.enabled=false) " .Values.database.type }}'
+        {{- if or .Values.database.url .Values.database.secrets.url }}
+        - name: DB_URL
+        {{- if .Values.database.url }}
+          value: '{{.Values.database.url }}'
+        {{- else }}
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.database.secrets.url.name }}
+              key: {{ .Values.database.secrets.url.key }}
+        {{- end }}
+        {{- else }}
         - name: DB_HOST
           value: '{{ .Values.database.host }}'
         - name: DB_PORT
           value: '{{ .Values.database.port }}'
-      {{- if .Values.database.secrets }}
+        {{- end }}
+        {{- if .Values.database.secrets.user }}
         - name: DB_USER
           valueFrom:
             secretKeyRef:
               name: {{ .Values.database.secrets.user.name }}
               key: {{ .Values.database.secrets.user.key }}
+        {{- end }}
+        {{- if .Values.database.secrets.password }}
         - name: DB_PASSWORD
           valueFrom:
             secretKeyRef:
               name: {{ .Values.database.secrets.password.name }}
               key: {{ .Values.database.secrets.password.key }}
-      {{- else }}
+        {{- else }}
+        {{- if and .Values.database.type .Values.database.user }}
         - name: DB_USER
           value: '{{ .Values.database.user }}'
         - name: DB_PASSWORD
@@ -135,7 +163,8 @@ spec:
             secretKeyRef:
               name: {{ template "artifactory-ha.fullname" . }}
               key: db-password
-      {{- end }}
+        {{- end }}
+        {{- end }}
       {{- end }}
         - name: EXTRA_JAVA_OPTIONS
           value: "
@@ -222,7 +251,7 @@ spec:
         readinessProbe:
           httpGet:
             path: '/artifactory/webapp/#/login'
-            port: 8081
+            port: 8040
           initialDelaySeconds: {{ .Values.artifactory.readinessProbe.initialDelaySeconds }}
           periodSeconds: {{ .Values.artifactory.readinessProbe.periodSeconds }}
           timeoutSeconds: {{ .Values.artifactory.readinessProbe.timeoutSeconds }}
@@ -233,7 +262,7 @@ spec:
         livenessProbe:
           httpGet:
             path: '/artifactory/webapp/#/login'
-            port: 8081
+            port: 8040
           initialDelaySeconds: {{ .Values.artifactory.livenessProbe.initialDelaySeconds }}
           periodSeconds: {{ .Values.artifactory.livenessProbe.periodSeconds }}
           timeoutSeconds: {{ .Values.artifactory.livenessProbe.timeoutSeconds }}
@@ -244,10 +273,32 @@ spec:
       nodeSelector:
 {{ toYaml . | indent 8 }}
     {{- end }}
+    {{- if .Values.artifactory.primary.affinity }}
     {{- with .Values.artifactory.primary.affinity }}
       affinity:
 {{ toYaml . | indent 8 }}
     {{- end }}
+    {{- else if eq .Values.artifactory.primary.podAntiAffinity.type "soft" }}
+      affinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+          - weight: 100
+            podAffinityTerm:
+              topologyKey: {{ .Values.artifactory.primary.podAntiAffinity.topologyKey }}
+              labelSelector:
+                matchLabels:
+                  app: {{ template "artifactory-ha.name" . }}
+                  release: {{ .Release.Name }}
+    {{- else if eq .Values.artifactory.primary.podAntiAffinity.type "hard" }}
+      affinity:
+        podAntiAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+          - topologyKey: {{ .Values.artifactory.primary.podAntiAffinity.topologyKey }}
+            labelSelector:
+              matchLabels:
+                app: {{ template "artifactory-ha.name" . }}
+                release: {{ .Release.Name }}
+    {{- end }}
     {{- with .Values.artifactory.primary.tolerations }}
       tolerations:
 {{ toYaml . | indent 8 }}

charts/artifactory-ha/latest/templates/nginx-deployment.yaml

@@ -69,6 +69,15 @@ spec:
                 {{- if .Values.nginx.customConfigMap }}
                 cp -Lrf /tmp/nginx.conf /etc/nginx/nginx.conf;
                 {{- end }}
+                {{- if .Values.nginx.customArtifactoryConfigMap }}
+                cp -Lrf /tmp/conf.d/artifactory*.conf /etc/nginx/conf.d/artifactory.conf;
+                {{- else }}
+                if ! grep -q 'upstream' /etc/nginx/conf.d/artifactory.conf; then
+                sed -i -e 's,proxy_pass .*,proxy_pass     http://{{ $serviceName }}:{{ $servicePort }}/artifactory/;,g' \
+                    -e 's,server_name .*,server_name ~(?<repo>.+)\\.{{ $serviceName }} {{ $serviceName }};,g' \
+                    /etc/nginx/conf.d/artifactory.conf;
+                fi;
+                {{- end }}
                 if [ -f /tmp/replicator-nginx.conf ]; then
                 cp -fv /tmp/replicator-nginx.conf /etc/nginx/conf.d/replicator-nginx.conf;
                 fi;
@@ -77,14 +86,6 @@ spec:
                 cp -fv /tmp/ssl/* /var/opt/jfrog/nginx/ssl;
                 fi;
                 until [ -f /etc/nginx/conf.d/artifactory.conf ]; do sleep 1; done;
-                if ! grep -q 'upstream' /etc/nginx/conf.d/artifactory.conf; then
-                sed -i -e 's,proxy_pass .*,proxy_pass     http://{{ $serviceName }}:{{ $servicePort }}/artifactory/;,g' \
-                    -e 's,server_name .*,server_name ~(?<repo>.+)\\.{{ $serviceName }} {{ $serviceName }};,g' \
-                    /etc/nginx/conf.d/artifactory.conf;
-                fi;
-                if ! grep -q 'proxy_http_version' /etc/nginx/conf.d/artifactory.conf; then
-                sed -i 's,\(proxy_next_upstream .*\),proxy_http_version  1.1;\n    \1,g' /etc/nginx/conf.d/artifactory.conf;
-                fi;
                 sleep 5; nginx -s reload; touch /var/log/nginx/conf.done
         env:
         - name: ART_BASE_URL
@@ -95,8 +96,13 @@ spec:
           {{- end }}
         - name: SSL
           value: "{{ .Values.nginx.env.ssl }}"
+        {{- if .Values.nginx.customArtifactoryConfigMap }}
+        - name: SKIP_AUTO_UPDATE_CONFIG
+          value: "true"
+        {{- else }}
         - name: SKIP_AUTO_UPDATE_CONFIG
           value: "{{ .Values.nginx.env.skipAutoConfigUpdate }}"
+        {{- end }}
         ports:
         - containerPort: {{ .Values.nginx.internalPortHttp }}
         - containerPort: {{ .Values.nginx.internalPortHttps }}
@@ -119,6 +125,10 @@ spec:
         - name: nginx-config
           mountPath: "/tmp/"
         {{- end }}
+        {{- if .Values.nginx.customArtifactoryConfigMap }}
+        - name: artifactory-nginx-config
+          mountPath: "/tmp/conf.d"
+        {{- end }}
         resources:
 {{ toYaml .Values.nginx.resources | indent 10 }}
         {{- if .Values.nginx.readinessProbe.enabled }}
@@ -166,6 +176,11 @@ spec:
         configMap:
           name: {{ .Values.nginx.customConfigMap }}
       {{- end }}
+      {{- if .Values.nginx.customArtifactoryConfigMap }}
+      - name: artifactory-nginx-config
+        configMap:
+          name: {{ .Values.nginx.customArtifactoryConfigMap }}
+      {{- end}}
       - name: nginx-volume
       {{- if .Values.nginx.persistence.enabled }}
         persistentVolumeClaim:

