Skip to content

C
charts
Commit 06adcdad by Guangbo Chen Committed by Denise Schannon
Options

Bump chartmuseum to v2.3.1

parent 45edf905
Showing with 241 additions and 164 deletions
charts/chartmuseum/v2.3.1/Chart.yaml
apiVersion: v1
description: Helm Chart Repository with support for Amazon S3 and Google Cloud Storage
description: Host your own Helm Chart Repository
name: chartmuseum
version: 1.6.2
appVersion: 0.7.1
home: https://github.com/chartmuseum/chartmuseum
version: 2.3.1
appVersion: 0.9.0
home: https://github.com/helm/chartmuseum
icon: file://../logo.png
keywords:
- chartmuseum
......
charts/chartmuseum/v2.3.1/questions.yml
labels:
io.cattle.role: project # options are cluster/project
questions:
- variable: defaultImage
default: true
......@@ -8,15 +10,17 @@ questions:
group: "Container Images"
subquestions:
- variable: image.repository
default: "chartmuseum/chartmuseum"
default: "ranchercharts/chartmuseum-chartmuseum"
description: "Docker image repository"
type: string
label: Image Repository
required: true
- variable: image.tag
default: "v0.7.1"
default: "v0.9.0"
description: "Docker image tag"
type: string
label: Image Tag
required: true
# storage settings
- variable: env.open.STORAGE
required: true
......@@ -27,8 +31,8 @@ questions:
group: "Storage Options"
options:
- "local"
- "amazon"
- "alibaba"
- "amazon"
- "google"
- "microsoft"
- "openstack"
......@@ -63,20 +67,23 @@ questions:
label: OSS Bucket Name
group: "Storage Options"
show_if: "env.open.STORAGE=alibaba"
- variable: env.open.STORAGE_ALIBABA_PREFIX
required: true
- variable: env.open.STORAGE_ALIBABA_ENDPOINT
default: ""
type: string
description: "Prefix to store charts for alibaba storage backend"
label: OSS Bucket Prefix
description: "OSS endpoint to store charts for alibaba storage backend"
label: Alternative OSS Storage Endpoint
group: "Storage Options"
show_if: "env.open.STORAGE=alibaba"
- variable: env.open.STORAGE_ALIBABA_ENDPOINT
required: true
- variable: env.open.STORAGE_ALIBABA_PREFIX
default: ""
type: string
description: "OSS endpoint to store charts for alibaba storage backend"
label: Alternative OSS Storage Endpoint
description: "Prefix to store charts for alibaba storage backend"
label: OSS Bucket Prefix
group: "Storage Options"
show_if: "env.open.STORAGE=alibaba"
required: true
# Google Storage Options
- variable: env.open.STORAGE_GOOGLE_BUCKET
default: ""
......@@ -85,6 +92,7 @@ questions:
label: GCS Bucket Name
group: "Storage Options"
show_if: "env.open.STORAGE=google"
required: true
- variable: env.open.STORAGE_GOOGLE_PREFIX
default: ""
type: string
......@@ -92,6 +100,7 @@ questions:
label: GCS Bucket Prefix
group: "Storage Options"
show_if: "env.open.STORAGE=google"
required: true
# Microsoft Azure Storage Options
- variable: env.open.STORAGE_MICROSOFT_CONTAINER
default: ""
......@@ -100,6 +109,7 @@ questions:
label: Microsoft Azure Blob Storage Name
group: "Storage Options"
show_if: "env.open.STORAGE=microsoft"
required: true
- variable: env.open.STORAGE_MICROSOFT_PREFIX
default: ""
type: string
......@@ -107,6 +117,7 @@ questions:
label: Microsoft Azure Blob Storage Prefix
group: "Storage Options"
show_if: "env.open.STORAGE=microsoft"
required: true
# OpenStack Storage Options
- variable: env.open.STORAGE_OPENSTACK_CONTAINER
default: ""
......@@ -115,6 +126,7 @@ questions:
label: Openstack Object Storage Container Name
group: "Storage Options"
show_if: "env.open.STORAGE=openstack"
required: true
- variable: env.open.STORAGE_OPENSTACK_PREFIX
default: ""
type: string
......@@ -122,6 +134,7 @@ questions:
label: Prefix To Openstack Object Storage Container
group: "Storage Options"
show_if: "env.open.STORAGE=openstack"
required: true
- variable: env.open.STORAGE_OPENSTACK_REGION
default: ""
type: string
......@@ -129,98 +142,14 @@ questions:
label: Region Of Openstack Object Storage Container
group: "Storage Options"
show_if: "env.open.STORAGE=openstack"
required: true
# Storage Secret
- variable: env.secret.AWS_ACCESS_KEY_ID
default: ""
type: string
description: "AWS access key id value"
label: AWS Access Key ID Value
group: "Storage Secret"
show_if: "env.open.STORAGE=amazon"
- variable: env.secret.AWS_SECRET_ACCESS_KEY
- variable: env.existingSecret
default: ""
type: string
description: "aws access key secret value "
label: AWS Access Key Secret Value
group: "Storage Secret"
show_if: "env.open.STORAGE=amazon"
- variable: env.secret.ALIBABA_CLOUD_ACCESS_KEY_ID
default: ""
type: string
description: "alibaba OSS access key id"
label: OSS Access Key ID
type: secret
description: "Name of an existing secret to get the secret values from"
label: Select the Existing Secret
group: "Storage Secret"
show_if: "env.open.STORAGE=alibaba"
- variable: env.secret.ALIBABA_CLOUD_ACCESS_KEY_SECRET
default: ""
type: string
description: "alibaba OSS access key secret "
label: OSS Access Key Secret
group: "Storage Secret"
show_if: "env.open.STORAGE=alibaba"
- variable: gcp.secret.enabled
default: false
type: boolean
description: "Flag for the GCP service account"
label: Enable GCP Service Account
group: "Storage Secret"
show_if: "env.open.STORAGE=google"
show_subquestion_if: true
subquestions:
- variable: gcp.secret.name
default: ""
type: string
description: "secret name for the gcp json file"
label: Secret Name For The GCP Json File
- variable: gcp.secret.key
default: "credentials.json"
type: string
description: "Secret key for the GCP json file"
label: Secret Key For The GCP Json File
# Openstack Object Storage secret
- variable: env.secret.OS_AUTH_URL
default: ""
type: string
description: "Openstack object storage auth url"
label: Auth URL Of Openstack Object Storage
group: "Storage Secret"
show_if: "env.open.STORAGE=openstack"
- variable: env.secret.OS_TENANT_ID
default: ""
type: string
description: "Openstack object storage tenant id"
label: Tenant ID Of Openstack Object Storage
group: "Storage Secret"
show_if: "env.open.STORAGE=openstack"
- variable: env.secret.OS_USERNAME
default: ""
type: string
description: "Openstack object storage username"
label: Username Of Openstack Object Storage
group: "Storage Secret"
show_if: "env.open.STORAGE=openstack"
- variable: env.secret.OS_PASSWORD
default: ""
type: string
description: "Openstack object storage password"
label: Password Of Openstack Object Storage