charts/artifactory-ha/latest/values.yaml

@@ -77,11 +77,13 @@ postgresql:
   #    cpu: "500m"
 
 ## If NOT using the PostgreSQL in this chart (postgresql.enabled=false),
-## you must specify the following database details
+## you MUST specify custom database details here or Artifactory will NOT start
 database:
   type:
   host:
   port:
+  ## If you set the url, leave host and port empty
+  url:
   ## If you would like this chart to create the secret containing the db
   ## password, use these values
   user:
@@ -95,6 +97,9 @@ database:
   #  password:
   #    name: "rds-artifactory"
   #    key: "db-password"
+  #  url:
+  #    name: "rds-artifactory"
+  #    key: "db-url"
 
 # Artifactory
 artifactory:
@@ -124,8 +129,10 @@ artifactory:
   ## Create configMap with artifactory.config.import.xml and security.import.xml and pass name of configMap in following parameter
   configMapName:
 
-  ## Extra postStart command to install JDBC driver for MySql/MariaDb/Oracle
-  # postStartCommand: "curl -L -o /opt/jfrog/artifactory/tomcat/lib/mysql-connector-java-5.1.41.jar https://jcenter.bintray.com/mysql/mysql-connector-java/5.1.41/mysql-connector-java-5.1.41.jar && chown 1030:1030 /opt/jfrog/artifactory/tomcat/lib/mysql-connector-java-5.1.41.jar"
+  ## Extra pre-start command to install JDBC driver for MySql/MariaDb/Oracle
+  # preStartCommand: "curl -L -o /opt/jfrog/artifactory/tomcat/lib/mysql-connector-java-5.1.41.jar https://jcenter.bintray.com/mysql/mysql-connector-java/5.1.41/mysql-connector-java-5.1.41.jar"
+  ## Extra post-start command to run extra commands after container starts
+  # postStartCommand:
 
   membershipPort: 10017
   externalPort: 8081
@@ -258,6 +265,12 @@ artifactory:
     tolerations: []
 
     affinity: {}
+    ## Only used if "affinity" is empty
+    podAntiAffinity:
+      ## Valid values are "soft" or "hard"; any other value indicates no anti-affinity
+      type: ""
+      topologyKey: "kubernetes.io/hostname"
+
   node:
     name: artifactory-ha-member
     persistence:
@@ -349,6 +362,8 @@ nginx:
     skipAutoConfigUpdate: false
   ## Custom ConfigMap for nginx.conf
   customConfigMap:
+  ## Custom ConfigMap for artifactory.conf
+  customArtifactoryConfigMap:
   persistence:
     mountPath: "/var/opt/jfrog/nginx"
     enabled: false

charts/artifactory-ha/v0.7.0/.helmignore

+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+OWNERS
\ No newline at end of file