group: "Storage Secret"
show_if: "env.open.STORAGE=openstack"
# Microsoft azure secret
- variable: env.secret.AZURE_STORAGE_ACCOUNT
default: ""
type: string
description: "azure storage account"
label: Azure Storage Account
group: "Storage Secret"
show_if: "env.open.STORAGE=microsoft"
- variable: env.secret.AZURE_STORAGE_ACCESS_KEY
default: ""
type: string
description: "azure storage account access key "
label: Azure Storage Account Access Key
group: "Storage Secret"
show_if: "env.open.STORAGE=microsoft"
# Local Storage Settings
- variable: persistence.enabled
default: true
......@@ -252,14 +181,14 @@ questions:
label: Uses Existing Persistent Volume Cliam for LocalStorage
# Service and L7 LoadBalancer
- variable: ingress.enabled
default: true
default: false
description: "Expose app using Layer 7 Load Balancer - ingress"
type: boolean
label: Expose app using Layer 7 Load Balancer
show_subquestion_if: true
group: "Services and Load Balancing"
subquestions:
- variable: ingress.hosts[0]
- variable: ingress.hosts[0].name
default: "xip.io"
description: "Hostname to your app installation"
type: hostname
......@@ -276,26 +205,7 @@ questions:
options:
- "ClusterIP"
- "NodePort"
- "LoadBalancer"
# chartmuseum options
- variable: env.secret.BASIC_AUTH_USER
default: ""
description: "Username for basic http authentication"
type: string
label: Username For Basic Http Authentication (Optional)
group: "ChartMuseum Settings"
- variable: env.secret.BASIC_AUTH_PASS
default: ""
description: "Password for basic http authentication"
type: string
label: Password For Basic Http Authentication (Optional)
group: "ChartMuseum Settings"
- variable: env.open.CHART_URL
default: ""
description: "Absolute url for .tgzs in index.yaml"
type: string
label: Absolute URL For .tgzs In index.yaml
group: "ChartMuseum Settings"
- variable: env.open.SHOW_ADVANCED
default: false
description: "Show advanced ChartMuseum settings"
......@@ -304,10 +214,15 @@ questions:
group: "ChartMuseum Settings"
show_subquestion_if: true
subquestions:
- variable: env.open.CHART_URL
default: ""
description: "Absolute url for .tgzs in index.yaml"
type: string
label: Absolute URL For .tgzs In index.yaml
- variable: env.open.DEPTH
default: "0"
default: 0
description: "Levels of nested repos for multitenancy."
type: string
type: int
label: Levels Of Nested Repos For Multitenancy
- variable: env.open.ALLOW_OVERWRITE
default: false
......
charts/chartmuseum/v2.3.1/templates/deployment.yaml
apiVersion: extensions/v1beta1
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "chartmuseum.fullname" . }}
......@@ -6,16 +6,21 @@ metadata:
{{ toYaml .Values.deployment.annotations | indent 4 }}
labels:
{{ include "chartmuseum.labels.standard" . | indent 4 }}
{{- if .Values.deployment.labels }}
{{ toYaml .Values.deployment.labels | indent 4 }}
{{- end }}
spec:
replicas: {{ .Values.replicaCount }}
strategy:
{{ toYaml .Values.strategy | indent 4 }}
revisionHistoryLimit: 10
selector:
matchLabels:
app: {{ template "chartmuseum.name" . }}
release: {{ .Release.Name | quote }}
template:
metadata:
name: {{ include "chartmuseum.fullname" . }}
annotations:
{{ toYaml .Values.replica.annotations | indent 8 }}
labels:
app: {{ template "chartmuseum.name" . }}
release: {{ .Release.Name | quote }}
......@@ -24,6 +29,11 @@ spec:
- name: {{ .Chart.Name }}
image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.env.existingSecret }}
envFrom:
- secretRef:
name: {{ .Values.env.existingSecret }}
{{- end }}
env:
{{- range $name, $value := .Values.env.open }}
{{- if not (empty $value) }}
......@@ -31,10 +41,30 @@ spec:
value: {{ $value | quote }}
{{- end }}
{{- end }}
{{- range $name, $value := .Values.env.field }}
{{- if not ( empty $value) }}
- name: {{ $name | quote }}
valueFrom:
fieldRef:
fieldPath: {{ $value | quote }}
{{- end }}
{{- end }}
{{- if .Values.gcp.secret.enabled }}
- name: GOOGLE_APPLICATION_CREDENTIALS
value: "/etc/secrets/google/credentials.json"
{{- end }}
{{- if .Values.env.existingSecret }}
{{- $secret_name := .Values.env.existingSecret }}
{{- range $name, $key := .Values.env.existingSecretMappings }}
{{- if not ( empty $key) }}
- name: {{ $name | quote }}
valueFrom:
secretKeyRef:
name: {{ $secret_name | quote }}
key: {{ $key | quote }}
{{- end }}
{{- end }}
{{- else }}
{{- $secret_name := include "chartmuseum.fullname" . }}
{{- range $name, $value := .Values.env.secret }}
{{- if not ( empty $value) }}
......@@ -45,6 +75,11 @@ spec:
key: {{ $name | quote }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.bearerAuth.secret.enabled }}
- name: AUTH_CERT_PATH
value: /var/keys/public-key.pem
{{ end }}
args:
- --port=8080
{{- if eq .Values.env.open.STORAGE "local" }}
......@@ -63,16 +98,24 @@ spec:
path: {{ .Values.env.open.CONTEXT_PATH }}/health
port: http
{{ toYaml .Values.probes.readiness | indent 10 }}
{{- if eq .Values.env.open.STORAGE "local" }}
volumeMounts:
{{- if eq .Values.env.open.STORAGE "local" }}
- mountPath: /storage
name: storage-volume
{{- end }}
{{- if .Values.gcp.secret.enabled }}
volumeMounts:
- mountPath: /etc/secrets/google
name: {{ include "chartmuseum.fullname" . }}-gcp
{{- end }}
{{- if .Values.oracle.secret.enabled }}
- mountPath: /home/chartmuseum/.oci
name: {{ include "chartmuseum.fullname" . }}-oracle
{{- end }}
{{- if .Values.bearerAuth.secret.enabled }}
- name: public-key
mountPath: /var/keys
readOnly: true
{{- end }}
{{- with .Values.resources }}
resources:
{{ toYaml . | indent 10 }}
......@@ -121,3 +164,18 @@ spec:
path: credentials.json
{{ end }}
{{ end }}
{{ if .Values.oracle.secret.enabled }}
- name: {{ include "chartmuseum.fullname" . }}-oracle
secret:
secretName: {{ .Values.oracle.secret.name }}
items:
- key: {{ .Values.oracle.secret.config }}
path: config
- key: {{ .Values.oracle.secret.key_file }}
path: oci.key
{{ end }}
{{- if .Values.bearerAuth.secret.enabled }}
- name: public-key
secret:
secretName: {{ .Values.bearerAuth.secret.publicKeySecret }}
{{- end }}
charts/chartmuseum/v2.3.1/templates/ingress.yaml
{{- if .Values.ingress.enabled }}
{{- $servicePort := .Values.service.externalPort -}}
{{- $serviceName := include "chartmuseum.fullname" . -}}
{{- if .Values.ingress.enabled }}
{{- $ingressExtraPaths := .Values.ingress.extraPaths -}}
---
apiVersion: extensions/v1beta1
kind: Ingress
......@@ -15,17 +16,27 @@ metadata:
{{ include "chartmuseum.labels.standard" . | indent 4 }}
spec:
rules:
{{- range $host := .Values.ingress.hosts }}
- host: {{ $host }}
{{- range .Values.ingress.hosts }}
- host: {{ .name }}
http:
paths:
- path:
{{- range $ingressExtraPaths }}
- path: {{ default "/" .path | quote }}
backend:
serviceName: {{ default $serviceName .service }}
servicePort: {{ default $servicePort .port }}
{{- end }}
- path: {{ default "/" .path | quote }}
backend:
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end -}}
{{- if .Values.ingress.tls }}
serviceName: {{ default $serviceName .serviceName }}
servicePort: {{ default $servicePort .servicePort }}
{{- end }}
tls:
{{ toYaml .Values.ingress.tls | indent 4 }}
{{- end -}}
{{- range .Values.ingress.hosts }}
{{- if .tls }}
- hosts:
- {{ .name }}
secretName: {{ .tlsSecret }}
{{- end }}
{{- end }}
{{- end -}}
charts/chartmuseum/v2.3.1/templates/pv.yaml 0 → 100644
{{- if .Values.persistence.pv.enabled -}}
apiVersion: v1
kind: PersistentVolume
metadata:
{{- if .Values.persistence.pv.pvname }}
name: {{ .Values.persistence.pv.pvname }}
{{- else }}
name: {{ include "chartmuseum.fullname" . }}
{{- end }}
labels:
app: {{ include "chartmuseum.fullname" . }}
release: {{ .Release.Name | quote }}
spec:
capacity:
storage: {{ .Values.persistence.pv.capacity.storage }}
accessModes:
- {{ .Values.persistence.pv.accessMode | quote }}
nfs:
server: {{ .Values.persistence.pv.nfs.server }}
path: {{ .Values.persistence.pv.nfs.path | quote }}
{{- end }}
\ No newline at end of file
charts/chartmuseum/v2.3.1/templates/pvc.yaml
......@@ -6,6 +6,9 @@ metadata:
labels:
app: {{ include "chartmuseum.fullname" . }}
release: {{ .Release.Name | quote }}
{{- if .Values.persistence.labels }}
{{ toYaml .Values.persistence.labels | indent 4 }}
{{- end }}
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
......@@ -18,5 +21,7 @@ spec:
{{- else }}
storageClassName: "{{ .Values.persistence.storageClass }}"
{{- end }}
{{- else if and .Values.persistence.volumeName (.Values.persistence.pv.enabled) }}
volumeName: "{{ .Values.persistence.volumeName }}"
{{- end }}
{{- end }}
charts/chartmuseum/v2.3.1/templates/secret.yaml
{{- if not .Values.env.existingSecret -}}
apiVersion: v1
kind: Secret
metadata:
......@@ -15,3 +16,4 @@ data:
{{- end }}
{{- end }}
{{- end }}
{{- end }}
charts/chartmuseum/v2.3.1/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
{{- if .Values.service.servicename }}
name: {{ .Values.service.servicename }}
{{- else }}
name: {{ include "chartmuseum.fullname" . }}
annotations:
{{ toYaml .Values.service.annotations | indent 4 }}
{{- end }}
labels:
{{ include "chartmuseum.labels.standard" . | indent 4 }}
{{- if .Values.service.labels }}
{{ toYaml .Values.service.labels | indent 4 }}
{{- end }}
{{- if .Values.service.annotations }}
annotations:
{{ toYaml .Values.service.annotations | indent 4 }}
{{- end }}
spec:
type: {{ .Values.service.type }}
{{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }}
externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }}
{{- end }}
{{- if eq .Values.service.type "ClusterIP" }}
{{- if .Values.service.clusterIP }}
clusterIP: {{ .Values.service.clusterIP }}
......