charts/artifactory-ha/v0.7.0/CHANGELOG.md

+# JFrog Artifactory-ha Chart Changelog
+All changes to this chart will be documented in this file.
+
+## [0.7.0] - Oct 28, 2018
+* Update postgresql chart to version 0.9.5 to be able and use `postgresConfig` options
+
+## [0.6.9] - Oct 23, 2018
+* Fix providing external secret for database credentials
+
+## [0.6.8] - Oct 22, 2018
+* Allow user to configure externalTrafficPolicy for Loadbalancer
+
+## [0.6.7] - Oct 22, 2018
+* Updated ingress annotation support (with examples) to support docker registry v2
+
+## [0.6.6] - Oct 21, 2018
+* Updated Artifactory version to 6.5.2
+
+## [0.6.5] - Oct 19, 2018
+* Allow providing pre-existing secret containing master key
+* Allow arbitrary annotations on primary and member node pods
+* Enforce size limits when using local storage with `emptyDir`
+* Allow `soft` or `hard` specification of member node anti-affinity
+* Allow providing pre-existing secrets containing external database credentials
+* Fix `s3` binary store provider to properly use the `cache-fs` provider
+* Allow arbitrary properties when using the `s3` binary store provider
+
+## [0.6.4] - Oct 18, 2018
+* Updated Artifactory version to 6.5.1
+
+## [0.6.3] - Oct 17, 2018
+* Add Apache 2.0 license
+
+## [0.6.2] - Oct 14, 2018
+* Make S3 endpoint configurable (was hardcoded with `s3.amazonaws.com`)
+
+## [0.6.1] - Oct 11, 2018
+* Allows ingress default `backend` to be enabled or disabled (defaults to enabled)
+
+## [0.6.0] - Oct 11, 2018
+* Updated Artifactory version to 6.5.0
+
+## [0.5.3] - Oct 9, 2018
+* Quote ingress hosts to support wildcard names
+
+## [0.5.2] - Oct 2, 2018
+* Add `helm repo add jfrog https://charts.jfrog.io` to README
+
+## [0.5.1] - Oct 2, 2018
+* Set Artifactory to 6.4.1
+
+## [0.5.0] - Sep 27, 2018
+* Set Artifactory to 6.4.0
+
+## [0.4.7] - Sep 26, 2018
+* Add ci/test-values.yaml
+
+## [0.4.6] - Sep 25, 2018
+* Add PodDisruptionBudget for member nodes, defaulting to minAvailable of 1
+
+## [0.4.4] - Sep 2, 2018
+* Updated Artifactory version to 6.3.2
+
+## [0.4.0] - Aug 22, 2018
+* Added support to run as non root
+* Updated Artifactory version to 6.2.0
+
+## [0.3.0] - Aug 22, 2018
+* Enabled RBAC Support
+* Added support for PostStartCommand (To download Database JDBC connector)
+* Increased postgresql max_connections
+* Added support for `nginx.conf` ConfigMap
+* Updated Artifactory version to 6.1.0  

charts/artifactory-ha/v0.7.0/Chart.yaml

+apiVersion: v1
+name: artifactory-ha
+home: https://www.jfrog.com/artifactory/
+version: 0.7.0
+appVersion: 6.5.2
+description: Universal Repository Manager supporting all major packaging formats,
+  build tools and CI servers.
+keywords:
+- artifactory
+- jfrog
+- devops
+sources:
+- https://bintray.com/jfrog/product/JFrog-Artifactory-Pro/view
+- https://github.com/jfrog/charts
+maintainers:
+- name: jainishshah17
+  email: jainishs@jfrog.com
+- name: eldada
+  email: eldada@jfrog.com
+- name: rimusz
+  email: rimasm@jfrog.com
+icon: https://raw.githubusercontent.com/jfrog/artifactory-dcos/master/images/jfrog_med.png

charts/artifactory-ha/v0.7.0/OWNERS

+approvers:
+- jainishshah17
+- eldada
+- rimusz
+reviewers:
+- jainishshah17
+- eldada
+- rimusz
\ No newline at end of file

charts/artifactory-ha/v0.7.0/requirements.lock

+dependencies:
+- name: postgresql
+  repository: https://kubernetes-charts.storage.googleapis.com/
+  version: 0.9.5
+digest: sha256:7e07fb616d953e518e3373e2c5183290b4b6e94292a233528c0d52ffd42afc77
+generated: 2018-10-28T06:26:39.466565306+02:00

charts/artifactory-ha/v0.7.0/requirements.yaml

+dependencies:
+- name: postgresql
+  version: 0.9.5
+  repository: https://kubernetes-charts.storage.googleapis.com/
+  condition: postgresql.enabled

charts/artifactory-ha/v0.7.0/templates/NOTES.txt

+Congratulations. You have just deployed JFrog Artifactory HA!
+
+{{- if (not .Values.artifactory.masterKeySecretName) and eq .Values.artifactory.masterKey "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" }}
+
+
+***************************************** WARNING ******************************************
+* Your Artifactory master key is still set to the provided example:                        *
+* artifactory.masterKey=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF   *
+*                                                                                          *
+* You should change this to your own generated key:                                        *
+* $ export MASTER_KEY=$(openssl rand -hex 32)                                              *
+* $ echo ${MASTER_KEY}                                                                     *
+*                                                                                          *
+* Pass the created master key to helm with '--set artifactory.masterKey=${MASTER_KEY}'     *
+*                                                                                          *
+* Alternatively, you can use a pre-existing secret with a key called master-key with       *
+* '--set artifactory.masterKeySecretName=${SECRET_NAME}'                                   *
+********************************************************************************************
+{{- end }}
+
+{{- if .Values.postgresql.enabled }}
+
+DATABASE:
+To extract the database password, run the following
+export DB_PASSWORD=$(kubectl get --namespace {{ .Release.Namespace }} $(kubectl get secret --namespace {{ .Release.Namespace }} -o name | grep postgresql) -o jsonpath="{.data.postgres-password}" | base64 --decode)
+echo ${DB_PASSWORD}
+{{- end }}
+
+SETUP:
+1. Get the Artifactory IP and URL
+
+   {{- if contains "NodePort" .Values.nginx.service.type }}
+   export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "artifactory-ha.nginx.fullname" . }})
+   export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+   echo http://$NODE_IP:$NODE_PORT/
+
+   {{- else if contains "LoadBalancer" .Values.nginx.service.type }}
+   NOTE: It may take a few minutes for the LoadBalancer public IP to be available!
+
+   You can watch the status of the service by running 'kubectl get svc -w {{ template "artifactory-ha.nginx.fullname" . }}'
+   export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "artifactory-ha.nginx.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+   echo http://$SERVICE_IP/
+
+   {{- else if contains "ClusterIP" .Values.nginx.service.type }}
+   export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "component={{ .Values.nginx.name }}" -o jsonpath="{.items[0].metadata.name}")
+   kubectl port-forward --namespace {{ .Release.Namespace }} $POD_NAME 8080:80
+   echo http://127.0.0.1:8080
+
+   {{- end }}
+
+2. Open Artifactory in your browser
+   Default credential for Artifactory:
+   user:     admin
+   password: password
+
+   {{- if .Values.artifactory.license.secret }}
+
+3. Manage Artifactory license through the {{ .Values.artifactory.license.secret }} secret ONLY!
+   Since the artifactory license(s) is managed with a secret ({{ .Values.artifactory.license.secret }}), any change through the Artifactory UI might not be saved!
+
+   {{- else }}
+
+3. Add HA licenses to activate Artifactory HA through the Artifactory UI
+   NOTE: Each Artifactory node requires a valid license. See https://www.jfrog.com/confluence/display/RTF/HA+Installation+and+Setup for more details.
+
+   {{- end }}

charts/artifactory-ha/v0.7.0/templates/_helpers.tpl

+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "artifactory-ha.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+The primary node name
+*/}}
+{{- define "artifactory-ha.primary.name" -}}
+{{- $name := .Release.Name | trunc 29 -}}
+{{- printf "%s-%s-primary" $name .Chart.Name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+The member node name
+*/}}
+{{- define "artifactory-ha.node.name" -}}
+{{- $name := .Release.Name | trunc 29 -}}
+{{- printf "%s-%s-member" $name .Chart.Name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Expand the name nginx service.
+*/}}
+{{- define "artifactory-ha.nginx.name" -}}
+{{- default .Values.nginx.name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "artifactory-ha.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "artifactory-ha.nginx.fullname" -}}
+{{- if .Values.nginx.fullnameOverride -}}
+{{- .Values.nginx.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nginx.name -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "artifactory-ha.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+{{ default (include "artifactory-ha.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+{{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "artifactory-ha.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
\ No newline at end of file

charts/artifactory-ha/v0.7.0/templates/artifactory-binarystore.yaml

+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: {{ template "artifactory-ha.fullname" . }}-bs
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+data:
+  binarystore.xml: |-
+{{- if eq .Values.artifactory.persistence.type "file-system" }}
+    <!-- File system replication -->
+    <config version="2">
+        <chain>
+            <provider id="cache-fs" type="cache-fs">
+                <provider id="sharding-cluster" type="sharding-cluster">
+                    <readBehavior>crossNetworkStrategy</readBehavior>
+                    <writeBehavior>crossNetworkStrategy</writeBehavior>
+                    <redundancy>{{ .Values.artifactory.persistence.redundancy }}</redundancy>
+                    <lenientLimit>2</lenientLimit>
+                    <minSpareUploaderExecutor>2</minSpareUploaderExecutor>
+                    <sub-provider id="state-aware" type="state-aware"/>
+                    <dynamic-provider id="remote" type="remote"/>
+                    <property name="zones" value="local,remote"/>
+                </provider>
+            </provider>
+        </chain>
+
+        <!-- Shards add local file-system provider configuration -->
+        <provider id="state-aware" type="state-aware">
+            <fileStoreDir>shard-fs-1</fileStoreDir>
+            <zone>local</zone>
+        </provider>
+
+        <!-- Shards dynamic remote provider configuration -->
+        <provider id="remote" type="remote">
+            <checkPeriod>30</checkPeriod>
+            <serviceId>tester-remote1</serviceId>
+            <timeout>10000</timeout>
+            <zone>remote</zone>
+            <property name="header.remote.block" value="true"/>
+        </provider>
+    </config>
+{{- end }}
+
+{{- if eq .Values.artifactory.persistence.type "google-storage" }}
+    <!-- Google storage -->
+    <config version="2">
+        <chain>
+            <provider id="sharding-cluster" type="sharding-cluster">
+                <readBehavior>crossNetworkStrategy</readBehavior>
+                <writeBehavior>crossNetworkStrategy</writeBehavior>
+                <redundancy>{{ .Values.artifactory.persistence.redundancy }}</redundancy>
+                <minSpareUploaderExecutor>2</minSpareUploaderExecutor>
+                <sub-provider id="eventual-cluster" type="eventual-cluster">
+                    <provider id="retry" type="retry">
+                        <provider id="google-storage" type="google-storage"/>
+                    </provider>
+                </sub-provider>
+                <dynamic-provider id="remote" type="remote"/>
+                <property name="zones" value="local,remote"/>
+            </provider>
+        </chain>
+
+        <!-- Set max cache-fs size -->
+        <provider id="cache-fs" type="cache-fs">
+            <maxCacheSize>{{ .Values.artifactory.persistence.maxCacheSize }}</maxCacheSize>
+        </provider>
+
+        <provider id="eventual-cluster" type="eventual-cluster">
+            <zone>local</zone>
+        </provider>
+
+        <provider id="remote" type="remote">
+            <checkPeriod>30</checkPeriod>
+            <timeout>10000</timeout>
+            <zone>remote</zone>
+        </provider>
+
+        <provider id="file-system" type="file-system">
+            <fileStoreDir>{{ .Values.artifactory.persistence.mountPath }}/data/filestore</fileStoreDir>
+            <tempDir>/tmp</tempDir>
+        </provider>
+
+        <provider id="google-storage" type="google-storage">
+            <providerId>google-cloud-storage</providerId>
+            <endpoint>commondatastorage.googleapis.com</endpoint>
+            <httpsOnly>false</httpsOnly>
+            <bucketName>{{ .Values.artifactory.persistence.googleStorage.bucketName }}</bucketName>
+            <identity>{{ .Values.artifactory.persistence.googleStorage.identity }}</identity>
+            <credential>{{ .Values.artifactory.persistence.googleStorage.credential }}</credential>
+            <path>{{ .Values.artifactory.persistence.googleStorage.path }}</path>
+        </provider>
+    </config>
+{{- end }}
+
+{{- if eq .Values.artifactory.persistence.type "aws-s3" }}
+    <!-- AWS S3 -->
+    <config version="2">
+        <chain> <!--template="cluster-s3"-->
+            <provider id="cache-fs" type="cache-fs">
+                <provider id="sharding-cluster" type="sharding-cluster">
+                    <sub-provider id="eventual-cluster" type="eventual-cluster">
+                        <provider id="retry-s3" type="retry">
+                            <provider id="s3" type="s3"/>
+                        </provider>
+                    </sub-provider>
+                    <dynamic-provider id="remote" type="remote"/>
+                </provider>
+            </provider>
+        </chain>
+
+        <!-- Set max cache-fs size -->
+        <provider id="cache-fs" type="cache-fs">
+            <maxCacheSize>{{ .Values.artifactory.persistence.maxCacheSize }}</maxCacheSize>
+        </provider>
+
+        <provider id="eventual-cluster" type="eventual-cluster">
+            <zone>local</zone>
+        </provider>
+
+        <provider id="remote" type="remote">
+            <checkPeriod>30</checkPeriod>
+            <timeout>10000</timeout>
+            <zone>remote</zone>
+        </provider>
+
+        <provider id="sharding-cluster" type="sharding-cluster">
+            <readBehavior>crossNetworkStrategy</readBehavior>
+            <writeBehavior>crossNetworkStrategy</writeBehavior>
+            <redundancy>{{ .Values.artifactory.persistence.redundancy }}</redundancy>
+            <property name="zones" value="local,remote"/>
+        </provider>
+
+        <provider id="s3" type="s3">
+            <endpoint>{{ .Values.artifactory.persistence.awsS3.endpoint }}</endpoint>
+            <refreshCredentials>{{ .Values.artifactory.persistence.awsS3.refreshCredentials }}</refreshCredentials>
+            <testConnection>{{ .Values.artifactory.persistence.awsS3.testConnection }}</testConnection>
+            <httpsOnly>true</httpsOnly>
+            <region>{{ .Values.artifactory.persistence.awsS3.region }}</region>
+            <bucketName>{{ .Values.artifactory.persistence.awsS3.bucketName }}</bucketName>
+            <identity>{{ .Values.artifactory.persistence.awsS3.identity }}</identity>
+            <credential>{{ .Values.artifactory.persistence.awsS3.credential }}</credential>
+            <path>{{ .Values.artifactory.persistence.awsS3.path }}</path>
+            {{- range $key, $value := .Values.artifactory.persistence.awsS3.properties }}
+            <property name="{{ $key }}" value="{{ $value }}"/>
+            {{- end }}
+        </provider>
+    </config>
+{{- end }}

charts/artifactory-ha/v0.7.0/templates/artifactory-nfs-pvc.yaml

+{{- if eq .Values.artifactory.persistence.type "nfs" }}
+### Artifactory HA data
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: {{ template "artifactory-ha.fullname" . }}-data-pv
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+    id: {{ template "artifactory-ha.name" . }}-data-pv
+    type: nfs-volume
+spec:
+  capacity:
+    storage: {{ .Values.artifactory.persistence.nfs.capacity }}
+  accessModes:
+  - ReadWriteOnce
+  persistentVolumeReclaimPolicy: Retain
+  nfs:
+    server: {{ .Values.artifactory.persistence.nfs.ip }}
+    path: "{{ .Values.artifactory.persistence.nfs.haDataMount }}"
+    readOnly: false
+---
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ template "artifactory-ha.fullname" . }}-data-pvc
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+    type: nfs-volume
+spec:
+  accessModes:
+  - ReadWriteOnce
+  storageClassName: ""
+  resources:
+    requests:
+      storage: {{ .Values.artifactory.persistence.nfs.capacity }}
+  selector:
+    matchLabels:
+      id: {{ template "artifactory-ha.name" . }}-data-pv
+      app: {{ template "artifactory-ha.name" . }}
+      release: {{ .Release.Name }}
+---
+### Artifactory HA backup
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: {{ template "artifactory-ha.fullname" . }}-backup-pv
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+    id: {{ template "artifactory-ha.name" . }}-backup-pv
+    type: nfs-volume
+spec:
+  capacity:
+    storage: {{ .Values.artifactory.persistence.nfs.capacity }}
+  accessModes:
+  - ReadWriteOnce
+  persistentVolumeReclaimPolicy: Retain
+  nfs:
+    server: {{ .Values.artifactory.persistence.nfs.ip }}
+    path: "{{ .Values.artifactory.persistence.nfs.haBackupMount }}"
+    readOnly: false
+---
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ template "artifactory-ha.fullname" . }}-backup-pvc
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+    type: nfs-volume
+spec:
+  accessModes:
+  - ReadWriteOnce
+  storageClassName: ""
+  resources:
+    requests:
+      storage: {{ .Values.artifactory.persistence.nfs.capacity }}
+  selector:
+    matchLabels:
+      id: {{ template "artifactory-ha.name" . }}-backup-pv
+      app: {{ template "artifactory-ha.name" . }}
+      release: {{ .Release.Name }}
+{{- end }}
\ No newline at end of file

charts/artifactory-ha/v0.7.0/templates/artifactory-node-pdb.yaml

+apiVersion: policy/v1beta1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "artifactory-ha.fullname" . }}-node
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    component: {{ .Values.artifactory.name }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+spec:
+  selector:
+    matchLabels:
+      app: {{ template "artifactory-ha.name" . }}
+      role: {{ template "artifactory-ha.node.name" . }}
+      release: {{ .Release.Name }}
+  minAvailable: {{ .Values.artifactory.node.minAvailable }}

charts/artifactory-ha/v0.7.0/templates/artifactory-plugin-inactiveservercleaner.yaml

+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: {{ template "artifactory-ha.fullname" . }}-isc
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+data:
+  inactiveServerCleaner.groovy: |-
+    import org.artifactory.state.ArtifactoryServerState
+    import org.artifactory.storage.db.servers.service.ArtifactoryServersCommonService
+    import org.artifactory.common.ConstantValues
+    import org.slf4j.Logger
+
+    import java.util.concurrent.TimeUnit
+
+    jobs {
+        clean(interval: 90000, delay: 900000) {
+            runCleanupHAInactiveServers()
+        }
+    }
+
+    executions {
+        cleanHAInactiveServers() { params ->
+            runCleanupHAInactiveServers()
+        }
+    }
+
+    def runCleanupHAInactiveServers() {
+        def artifactoryServersCommonService = ctx.beanForType(ArtifactoryServersCommonService)
+        def artifactoryInactiveServerCleaner = new ArtifactoryInactiveServersCleaner(artifactoryServersCommonService, log)
+        artifactoryInactiveServerCleaner.cleanInactiveArtifactoryServers()
+    }
+
+    public class ArtifactoryInactiveServersCleaner {
+
+        private ArtifactoryServersCommonService artifactoryServersCommonService
+        private Logger log
+
+        ArtifactoryInactiveServersCleaner(ArtifactoryServersCommonService artifactoryServersCommonService, Logger log) {
+            this.artifactoryServersCommonService = artifactoryServersCommonService
+            this.log = log
+        }
+
+        def cleanInactiveArtifactoryServers() {
+            log.info "Executing inactive artifactory servers cleaner plugin"
+            List<String> allMembers = artifactoryServersCommonService.getAllArtifactoryServers()
+            for (member in allMembers) {
+                def heartbeat = TimeUnit.MILLISECONDS.toSeconds(System.currentTimeMillis() - member.getLastHeartbeat())
+                def noHeartbeat = heartbeat > ConstantValues.haHeartbeatStaleIntervalSecs.getInt()
+                if (member.getServerState() == ArtifactoryServerState.UNAVAILABLE || ( noHeartbeat && member.getServerState() != ArtifactoryServerState.CONVERTING && member.getServerState() != ArtifactoryServerState.STARTING )) {
+                    try {
+                        log.info "Inactive artifactory servers cleaning task found server ${member.serverId} to remove"
+                        artifactoryServersCommonService.removeServer(member.serverId)
+
+                    }catch (Exception e){
+                        log.error "Error: Not able to remove ${member.serverId}, ${e.message}"
+                    }
+                }
+            }
+            log.info "No inactive servers found"
+        }
+    }
\ No newline at end of file

charts/artifactory-ha/v0.7.0/templates/artifactory-role.yaml

+{{- if .Values.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    component: {{ .Values.artifactory.name }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+  name: {{ template "artifactory-ha.fullname" . }}
+rules:
+{{ toYaml .Values.rbac.role.rules }}
+{{- end }}

charts/artifactory-ha/v0.7.0/templates/artifactory-rolebinding.yaml

+{{- if .Values.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    component: {{ .Values.artifactory.name }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+  name: {{ template "artifactory-ha.fullname" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "artifactory-ha.serviceAccountName" . }}
+roleRef:
+  kind: Role
+  apiGroup: rbac.authorization.k8s.io
+  name: {{ template "artifactory-ha.fullname" . }}
+{{- end }}

charts/artifactory-ha/v0.7.0/templates/artifactory-secrets.yaml

+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "artifactory-ha.fullname" . }}
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+type: Opaque
+data:
+{{- if not .Values.artifactory.masterKeySecretName }}
+  master-key: {{ .Values.artifactory.masterKey | b64enc | quote }}
+{{- end }}
+{{- if .Values.database.password }}
+  db-password: {{ .Values.database.password | b64enc | quote }}
+{{- end }}

charts/artifactory-ha/v0.7.0/templates/artifactory-service.yaml

+# Service for all Artifactory cluster nodes.
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "artifactory-ha.fullname" . }}
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    component: {{ .Values.artifactory.name }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+spec:
+  type: {{ .Values.artifactory.service.type }}
+  ports:
+  - port: {{ .Values.artifactory.externalPort }}
+    targetPort: {{ .Values.artifactory.internalPort }}
+    protocol: TCP
+    name: http
+  selector:
+{{- if eq .Values.artifactory.service.pool "members" }}
+    role: {{ template "artifactory-ha.node.name" . }}
+{{- end }}
+    app: {{ template "artifactory-ha.name" . }}
+    component: "{{ .Values.artifactory.name }}"
+    release: {{ .Release.Name }}
+---
+# Internal service for Artifactory primary node only!
+# Used by member nodes to check readiness of primary node before starting up
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "artifactory-ha.primary.name" . }}
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    component: {{ .Values.artifactory.name }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+spec:
+  type: {{ .Values.artifactory.service.type }}
+  ports:
+  - port: {{ .Values.artifactory.externalPort }}
+    targetPort: {{ .Values.artifactory.internalPort }}
+    protocol: TCP
+    name: http
+  {{- if .Values.artifactory.replicator.enabled }}
+  - port: {{ .Values.artifactory.externalPortReplicator }}
+    targetPort: {{ .Values.artifactory.internalPortReplicator }}
+    protocol: TCP
+    name: replicator
+  {{- end}}
+  selector:
+    role: {{ template "artifactory-ha.primary.name" . }}
+    app: {{ template "artifactory-ha.name" . }}
+    component: "{{ .Values.artifactory.name }}"
+    release: {{ .Release.Name }}

charts/artifactory-ha/v0.7.0/templates/artifactory-serviceaccount.yaml

+{{- if .Values.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    component: {{ .Values.artifactory.name }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+  name: {{ template "artifactory-ha.serviceAccountName" . }}
+{{- end }}

charts/artifactory-ha/v0.7.0/templates/ingress.yaml

+{{- if .Values.ingress.enabled -}}
+{{- $serviceName := include "artifactory-ha.fullname" . -}}
+{{- $servicePort := .Values.artifactory.externalPort -}}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: {{ template "artifactory-ha.fullname" . }}
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+{{- if .Values.ingress.annotations }}
+  annotations:
+{{ .Values.ingress.annotations | toYaml | trimSuffix "\n" | indent 4 -}}
+{{- end }}
+spec:
+  {{- if .Values.ingress.defaultBackend.enabled }}
+  backend:
+    serviceName: {{ $serviceName }}
+    servicePort: {{ $servicePort }}
+  {{- end -}}
+{{- if .Values.ingress.hosts }}
+  rules:
+  {{- range $host := .Values.ingress.hosts }}
+  - host: {{ $host | quote }}
+    http:
+      paths:
+        - path: /
+          backend:
+            serviceName: {{ $serviceName }}
+            servicePort: {{ $servicePort }}
+  {{- end -}}
+{{- end -}}
+  {{- if .Values.ingress.tls }}
+  tls:
+{{ toYaml .Values.ingress.tls | indent 4 }}
+  {{- end -}}
+{{- end -}}

charts/artifactory-ha/v0.7.0/templates/nginx-deployment.yaml

+{{- if .Values.nginx.enabled -}}
+{{- $serviceName := include "artifactory-ha.fullname" . -}}
+{{- $servicePort := .Values.artifactory.externalPort -}}
+apiVersion: apps/v1beta2
+kind: Deployment
+metadata:
+  name: {{ template "artifactory-ha.nginx.fullname" . }}
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+    component: {{ .Values.nginx.name }}
+spec:
+  replicas: {{ .Values.nginx.replicaCount }}
+  selector:
+    matchLabels:
+      app: {{ template "artifactory-ha.name" . }}
+      release: {{ .Release.Name }}
+      component: {{ .Values.nginx.name }}
+  template:
+    metadata:
+      labels:
+        app: {{ template "artifactory-ha.name" . }}
+        component: {{ .Values.nginx.name }}
+        release: {{ .Release.Name }}
+    spec:
+      serviceAccountName: {{ template "artifactory-ha.serviceAccountName" . }}
+    {{- if .Values.imagePullSecrets }}
+      imagePullSecrets:
+      - name: {{ .Values.imagePullSecrets }}
+    {{- end }}
+      initContainers:
+    {{- if .Values.nginx.persistence.enabled }}
+      - name: "remove-lost-found"
+        image: "{{ .Values.initContainerImage }}"
+        imagePullPolicy: {{ .Values.nginx.image.pullPolicy }}
+        command:
+        - '/bin/sh'
+        - '-c'
+        - 'rm -rfv {{ .Values.nginx.persistence.mountPath }}/lost+found'
+        volumeMounts:
+        - mountPath: {{ .Values.nginx.persistence.mountPath | quote }}
+          name: nginx-volume
+    {{- end }}
+      - name: "wait-for-artifactory"
+        image: "{{ .Values.initContainerImage }}"
+        command:
+        - 'sh'
+        - '-c'
+        - >
+          until nc -z -w 2 {{ $serviceName }} {{ $servicePort }} && echo artifactory ok; do
+            sleep 2;
+          done;
+      securityContext:
+        runAsUser: {{ .Values.nginx.uid }}
+        fsGroup: {{ .Values.nginx.gid }}
+      containers:
+      - name: {{ .Values.nginx.name }}
+        image: '{{ .Values.nginx.image.repository }}:{{ default .Chart.AppVersion .Values.nginx.image.version }}'
+        imagePullPolicy: {{ .Values.nginx.image.pullPolicy }}
+        lifecycle:
+          postStart:
+            exec:
+              command:
+              - '/bin/sh'
+              - '-c'
+              - >
+                {{- if .Values.nginx.customConfigMap }}
+                cp -Lrf /tmp/nginx.conf /etc/nginx/nginx.conf;
+                {{- end }}
+                if [ -f /tmp/replicator-nginx.conf ]; then
+                cp -fv /tmp/replicator-nginx.conf /etc/nginx/conf.d/replicator-nginx.conf;
+                fi;
+                if [ -f /tmp/ssl/*.crt ]; then
+                rm -rf /var/opt/jfrog/nginx/ssl/example.*;
+                cp -fv /tmp/ssl/* /var/opt/jfrog/nginx/ssl;
+                fi;
+                until [ -f /etc/nginx/conf.d/artifactory.conf ]; do sleep 1; done;
+                if ! grep -q 'upstream' /etc/nginx/conf.d/artifactory.conf; then
+                sed -i -e 's,proxy_pass .*,proxy_pass     http://{{ $serviceName }}:{{ $servicePort }}/artifactory/;,g' \
+                    -e 's,server_name .*,server_name ~(?<repo>.+)\\.{{ $serviceName }} {{ $serviceName }};,g' \
+                    /etc/nginx/conf.d/artifactory.conf;
+                fi;
+                if ! grep -q 'proxy_http_version' /etc/nginx/conf.d/artifactory.conf; then
+                sed -i 's,\(proxy_next_upstream .*\),proxy_http_version  1.1;\n    \1,g' /etc/nginx/conf.d/artifactory.conf;
+                fi;
+                sleep 5; nginx -s reload; touch /var/log/nginx/conf.done
+        env:
+        - name: ART_BASE_URL
+          {{- if .Values.nginx.env.artUrl }}
+          value: {{ .Values.nginx.env.artUrl }}
+          {{- else }}
+          value: 'http://{{ $serviceName }}:{{ $servicePort }}/artifactory'
+          {{- end }}
+        - name: SSL
+          value: "{{ .Values.nginx.env.ssl }}"
+        - name: SKIP_AUTO_UPDATE_CONFIG
+          value: "{{ .Values.nginx.env.skipAutoConfigUpdate }}"
+        ports:
+        - containerPort: {{ .Values.nginx.internalPortHttp }}
+        - containerPort: {{ .Values.nginx.internalPortHttps }}
+        {{- if .Values.artifactory.replicator.enabled }}
+        - containerPort: {{ .Values.nginx.internalPortReplicator }}
+        {{- end }}
+        volumeMounts:
+        - name: nginx-volume
+          mountPath: {{ .Values.nginx.persistence.mountPath | quote }}
+        {{- if .Values.artifactory.replicator.enabled }}
+        - name: replicator-nginx-config
+          mountPath: "/tmp/replicator-nginx.conf"
+          subPath: replicator-nginx.conf
+        {{- end }}
+        {{- if .Values.nginx.tlsSecretName }}
+        - name: ssl-secret-volume
+          mountPath: "/tmp/ssl"
+        {{- end }}
+        {{- if .Values.nginx.customConfigMap }}
+        - name: nginx-config
+          mountPath: "/tmp/"
+        {{- end }}
+        resources:
+{{ toYaml .Values.nginx.resources | indent 10 }}
+        {{- if .Values.nginx.readinessProbe.enabled }}
+        readinessProbe:
+          httpGet:
+            path: '/artifactory/webapp/#/login'
+            port: 80
+          initialDelaySeconds: {{ .Values.nginx.readinessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.nginx.readinessProbe.periodSeconds }}
+          timeoutSeconds: {{ .Values.nginx.readinessProbe.timeoutSeconds }}
+          failureThreshold: {{ .Values.nginx.readinessProbe.failureThreshold }}
+          successThreshold: {{ .Values.nginx.readinessProbe.successThreshold }}
+        {{- end }}
+        {{- if .Values.nginx.livenessProbe.enabled }}
+        livenessProbe:
+          httpGet:
+            path: '/artifactory/webapp/#/login'
+            port: 80
+          initialDelaySeconds: {{ .Values.nginx.livenessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.nginx.livenessProbe.periodSeconds }}
+          timeoutSeconds: {{ .Values.nginx.livenessProbe.timeoutSeconds }}
+          failureThreshold: {{ .Values.nginx.livenessProbe.failureThreshold }}
+          successThreshold: {{ .Values.nginx.livenessProbe.successThreshold }}
+        {{- end }}
+    {{- with .Values.nginx.nodeSelector }}
+      nodeSelector:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.nginx.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.nginx.tolerations }}
+      tolerations:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+      volumes:
+      {{- if .Values.artifactory.replicator.enabled }}
+      - name: replicator-nginx-config
+        configMap:
+          name: {{ template "artifactory-ha.fullname" . }}-replicator-nginx-config
+      {{- end}}
+      {{- if .Values.nginx.customConfigMap }}
+      - name: nginx-config
+        configMap:
+          name: {{ .Values.nginx.customConfigMap }}
+      {{- end }}
+      - name: nginx-volume
+      {{- if .Values.nginx.persistence.enabled }}
+        persistentVolumeClaim:
+          claimName: {{ .Values.nginx.persistence.existingClaim | default (include "artifactory-ha.nginx.fullname" .) }}
+      {{- else }}
+        emptyDir: {}
+      {{- end -}}
+      {{- if .Values.nginx.tlsSecretName }}
+      - name: ssl-secret-volume
+        secret:
+          secretName: {{ .Values.nginx.tlsSecretName }}
+      {{- end }}
+{{- end }}

charts/artifactory-ha/v0.7.0/templates/nginx-pvc.yaml

+{{- if and .Values.nginx.persistence.enabled (.Values.nginx.enabled ) }}
+{{- if (not .Values.nginx.persistence.existingClaim) }}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ template "artifactory-ha.nginx.fullname" . }}
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  accessModes:
+    - {{ .Values.nginx.persistence.accessMode | quote }}
+  resources:
+    requests:
+      storage: {{ .Values.nginx.persistence.size | quote }}
+{{- if .Values.nginx.persistence.storageClass }}
+{{- if (eq "-" .Values.nginx.persistence.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.nginx.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}

charts/artifactory-ha/v0.7.0/templates/nginx-replicator-conf.yaml

+{{- if .Values.artifactory.replicator.enabled -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "artifactory-ha.fullname" . }}-replicator-nginx-config
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+data:
+  replicator-nginx.conf: |
+      ## Artifactory replicator
+      server {
+        listen         {{ .Values.nginx.externalPortReplicator }};
+        server_name    {{ include "artifactory-ha.fullname" . }};
+
+        client_max_body_size 0;
+
+        location / {
+          proxy_read_timeout  900;
+          proxy_pass_header   Server;
+          proxy_pass          http://{{ include "artifactory-ha.primary.name" . }}:{{ .Values.nginx.internalPortReplicator }};
+          proxy_http_version  1.1;
+        }
+      }
+{{- end -}}
\ No newline at end of file

charts/artifactory-ha/v0.7.0/templates/nginx-service.yaml

+{{- if .Values.nginx.enabled -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "artifactory-ha.nginx.fullname" . }}
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+    component: {{ .Values.nginx.name }}
+{{- if .Values.nginx.service.annotations }}
+  annotations:
+{{ toYaml .Values.nginx.service.annotations | indent 4 }}
+{{- end }}
+spec:
+  type: {{ .Values.nginx.service.type }}
+{{- if eq .Values.nginx.service.type "LoadBalancer" }}
+  {{ if .Values.nginx.service.loadBalancerIP -}}
+  loadBalancerIP: {{ .Values.nginx.service.loadBalancerIP }}
+  {{ end -}}
+  {{- if .Values.nginx.service.externalTrafficPolicy }}
+  externalTrafficPolicy: {{ .Values.nginx.service.externalTrafficPolicy }}
+  {{- end }}
+{{- end }}
+{{- if .Values.nginx.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+{{ toYaml .Values.nginx.service.loadBalancerSourceRanges | indent 4 }}
+{{- end }}
+  ports:
+  {{- if .Values.artifactory.replicator.enabled }}
+  - port: {{ .Values.nginx.externalPortReplicator }}
+    targetPort: {{ .Values.nginx.internalPortReplicator }}
+    protocol: TCP
+    name: replicator
+  {{- end }}
+  - port: {{ .Values.nginx.externalPortHttp }}
+    targetPort: {{ .Values.nginx.internalPortHttp }}
+    protocol: TCP
+    name: http
+  - port: {{ .Values.nginx.externalPortHttps }}
+    targetPort: {{ .Values.nginx.internalPortHttps }}
+    protocol: TCP
+    name: https
+  selector:
+    app: {{ template "artifactory-ha.name" . }}
+    component: {{ .Values.nginx.name }}
+    release: {{ .Release.Name }}
+{{- end }}

charts/artifactory-ha/v0.7.0/templates/replicator-configmap.yaml

+{{- if .Values.artifactory.replicator.enabled -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "artifactory-ha.fullname" . }}-replicator-config
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+data:
+  replicator.yaml: |-
+    externalUrl: {{ .Values.artifactory.replicator.publicUrl }}
+    internalUrl: http://localhost:6061
+    listenPort: 6061
+{{- end -}}