charts/chartmuseum/v2.3.1/values.yaml
......@@ -4,12 +4,13 @@ strategy:
rollingUpdate:
maxUnavailable: 0
image:
repository: chartmuseum/chartmuseum
tag: v0.7.1
# repository: chartmuseum/chartmuseum
repository: ranchercharts/chartmuseum-chartmuseum
tag: v0.9.0
pullPolicy: IfNotPresent
env:
open:
# storage backend, can be one of: local, alibaba, amazon, google, microsoft
# storage backend, can be one of: local, alibaba, amazon, google, microsoft, oracle
STORAGE: local
# oss bucket to store charts for alibaba storage backend
STORAGE_ALIBABA_BUCKET:
......@@ -46,6 +47,12 @@ env:
STORAGE_OPENSTACK_REGION:
# path to a CA cert bundle for your openstack endpoint
STORAGE_OPENSTACK_CACERT:
# compartment id for for oracle storage backend
STORAGE_ORACLE_COMPARTMENTID:
# oci bucket to store charts for oracle storage backend
STORAGE_ORACLE_BUCKET:
# prefix to store charts for oracle storage backend
STORAGE_ORACLE_PREFIX:
# form field which will be queried for the chart file content
CHART_POST_FORM_FIELD_NAME: chart
# form field which will be queried for the provenance file content
......@@ -78,6 +85,14 @@ env:
CACHE_REDIS_ADDR:
# Redis database to be selected after connect
CACHE_REDIS_DB: 0
# enable bearer auth
BEARER_AUTH: false
# auth realm used for bearer auth
AUTH_REALM:
# auth service used for bearer auth
AUTH_SERVICE:
field:
# POD_IP: status.podIP
secret:
# username for basic http authentication
BASIC_AUTH_USER:
......@@ -87,21 +102,31 @@ env:
GOOGLE_CREDENTIALS_JSON:
# Redis requirepass server configuration
CACHE_REDIS_PASSWORD:
# Name of an existing secret to get the secret values from
existingSecret:
# Stores Enviromnt Variable to secret key name mappings
existingSecretMappings:
# username for basic http authentication
BASIC_AUTH_USER:
# password for basic http authentication
BASIC_AUTH_PASS:
# GCP service account json file
GOOGLE_CREDENTIALS_JSON:
# Redis requirepass server configuration
CACHE_REDIS_PASSWORD:
deployment:
## Chartmuseum Deployment annotations
annotations: {}
# name: value
replica:
## Chartmuseum Replicas annotations
annotations: {}
## Read more about kube2iam to provide access to s3 https://github.com/jtblin/kube2iam
# iam.amazonaws.com/role: role-arn
service:
servicename:
type: ClusterIP
externalTrafficPolicy: Local
# clusterIP: None
externalPort: 8080
nodePort:
annotations: {}
labels: {}
resources: {}
# limits:
......@@ -129,7 +154,12 @@ serviceAccount:
create: false
# name:
securityContext: {}
# UID/GID 1000 is the default user "chartmuseum" used in
# the container image starting in v0.8.0 and above. This
# is required for local persistant storage. If your cluster
# does not allow this, try setting securityContext: {}
securityContext:
fsGroup: 1000
nodeSelector: {}
......@@ -141,6 +171,8 @@ persistence:
enabled: false
accessMode: ReadWriteOnce
size: 8Gi
labels: {}
# name: value
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
......@@ -154,6 +186,16 @@ persistence:
## GKE, AWS & OpenStack)
##
# storageClass: "-"
# volumeName:
pv:
enabled: false
pvname:
capacity:
storage: 8Gi
accessMode: ReadWriteOnce
nfs:
server:
path:
## Ingress for load balancer
ingress:
......@@ -172,18 +214,19 @@ ingress:
## Chartmuseum Ingress hostnames
## Must be provided if Ingress is enabled
##
# hosts:
# chartmuseum.domain.com:
# - /charts
# - /index.yaml
## Chartmuseum Ingress TLS configuration
## Secrets must be manually created in the namespace
##
# tls:
# - secretName: chartmuseum-server-tls
# hosts:
# - chartmuseum.domain.com
# hosts:
# - name: chartmuseum.domain1.com
# path: /
# tls: false
# - name: chartmuseum.domain2.com
# path: /
#
# ## Set this to true in order to enable TLS on the ingress record
# tls: true
#
# ## If TLS is set to true, you must declare what secret will store the key/certificate for TLS
# ## Secrets must be added manually to the namespace
# tlsSecret: chartmuseum.domain2-tls
# Adding secrets to tiller is not a great option, so If you want to use an existing
# secret that contains the json file, you can use the following entries
......@@ -194,3 +237,16 @@ gcp:
name:
# Secret key that holds the json value.
key: credentials.json
oracle:
secret:
enabled: false
# Name of the secret that contains the encoded config and key
name:
# Secret key that holds the oci config
config: config
# Secret key that holds the oci private key
key_file: key_file
bearerAuth:
secret:
enabled: false
publicKeySecret: chartmuseum-public-key
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment