Compare commits
123 Commits
barman-clo
...
generic-de
| Author | SHA1 | Date | |
|---|---|---|---|
| dfc1c004f7 | |||
e356a1f5e4
|
|||
| eeb862334c | |||
| 564ac85500 | |||
|
9022faf339
|
|||
| c23f9cbff6 | |||
|
5e347fb07b
|
|||
| e0774edd94 | |||
| 1df6be47bf | |||
| 0a18610132 | |||
|
e792f6ea77
|
|||
| e228822694 | |||
| 0469bfe6ff | |||
| 113188b039 | |||
| b16ac7209a | |||
|
dd7a5a352d
|
|||
| b6a0fd8661 | |||
| dc46ba5939 | |||
|
06b4b4c8d0
|
|||
|
b94ae7ef72
|
|||
| a9e669fd76 | |||
| 19bd111758 | |||
| e5ab5017b7 | |||
| 2d661bafa0 | |||
| 7901a085f5 | |||
| d403cc4066 | |||
| da4a2acd8a | |||
| ae3897832b | |||
| de2b30b476 | |||
| 58e380c9ea | |||
| 2dfa733e49 | |||
| 227c0db540 | |||
| e09e2ba56f | |||
| bf18a84ea2 | |||
| 01bcb37e45 | |||
| 8e2f1d13e7 | |||
| 01052fa169 | |||
| 049829d7ef | |||
| d8a21ebe6c | |||
|
8fa08ea571
|
|||
| a74dcf8d07 | |||
| f3d13ef30f | |||
|
a277a8459f
|
|||
|
5635efb0bf
|
|||
| cb9b22574a | |||
| 76aef8d563 | |||
| 0f00be34cc | |||
|
d51b0a0f05
|
|||
| d729a5b1b5 | |||
|
a3521256f4
|
|||
| 857918cdb6 | |||
|
b4c5b8ef62
|
|||
| 0c4a92f971 | |||
| a381849255 | |||
| 175dc6a382 | |||
| bf16bd9e46 | |||
|
1e376185ac
|
|||
| ff2d7cd5c6 | |||
| 81d33840bf | |||
| b5a367af6a | |||
|
2ed348b7db
|
|||
| 8d4a0f2ba2 | |||
| 88a1c15cec | |||
| 43df30e7c3 | |||
| 72da712906 | |||
| c7871ee4b6 | |||
| 3d6d0a1cfb | |||
| b46e63218d | |||
| d37c77f244 | |||
| 3a1a432005 | |||
| 77a3e4a926 | |||
| b88454612b | |||
|
57e5184bee
|
|||
| a789214d01 | |||
|
cbe22fc5e4
|
|||
| 617fcc0ef8 | |||
| b9727e4afc | |||
| e5c767b6c5 | |||
| f95dd80e3a | |||
|
a56d7a435c
|
|||
| 222a273671 | |||
| c4345f3e7b | |||
|
be5dee1fd8
|
|||
| 595f234afa | |||
| 6214d8a397 | |||
| 69ab6f82a0 | |||
| 376ea6ee88 | |||
| 1c9b2e93f4 | |||
| 83ef3d23cb | |||
| 8f2c262845 | |||
| 4f9ab170f4 | |||
|
ad5d06b065
|
|||
| 50cf277ecb | |||
| e4795f1041 | |||
| dc64cb498e | |||
| 9646667d75 | |||
| 1b68fcabf5 | |||
| d95b7ef6ac | |||
| 8f92b4b3ef | |||
| 2d04080009 | |||
| b63140e74f | |||
| e430d3fe32 | |||
| 8e748b7084 | |||
| f339e8698c | |||
| fbc9293355 | |||
| 2371aeb612 | |||
| 799340aa3b | |||
| 9da5f721c7 | |||
| aa919178a4 | |||
| 55e878d517 | |||
| 3683209b23 | |||
| 2be7e3789c | |||
| f5bb3e2403 | |||
| 0ef4b6ba3c | |||
| 7f46106a10 | |||
| 71dbdbf9df | |||
| 1e17a769dc | |||
| 78024a129f | |||
| 5cca3b2717 | |||
| a70137cfbd | |||
| dc4df55373 | |||
| a3f42e13ce | |||
| a48262f115 |
@@ -1,10 +1,11 @@
|
||||
name: lint-and-test-charts
|
||||
name: lint-and-test
|
||||
|
||||
on: pull_request
|
||||
on:
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
lint-test:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-24.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
@@ -35,4 +36,4 @@ jobs:
|
||||
|
||||
- name: Run Chart Testing (lint)
|
||||
if: steps.list-changed.outputs.changed == 'true'
|
||||
run: ct lint --target-branch ${{ gitea.event.repository.default_branch }}
|
||||
run: ct lint --validate-maintainers=false --target-branch ${{ gitea.event.repository.default_branch }}
|
||||
|
||||
@@ -14,7 +14,7 @@ env:
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-24.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
@@ -56,11 +56,30 @@ jobs:
|
||||
files: |-
|
||||
${{ env.PACKAGE_PATH }}
|
||||
|
||||
- name: Actions Ntfy
|
||||
run: |
|
||||
curl \
|
||||
-H "Authorization: Bearer ${{ secrets.NTFY_CRED }}" \
|
||||
-H "Title: Chart Released: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}" \
|
||||
-H "Content-Type: text/plain" \
|
||||
-d $'Repo: ${{ gitea.repository }}\nCommit: ${{ gitea.sha }}\nRef: ${{ gitea.ref }}\nStatus: ${{ job.status}}' \
|
||||
${{ secrets.NTFY_URL }}
|
||||
- name: ntfy Success
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: success()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: 'Helm Chart for cloudflared release workflow has successfully completed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: 'Helm Chart for cloudflared release workflow has failed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/site-profile/actions?workflow=release-image.yml", "clear": true}]'
|
||||
image: true
|
||||
|
||||
@@ -14,7 +14,7 @@ env:
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-24.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
@@ -56,11 +56,30 @@ jobs:
|
||||
files: |-
|
||||
${{ env.PACKAGE_PATH }}
|
||||
|
||||
- name: Actions Ntfy
|
||||
run: |
|
||||
curl \
|
||||
-H "Authorization: Bearer ${{ secrets.NTFY_CRED }}" \
|
||||
-H "Title: Chart Released: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}" \
|
||||
-H "Content-Type: text/plain" \
|
||||
-d $'Repo: ${{ gitea.repository }}\nCommit: ${{ gitea.sha }}\nRef: ${{ gitea.ref }}\nStatus: ${{ job.status}}' \
|
||||
${{ secrets.NTFY_URL }}
|
||||
- name: ntfy Success
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: success()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: 'Helm Chart for generic-device-plugin release workflow has successfully completed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: 'Helm Chart for generic-device-plugin release workflow has failed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/site-profile/actions?workflow=release-image.yml", "clear": true}]'
|
||||
image: true
|
||||
|
||||
@@ -1,20 +1,20 @@
|
||||
name: release-charts-cloudfbarman-cloudlared
|
||||
name: release-charts-gitea-actions
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- "charts/barman-cloud/**"
|
||||
- "charts/gitea-actions/**"
|
||||
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
WORKFLOW_DIR: "charts/barman-cloud"
|
||||
WORKFLOW_DIR: "charts/gitea-actions"
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-24.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
@@ -56,11 +56,30 @@ jobs:
|
||||
files: |-
|
||||
${{ env.PACKAGE_PATH }}
|
||||
|
||||
- name: Actions Ntfy
|
||||
run: |
|
||||
curl \
|
||||
-H "Authorization: Bearer ${{ secrets.NTFY_CRED }}" \
|
||||
-H "Title: Chart Released: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}" \
|
||||
-H "Content-Type: text/plain" \
|
||||
-d $'Repo: ${{ gitea.repository }}\nCommit: ${{ gitea.sha }}\nRef: ${{ gitea.ref }}\nStatus: ${{ job.status}}' \
|
||||
${{ secrets.NTFY_URL }}
|
||||
- name: ntfy Success
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: success()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: 'Helm Chart for gitea-actions release workflow has successfully completed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: 'Helm Chart for gitea-actions release workflow has failed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/site-profile/actions?workflow=release-image.yml", "clear": true}]'
|
||||
image: true
|
||||
@@ -14,7 +14,7 @@ env:
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-24.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
@@ -56,11 +56,30 @@ jobs:
|
||||
files: |-
|
||||
${{ env.PACKAGE_PATH }}
|
||||
|
||||
- name: Actions Ntfy
|
||||
run: |
|
||||
curl \
|
||||
-H "Authorization: Bearer ${{ secrets.NTFY_CRED }}" \
|
||||
-H "Title: Chart Released: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}" \
|
||||
-H "Content-Type: text/plain" \
|
||||
-d $'Repo: ${{ gitea.repository }}\nCommit: ${{ gitea.sha }}\nRef: ${{ gitea.ref }}\nStatus: ${{ job.status}}' \
|
||||
${{ secrets.NTFY_URL }}
|
||||
- name: ntfy Success
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: success()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: 'Helm Chart for postgres-cluster release workflow has successfully completed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: 'Helm Chart for postgres-cluster release workflow has failed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/site-profile/actions?workflow=release-image.yml", "clear": true}]'
|
||||
image: true
|
||||
|
||||
32
.gitea/workflows/renovate.yaml
Normal file
32
.gitea/workflows/renovate.yaml
Normal file
@@ -0,0 +1,32 @@
|
||||
name: renovate
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: "@daily"
|
||||
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
renovate:
|
||||
runs-on: ubuntu-24.04
|
||||
container: ghcr.io/renovatebot/renovate:41
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Renovate
|
||||
run: renovate
|
||||
env:
|
||||
RENOVATE_PLATFORM: gitea
|
||||
RENOVATE_ENDPOINT: ${{ vars.INSTANCE_URL }}
|
||||
RENOVATE_REPOSITORIES: alexlebens/helm-charts
|
||||
RENOVATE_GIT_AUTHOR: Renovate Bot <renovate-bot@alexlebens.net>
|
||||
LOG_LEVEL: info
|
||||
RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }}
|
||||
RENOVATE_GIT_PRIVATE_KEY: ${{ secrets.RENOVATE_GIT_PRIVATE_KEY }}
|
||||
RENOVATE_GITHUB_COM_TOKEN: ${{ secrets.RENOVATE_GITHUB_COM_TOKEN }}
|
||||
RENOVATE_REDIS_URL: ${{ vars.RENOVATE_REDIS_URL }}
|
||||
@@ -1,18 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: barman-cloud
|
||||
version: 0.2.2
|
||||
description: Barman Cloud Plugin
|
||||
keywords:
|
||||
- barman-cloud
|
||||
- cloudnative-pg
|
||||
sources:
|
||||
- https://github.com/cloudnative-pg/plugin-barman-cloud
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/library/common
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.0.1
|
||||
icon: https://avatars.githubusercontent.com/u/100373852?s=48&v=4
|
||||
appVersion: v.0.4.0
|
||||
@@ -1,33 +0,0 @@
|
||||
# barman-cloud
|
||||
|
||||
 
|
||||
|
||||
Barman Cloud Plugin
|
||||
|
||||
## Maintainers
|
||||
|
||||
| Name | Email | Url |
|
||||
| ---- | ------ | --- |
|
||||
| alexlebens | | |
|
||||
|
||||
## Source Code
|
||||
|
||||
* <https://github.com/cloudnative-pg/plugin-barman-cloud>
|
||||
* <https://github.com/bjw-s-labs/helm-charts/tree/main/charts/library/common>
|
||||
|
||||
## Requirements
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 4.0.1 |
|
||||
|
||||
## Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| image | object | `{"pullPolicy":"IfNotPresent","repository":"ghcr.io/cloudnative-pg/plugin-barman-cloud","tag":"v0.4.0"}` | Default image |
|
||||
| name | string | `"barman-cloud"` | Name override of release |
|
||||
| service | object | `{"listenPort":9090}` | Default service |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
|
||||
@@ -1,46 +0,0 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: {{ .Values.name }}-client
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Values.name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
commonName: {{ .Values.name }}-client
|
||||
duration: 2160h
|
||||
isCA: false
|
||||
issuerRef:
|
||||
group: cert-manager.io
|
||||
kind: Issuer
|
||||
name: selfsigned-issuer
|
||||
renewBefore: 360h
|
||||
secretName: {{ .Values.name }}-client-tls
|
||||
usages:
|
||||
- client auth
|
||||
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: {{ .Values.name }}-server
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Values.name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
commonName: {{ .Values.name }}
|
||||
dnsNames:
|
||||
- {{ .Values.name }}
|
||||
duration: 2160h
|
||||
isCA: false
|
||||
issuerRef:
|
||||
group: cert-manager.io
|
||||
kind: Issuer
|
||||
name: selfsigned-issuer
|
||||
renewBefore: 360h
|
||||
secretName: {{ .Values.name }}-server-tls
|
||||
usages:
|
||||
- server auth
|
||||
@@ -1,34 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: metrics-auth-rolebinding
|
||||
labels:
|
||||
app.kubernetes.io/name: metrics-auth-rolebinding
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: metrics-auth-role
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ .Release.Name }}-plugin-barman-cloud
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: plugin-barman-cloud-binding
|
||||
labels:
|
||||
app.kubernetes.io/name: plugin-barman-cloud
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: plugin-barman-cloud
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ .Release.Name }}-plugin-barman-cloud
|
||||
namespace: {{ .Release.Namespace }}
|
||||
@@ -1,157 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: metrics-auth-role
|
||||
labels:
|
||||
app.kubernetes.io/name: metrics-auth-role
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- authentication.k8s.io
|
||||
resources:
|
||||
- tokenreviews
|
||||
verbs:
|
||||
- create
|
||||
- apiGroups:
|
||||
- authorization.k8s.io
|
||||
resources:
|
||||
- subjectaccessreviews
|
||||
verbs:
|
||||
- create
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: metrics-reader
|
||||
labels:
|
||||
app.kubernetes.io/name: metrics-reader
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
rules:
|
||||
- nonResourceURLs:
|
||||
- /metrics
|
||||
verbs:
|
||||
- get
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: objectstore-editor-role
|
||||
labels:
|
||||
app.kubernetes.io/name: objectstore-editor-role
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- barmancloud.cnpg.io
|
||||
resources:
|
||||
- objectstores
|
||||
verbs:
|
||||
- create
|
||||
- delete
|
||||
- get
|
||||
- list
|
||||
- patch
|
||||
- update
|
||||
- watch
|
||||
- apiGroups:
|
||||
- barmancloud.cnpg.io
|
||||
resources:
|
||||
- objectstores/status
|
||||
verbs:
|
||||
- get
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: objectstore-viewer-role
|
||||
labels:
|
||||
app.kubernetes.io/name: objectstore-viewer-role
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- barmancloud.cnpg.io
|
||||
resources:
|
||||
- objectstores
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- barmancloud.cnpg.io
|
||||
resources:
|
||||
- objectstores/status
|
||||
verbs:
|
||||
- get
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: plugin-barman-cloud
|
||||
labels:
|
||||
app.kubernetes.io/name: plugin-barman-cloud
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- secrets
|
||||
verbs:
|
||||
- create
|
||||
- delete
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- barmancloud.cnpg.io
|
||||
resources:
|
||||
- objectstores
|
||||
verbs:
|
||||
- create
|
||||
- delete
|
||||
- get
|
||||
- list
|
||||
- patch
|
||||
- update
|
||||
- watch
|
||||
- apiGroups:
|
||||
- barmancloud.cnpg.io
|
||||
resources:
|
||||
- objectstores/finalizers
|
||||
verbs:
|
||||
- update
|
||||
- apiGroups:
|
||||
- barmancloud.cnpg.io
|
||||
resources:
|
||||
- objectstores/status
|
||||
verbs:
|
||||
- get
|
||||
- patch
|
||||
- update
|
||||
- apiGroups:
|
||||
- postgresql.cnpg.io
|
||||
resources:
|
||||
- backups
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- rbac.authorization.k8s.io
|
||||
resources:
|
||||
- rolebindings
|
||||
- roles
|
||||
verbs:
|
||||
- create
|
||||
- get
|
||||
- list
|
||||
- patch
|
||||
- update
|
||||
- watch
|
||||
@@ -1,94 +0,0 @@
|
||||
{{ include "bjw-s.common.loader.init" . }}
|
||||
|
||||
{{ define "barman-cloud.hardcodedValues" }}
|
||||
{{ if not .Values.global.nameOverride }}
|
||||
global:
|
||||
nameOverride: {{ .Values.name }}
|
||||
{{ end }}
|
||||
controllers:
|
||||
main:
|
||||
type: deployment
|
||||
labels:
|
||||
app: {{ .Values.name }}
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
serviceAccount:
|
||||
name: {{ .Release.Name }}-plugin-barman-cloud
|
||||
pod:
|
||||
securityContext:
|
||||
runAsNonRoot: true
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ .Values.name }}
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: {{ .Values.image.repository }}
|
||||
tag: {{ .Values.image.tag }}
|
||||
pullPolicy: {{ .Values.image.pullPolicy }}
|
||||
args:
|
||||
- operator
|
||||
- --server-cert=/server/tls.crt
|
||||
- --server-key=/server/tls.key
|
||||
- --client-cert=/client/tls.crt
|
||||
- --server-address=:{{ .Values.service.listenPort }}
|
||||
- --leader-elect
|
||||
- --log-level=debug
|
||||
env:
|
||||
- name: SIDECAR_IMAGE
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: SIDECAR_IMAGE
|
||||
name: plugin-barman-cloud-m76km67hd7
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
readOnlyRootFilesystem: true
|
||||
runAsGroup: 10001
|
||||
runAsUser: 10001
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
serviceAccount:
|
||||
plugin-barman-cloud:
|
||||
enabled: true
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
annotations:
|
||||
cnpg.io/pluginPort: "{{ .Values.service.listenPort }}"
|
||||
cnpg.io/pluginClientSecret: {{ .Values.name }}-client-tls
|
||||
cnpg.io/pluginServerSecret: {{ .Values.name }}-server-tls
|
||||
labels:
|
||||
app: {{ .Values.name }}
|
||||
cnpg.io/pluginName: barman-cloud.cloudnative-pg.io
|
||||
ports:
|
||||
http:
|
||||
port: {{ .Values.service.listenPort }}
|
||||
protocol: TCP
|
||||
targetPort: {{ .Values.service.listenPort }}
|
||||
persistence:
|
||||
server-tls:
|
||||
enabled: true
|
||||
type: secret
|
||||
name: {{ .Values.name }}-server-tls
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
- path: /server
|
||||
readOnly: true
|
||||
mountPropagation: None
|
||||
subPath: server
|
||||
- path: /client
|
||||
readOnly: true
|
||||
mountPropagation: None
|
||||
subPath: client
|
||||
|
||||
{{ end }}
|
||||
{{ $_ := mergeOverwrite .Values (include "barman-cloud.hardcodedValues" . | fromYaml) }}
|
||||
|
||||
{{/* Render the templates */}}
|
||||
{{ include "bjw-s.common.loader.generate" . }}
|
||||
@@ -1,627 +0,0 @@
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.18.0
|
||||
name: objectstores.barmancloud.cnpg.io
|
||||
spec:
|
||||
group: barmancloud.cnpg.io
|
||||
names:
|
||||
kind: ObjectStore
|
||||
listKind: ObjectStoreList
|
||||
plural: objectstores
|
||||
singular: objectstore
|
||||
scope: Namespaced
|
||||
versions:
|
||||
- name: v1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: ObjectStore is the Schema for the objectstores API.
|
||||
properties:
|
||||
apiVersion:
|
||||
description: |-
|
||||
APIVersion defines the versioned schema of this representation of an object.
|
||||
Servers should convert recognized schemas to the latest internal value, and
|
||||
may reject unrecognized values.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||||
type: string
|
||||
kind:
|
||||
description: |-
|
||||
Kind is a string value representing the REST resource this object represents.
|
||||
Servers may infer this from the endpoint the client submits requests to.
|
||||
Cannot be updated.
|
||||
In CamelCase.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
spec:
|
||||
description: |-
|
||||
Specification of the desired behavior of the ObjectStore.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
|
||||
properties:
|
||||
configuration:
|
||||
description: The configuration for the barman-cloud tool suite
|
||||
properties:
|
||||
azureCredentials:
|
||||
description: The credentials to use to upload data to Azure Blob
|
||||
Storage
|
||||
properties:
|
||||
connectionString:
|
||||
description: The connection string to be used
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
inheritFromAzureAD:
|
||||
description: Use the Azure AD based authentication without
|
||||
providing explicitly the keys.
|
||||
type: boolean
|
||||
storageAccount:
|
||||
description: The storage account where to upload data
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
storageKey:
|
||||
description: |-
|
||||
The storage account key to be used in conjunction
|
||||
with the storage account name
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
storageSasToken:
|
||||
description: |-
|
||||
A shared-access-signature to be used in conjunction with
|
||||
the storage account name
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
type: object
|
||||
data:
|
||||
description: |-
|
||||
The configuration to be used to backup the data files
|
||||
When not defined, base backups files will be stored uncompressed and may
|
||||
be unencrypted in the object store, according to the bucket default
|
||||
policy.
|
||||
properties:
|
||||
additionalCommandArgs:
|
||||
description: |-
|
||||
AdditionalCommandArgs represents additional arguments that can be appended
|
||||
to the 'barman-cloud-backup' command-line invocation. These arguments
|
||||
provide flexibility to customize the backup process further according to
|
||||
specific requirements or configurations.
|
||||
|
||||
Example:
|
||||
In a scenario where specialized backup options are required, such as setting
|
||||
a specific timeout or defining custom behavior, users can use this field
|
||||
to specify additional command arguments.
|
||||
|
||||
Note:
|
||||
It's essential to ensure that the provided arguments are valid and supported
|
||||
by the 'barman-cloud-backup' command, to avoid potential errors or unintended
|
||||
behavior during execution.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
compression:
|
||||
description: |-
|
||||
Compress a backup file (a tar file per tablespace) while streaming it
|
||||
to the object store. Available options are empty string (no
|
||||
compression, default), `gzip`, `bzip2`, and `snappy`.
|
||||
enum:
|
||||
- bzip2
|
||||
- gzip
|
||||
- snappy
|
||||
type: string
|
||||
encryption:
|
||||
description: |-
|
||||
Whenever to force the encryption of files (if the bucket is
|
||||
not already configured for that).
|
||||
Allowed options are empty string (use the bucket policy, default),
|
||||
`AES256` and `aws:kms`
|
||||
enum:
|
||||
- AES256
|
||||
- aws:kms
|
||||
type: string
|
||||
immediateCheckpoint:
|
||||
description: |-
|
||||
Control whether the I/O workload for the backup initial checkpoint will
|
||||
be limited, according to the `checkpoint_completion_target` setting on
|
||||
the PostgreSQL server. If set to true, an immediate checkpoint will be
|
||||
used, meaning PostgreSQL will complete the checkpoint as soon as
|
||||
possible. `false` by default.
|
||||
type: boolean
|
||||
jobs:
|
||||
description: |-
|
||||
The number of parallel jobs to be used to upload the backup, defaults
|
||||
to 2
|
||||
format: int32
|
||||
minimum: 1
|
||||
type: integer
|
||||
type: object
|
||||
destinationPath:
|
||||
description: |-
|
||||
The path where to store the backup (i.e. s3://bucket/path/to/folder)
|
||||
this path, with different destination folders, will be used for WALs
|
||||
and for data
|
||||
minLength: 1
|
||||
type: string
|
||||
endpointCA:
|
||||
description: |-
|
||||
EndpointCA store the CA bundle of the barman endpoint.
|
||||
Useful when using self-signed certificates to avoid
|
||||
errors with certificate issuer and barman-cloud-wal-archive
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
endpointURL:
|
||||
description: |-
|
||||
Endpoint to be used to upload data to the cloud,
|
||||
overriding the automatic endpoint discovery
|
||||
type: string
|
||||
googleCredentials:
|
||||
description: The credentials to use to upload data to Google Cloud
|
||||
Storage
|
||||
properties:
|
||||
applicationCredentials:
|
||||
description: The secret containing the Google Cloud Storage
|
||||
JSON file with the credentials
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
gkeEnvironment:
|
||||
description: |-
|
||||
If set to true, will presume that it's running inside a GKE environment,
|
||||
default to false.
|
||||
type: boolean
|
||||
type: object
|
||||
historyTags:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: |-
|
||||
HistoryTags is a list of key value pairs that will be passed to the
|
||||
Barman --history-tags option.
|
||||
type: object
|
||||
s3Credentials:
|
||||
description: The credentials to use to upload data to S3
|
||||
properties:
|
||||
accessKeyId:
|
||||
description: The reference to the access key id
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
inheritFromIAMRole:
|
||||
description: Use the role based authentication without providing
|
||||
explicitly the keys.
|
||||
type: boolean
|
||||
region:
|
||||
description: The reference to the secret containing the region
|
||||
name
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
secretAccessKey:
|
||||
description: The reference to the secret access key
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
sessionToken:
|
||||
description: The references to the session key
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
type: object
|
||||
serverName:
|
||||
description: |-
|
||||
The server name on S3, the cluster name is used if this
|
||||
parameter is omitted
|
||||
type: string
|
||||
tags:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: |-
|
||||
Tags is a list of key value pairs that will be passed to the
|
||||
Barman --tags option.
|
||||
type: object
|
||||
wal:
|
||||
description: |-
|
||||
The configuration for the backup of the WAL stream.
|
||||
When not defined, WAL files will be stored uncompressed and may be
|
||||
unencrypted in the object store, according to the bucket default policy.
|
||||
properties:
|
||||
archiveAdditionalCommandArgs:
|
||||
description: |-
|
||||
Additional arguments that can be appended to the 'barman-cloud-wal-archive'
|
||||
command-line invocation. These arguments provide flexibility to customize
|
||||
the WAL archive process further, according to specific requirements or configurations.
|
||||
|
||||
Example:
|
||||
In a scenario where specialized backup options are required, such as setting
|
||||
a specific timeout or defining custom behavior, users can use this field
|
||||
to specify additional command arguments.
|
||||
|
||||
Note:
|
||||
It's essential to ensure that the provided arguments are valid and supported
|
||||
by the 'barman-cloud-wal-archive' command, to avoid potential errors or unintended
|
||||
behavior during execution.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
compression:
|
||||
description: |-
|
||||
Compress a WAL file before sending it to the object store. Available
|
||||
options are empty string (no compression, default), `gzip`, `bzip2`,
|
||||
`lz4`, `snappy`, `xz`, and `zstd`.
|
||||
enum:
|
||||
- bzip2
|
||||
- gzip
|
||||
- lz4
|
||||
- snappy
|
||||
- xz
|
||||
- zstd
|
||||
type: string
|
||||
encryption:
|
||||
description: |-
|
||||
Whenever to force the encryption of files (if the bucket is
|
||||
not already configured for that).
|
||||
Allowed options are empty string (use the bucket policy, default),
|
||||
`AES256` and `aws:kms`
|
||||
enum:
|
||||
- AES256
|
||||
- aws:kms
|
||||
type: string
|
||||
maxParallel:
|
||||
description: |-
|
||||
Number of WAL files to be either archived in parallel (when the
|
||||
PostgreSQL instance is archiving to a backup object store) or
|
||||
restored in parallel (when a PostgreSQL standby is fetching WAL
|
||||
files from a recovery object store). If not specified, WAL files
|
||||
will be processed one at a time. It accepts a positive integer as a
|
||||
value - with 1 being the minimum accepted value.
|
||||
minimum: 1
|
||||
type: integer
|
||||
restoreAdditionalCommandArgs:
|
||||
description: |-
|
||||
Additional arguments that can be appended to the 'barman-cloud-wal-restore'
|
||||
command-line invocation. These arguments provide flexibility to customize
|
||||
the WAL restore process further, according to specific requirements or configurations.
|
||||
|
||||
Example:
|
||||
In a scenario where specialized backup options are required, such as setting
|
||||
a specific timeout or defining custom behavior, users can use this field
|
||||
to specify additional command arguments.
|
||||
|
||||
Note:
|
||||
It's essential to ensure that the provided arguments are valid and supported
|
||||
by the 'barman-cloud-wal-restore' command, to avoid potential errors or unintended
|
||||
behavior during execution.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
type: object
|
||||
required:
|
||||
- destinationPath
|
||||
type: object
|
||||
x-kubernetes-validations:
|
||||
- fieldPath: .serverName
|
||||
message: use the 'serverName' plugin parameter in the Cluster resource
|
||||
reason: FieldValueForbidden
|
||||
rule: '!has(self.serverName)'
|
||||
instanceSidecarConfiguration:
|
||||
description: The configuration for the sidecar that runs in the instance
|
||||
pods
|
||||
properties:
|
||||
env:
|
||||
description: The environment to be explicitly passed to the sidecar
|
||||
items:
|
||||
description: EnvVar represents an environment variable present
|
||||
in a Container.
|
||||
properties:
|
||||
name:
|
||||
description: Name of the environment variable. Must be a
|
||||
C_IDENTIFIER.
|
||||
type: string
|
||||
value:
|
||||
description: |-
|
||||
Variable references $(VAR_NAME) are expanded
|
||||
using the previously defined environment variables in the container and
|
||||
any service environment variables. If a variable cannot be resolved,
|
||||
the reference in the input string will be unchanged. Double $$ are reduced
|
||||
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
|
||||
"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
|
||||
Escaped references will never be expanded, regardless of whether the variable
|
||||
exists or not.
|
||||
Defaults to "".
|
||||
type: string
|
||||
valueFrom:
|
||||
description: Source for the environment variable's value.
|
||||
Cannot be used if value is not empty.
|
||||
properties:
|
||||
configMapKeyRef:
|
||||
description: Selects a key of a ConfigMap.
|
||||
properties:
|
||||
key:
|
||||
description: The key to select.
|
||||
type: string
|
||||
name:
|
||||
default: ""
|
||||
description: |-
|
||||
Name of the referent.
|
||||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
type: string
|
||||
optional:
|
||||
description: Specify whether the ConfigMap or its
|
||||
key must be defined
|
||||
type: boolean
|
||||
required:
|
||||
- key
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
fieldRef:
|
||||
description: |-
|
||||
Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
|
||||
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
|
||||
properties:
|
||||
apiVersion:
|
||||
description: Version of the schema the FieldPath
|
||||
is written in terms of, defaults to "v1".
|
||||
type: string
|
||||
fieldPath:
|
||||
description: Path of the field to select in the
|
||||
specified API version.
|
||||
type: string
|
||||
required:
|
||||
- fieldPath
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
resourceFieldRef:
|
||||
description: |-
|
||||
Selects a resource of the container: only resources limits and requests
|
||||
(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
|
||||
properties:
|
||||
containerName:
|
||||
description: 'Container name: required for volumes,
|
||||
optional for env vars'
|
||||
type: string
|
||||
divisor:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: Specifies the output format of the
|
||||
exposed resources, defaults to "1"
|
||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||
x-kubernetes-int-or-string: true
|
||||
resource:
|
||||
description: 'Required: resource to select'
|
||||
type: string
|
||||
required:
|
||||
- resource
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
secretKeyRef:
|
||||
description: Selects a key of a secret in the pod's
|
||||
namespace
|
||||
properties:
|
||||
key:
|
||||
description: The key of the secret to select from. Must
|
||||
be a valid secret key.
|
||||
type: string
|
||||
name:
|
||||
default: ""
|
||||
description: |-
|
||||
Name of the referent.
|
||||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
type: string
|
||||
optional:
|
||||
description: Specify whether the Secret or its key
|
||||
must be defined
|
||||
type: boolean
|
||||
required:
|
||||
- key
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
type: object
|
||||
required:
|
||||
- name
|
||||
type: object
|
||||
type: array
|
||||
resources:
|
||||
description: Resources define cpu/memory requests and limits for
|
||||
the sidecar that runs in the instance pods.
|
||||
properties:
|
||||
claims:
|
||||
description: |-
|
||||
Claims lists the names of resources, defined in spec.resourceClaims,
|
||||
that are used by this container.
|
||||
|
||||
This is an alpha field and requires enabling the
|
||||
DynamicResourceAllocation feature gate.
|
||||
|
||||
This field is immutable. It can only be set for containers.
|
||||
items:
|
||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||
properties:
|
||||
name:
|
||||
description: |-
|
||||
Name must match the name of one entry in pod.spec.resourceClaims of
|
||||
the Pod where this field is used. It makes that resource available
|
||||
inside a container.
|
||||
type: string
|
||||
request:
|
||||
description: |-
|
||||
Request is the name chosen for a request in the referenced claim.
|
||||
If empty, everything from the claim is made available, otherwise
|
||||
only the result of this request.
|
||||
type: string
|
||||
required:
|
||||
- name
|
||||
type: object
|
||||
type: array
|
||||
x-kubernetes-list-map-keys:
|
||||
- name
|
||||
x-kubernetes-list-type: map
|
||||
limits:
|
||||
additionalProperties:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||
x-kubernetes-int-or-string: true
|
||||
description: |-
|
||||
Limits describes the maximum amount of compute resources allowed.
|
||||
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
||||
type: object
|
||||
requests:
|
||||
additionalProperties:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||
x-kubernetes-int-or-string: true
|
||||
description: |-
|
||||
Requests describes the minimum amount of compute resources required.
|
||||
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
|
||||
otherwise to an implementation-defined value. Requests cannot exceed Limits.
|
||||
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
||||
type: object
|
||||
type: object
|
||||
retentionPolicyIntervalSeconds:
|
||||
default: 1800
|
||||
description: |-
|
||||
The retentionCheckInterval defines the frequency at which the
|
||||
system checks and enforces retention policies.
|
||||
type: integer
|
||||
type: object
|
||||
retentionPolicy:
|
||||
description: |-
|
||||
RetentionPolicy is the retention policy to be used for backups
|
||||
and WALs (i.e. '60d'). The retention policy is expressed in the form
|
||||
of `XXu` where `XX` is a positive integer and `u` is in `[dwm]` -
|
||||
days, weeks, months.
|
||||
pattern: ^[1-9][0-9]*[dwm]$
|
||||
type: string
|
||||
required:
|
||||
- configuration
|
||||
type: object
|
||||
status:
|
||||
description: |-
|
||||
Most recently observed status of the ObjectStore. This data may not be up to
|
||||
date. Populated by the system. Read-only.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
|
||||
properties:
|
||||
serverRecoveryWindow:
|
||||
additionalProperties:
|
||||
description: |-
|
||||
RecoveryWindow represents the time span between the first
|
||||
recoverability point and the last successful backup of a PostgreSQL
|
||||
server, defining the period during which data can be restored.
|
||||
properties:
|
||||
firstRecoverabilityPoint:
|
||||
description: |-
|
||||
The first recoverability point in a PostgreSQL server refers to
|
||||
the earliest point in time to which the database can be
|
||||
restored.
|
||||
format: date-time
|
||||
type: string
|
||||
lastSuccussfulBackupTime:
|
||||
description: The last successful backup time
|
||||
format: date-time
|
||||
type: string
|
||||
type: object
|
||||
description: ServerRecoveryWindow maps each server to its recovery
|
||||
window
|
||||
type: object
|
||||
type: object
|
||||
required:
|
||||
- metadata
|
||||
- spec
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
||||
subresources:
|
||||
status: {}
|
||||
@@ -1,11 +0,0 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Issuer
|
||||
metadata:
|
||||
name: selfsigned-issuer
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Values.name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
selfSigned: {}
|
||||
@@ -1,17 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: leader-election-rolebinding
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: plugin-barman-cloud
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: leader-election-role
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ .Release.Name }}-plugin-barman-cloud
|
||||
namespace: {{ .Release.Namespace }}
|
||||
@@ -1,41 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: leader-election-role
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: leader-election-role
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- configmaps
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- create
|
||||
- update
|
||||
- patch
|
||||
- delete
|
||||
- apiGroups:
|
||||
- coordination.k8s.io
|
||||
resources:
|
||||
- leases
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- create
|
||||
- update
|
||||
- patch
|
||||
- delete
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- events
|
||||
verbs:
|
||||
- create
|
||||
- patch
|
||||
@@ -1,14 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: plugin-barman-cloud-m76km67hd7
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Values.name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
type: Opaque
|
||||
data:
|
||||
SIDECAR_IMAGE: |
|
||||
Z2hjci5pby9jbG91ZG5hdGl2ZS1wZy9wbHVnaW4tYmFybWFuLWNsb3VkLXNpZGVjYXI6dj
|
||||
AuNC4w
|
||||
@@ -1,12 +0,0 @@
|
||||
# -- Name override of release
|
||||
name: barman-cloud
|
||||
|
||||
# -- Default image
|
||||
image:
|
||||
repository: ghcr.io/cloudnative-pg/plugin-barman-cloud
|
||||
tag: "v0.4.0"
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
# -- Default service
|
||||
service:
|
||||
listenPort: 9090
|
||||
@@ -1,6 +1,6 @@
|
||||
apiVersion: v2
|
||||
name: cloudflared
|
||||
version: 1.15.0
|
||||
version: 1.22.2
|
||||
description: Cloudflared Tunnel
|
||||
keywords:
|
||||
- cloudflare
|
||||
@@ -13,6 +13,6 @@ maintainers:
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.0.1
|
||||
version: 4.4.0
|
||||
icon: https://avatars.githubusercontent.com/u/314135?s=48&v=4
|
||||
appVersion: "2025.5.0"
|
||||
appVersion: "2025.10.0"
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# cloudflared
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
Cloudflared Tunnel
|
||||
|
||||
@@ -19,7 +19,7 @@ Cloudflared Tunnel
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 4.0.1 |
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 4.4.0 |
|
||||
|
||||
## Values
|
||||
|
||||
@@ -27,7 +27,7 @@ Cloudflared Tunnel
|
||||
|-----|------|---------|-------------|
|
||||
| existingSecretKey | string | `"cf-tunnel-token"` | Name of key that contains the token in the existingSecret |
|
||||
| existingSecretName | string | `"cloudflared-secret"` | Name of existing secret that contains Cloudflare token |
|
||||
| image | object | `{"pullPolicy":"IfNotPresent","repository":"cloudflare/cloudflared","tag":"2025.5.0"}` | Default image |
|
||||
| image | object | `{"pullPolicy":"IfNotPresent","repository":"cloudflare/cloudflared","tag":"2025.10.0"}` | Default image |
|
||||
| name | string | `"cloudflared"` | Name override of release |
|
||||
| resources | object | `{"requests":{"cpu":"10m","memory":"128Mi"}}` | Default resources |
|
||||
|
||||
|
||||
@@ -10,7 +10,7 @@ existingSecretKey: cf-tunnel-token
|
||||
# -- Default image
|
||||
image:
|
||||
repository: cloudflare/cloudflared
|
||||
tag: "2025.5.0"
|
||||
tag: "2025.10.1"
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
# -- Default resources
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
apiVersion: v2
|
||||
name: generic-device-plugin
|
||||
version: 0.1.10
|
||||
version: 0.18.0
|
||||
description: Generic Device Plugin
|
||||
keywords:
|
||||
- generic-device-plugin
|
||||
@@ -13,6 +13,6 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://bjw-s.github.io/helm-charts/
|
||||
version: 3.7.3
|
||||
appVersion: 0.1.10
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.4.0
|
||||
appVersion: 0.15.0
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# generic-device-plugin
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
Generic Device Plugin
|
||||
|
||||
@@ -19,7 +19,7 @@ Generic Device Plugin
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://bjw-s.github.io/helm-charts/ | common | 3.7.3 |
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 4.4.0 |
|
||||
|
||||
## Values
|
||||
|
||||
@@ -27,10 +27,10 @@ Generic Device Plugin
|
||||
|-----|------|---------|-------------|
|
||||
| config | object | `{"data":"devices:\n - name: serial\n groups:\n - paths:\n - path: /dev/ttyUSB*\n - paths:\n - path: /dev/ttyACM*\n - paths:\n - path: /dev/tty.usb*\n - paths:\n - path: /dev/cu.*\n - paths:\n - path: /dev/cuaU*\n - paths:\n - path: /dev/rfcomm*\n - name: video\n groups:\n - paths:\n - path: /dev/video0\n - name: fuse\n groups:\n - count: 10\n paths:\n - path: /dev/fuse\n - name: audio\n groups:\n - count: 10\n paths:\n - path: /dev/snd\n - name: capture\n groups:\n - paths:\n - path: /dev/snd/controlC0\n - path: /dev/snd/pcmC0D0c\n - paths:\n - path: /dev/snd/controlC1\n mountPath: /dev/snd/controlC0\n - path: /dev/snd/pcmC1D0c\n mountPath: /dev/snd/pcmC0D0c\n - paths:\n - path: /dev/snd/controlC2\n mountPath: /dev/snd/controlC0\n - path: /dev/snd/pcmC2D0c\n mountPath: /dev/snd/pcmC0D0c\n - paths:\n - path: /dev/snd/controlC3\n mountPath: /dev/snd/controlC0\n - path: /dev/snd/pcmC3D0c\n mountPath: /dev/snd/pcmC0D0c\n","enabled":true}` | Config map |
|
||||
| config.data | string | See [values.yaml](./values.yaml) | generic-device-plugin config file [[ref]](https://github.com/squat/generic-device-plugin#usage) |
|
||||
| deviceDomain | string | `"squat.ai"` | Domain used by devices for identifcation |
|
||||
| image | object | `{"pullPolicy":"Always","repository":"ghcr.io/squat/generic-device-plugin","tag":"latest@sha256:d7d0951df7f11479185fd9fba1c1cb4d9c8f3232d38a5468d6fe80074f2b45d5"}` | Default image |
|
||||
| deviceDomain | string | `"devic.es"` | Domain used by devices for identifcation |
|
||||
| image | object | `{"pullPolicy":"Always","repository":"ghcr.io/squat/generic-device-plugin","tag":"latest@sha256:62dda74362cc607b00d1ade291c192ea894d8bdc53a969ed5328b866b2988597"}` | Default image |
|
||||
| name | string | `"generic-device-plugin"` | Name override of release |
|
||||
| resources | object | `{"limit":{"cpu":"100m","memory":"20Mi"},"requests":{"cpu":"50m","memory":"10Mi"}}` | Default resources |
|
||||
| resources | object | `{"requests":{"cpu":"50m","memory":"10Mi"}}` | Default resources |
|
||||
| service | object | `{"listenPort":8080}` | Service port |
|
||||
|
||||
----------------------------------------------
|
||||
|
||||
@@ -4,11 +4,11 @@ name: generic-device-plugin
|
||||
# -- Default image
|
||||
image:
|
||||
repository: ghcr.io/squat/generic-device-plugin
|
||||
tag: latest@sha256:d7d0951df7f11479185fd9fba1c1cb4d9c8f3232d38a5468d6fe80074f2b45d5
|
||||
tag: latest@sha256:0cf725e91c3eb2ea095e8d825f290b9de5dc97110c82d0e92a76bf94618a8f50
|
||||
pullPolicy: Always
|
||||
|
||||
# -- Domain used by devices for identifcation
|
||||
deviceDomain: squat.ai
|
||||
deviceDomain: devic.es
|
||||
|
||||
# -- Service port
|
||||
service:
|
||||
@@ -16,9 +16,6 @@ service:
|
||||
|
||||
# -- Default resources
|
||||
resources:
|
||||
limit:
|
||||
cpu: 100m
|
||||
memory: 20Mi
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 10Mi
|
||||
|
||||
15
charts/gitea-actions/Chart.yaml
Normal file
15
charts/gitea-actions/Chart.yaml
Normal file
@@ -0,0 +1,15 @@
|
||||
apiVersion: v2
|
||||
name: gitea-actions
|
||||
version: 0.2.1
|
||||
description: Gitea Actions
|
||||
keywords:
|
||||
- cicd
|
||||
- runner
|
||||
- actions
|
||||
sources:
|
||||
- https://gitea.com/gitea/helm-actions
|
||||
- https://gitea.com/gitea/act
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
icon: https://avatars.githubusercontent.com/u/100373852?s=48&v=4
|
||||
appVersion: 0.2.11
|
||||
18
charts/gitea-actions/LICENSE
Normal file
18
charts/gitea-actions/LICENSE
Normal file
@@ -0,0 +1,18 @@
|
||||
MIT License
|
||||
|
||||
Copyright (c) 2025 gitea
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
|
||||
associated documentation files (the "Software"), to deal in the Software without restriction, including
|
||||
without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the
|
||||
following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all copies or substantial
|
||||
portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
|
||||
LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO
|
||||
EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
||||
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
|
||||
USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
54
charts/gitea-actions/README.md
Normal file
54
charts/gitea-actions/README.md
Normal file
@@ -0,0 +1,54 @@
|
||||
# gitea-actions
|
||||
|
||||
 
|
||||
|
||||
Gitea Actions
|
||||
|
||||
## Maintainers
|
||||
|
||||
| Name | Email | Url |
|
||||
| ---- | ------ | --- |
|
||||
| alexlebens | | |
|
||||
|
||||
## Source Code
|
||||
|
||||
* <https://gitea.com/gitea/helm-actions>
|
||||
* <https://gitea.com/gitea/act>
|
||||
|
||||
## Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| enabled | bool | `true` | |
|
||||
| existingSecret | string | `""` | |
|
||||
| existingSecretKey | string | `""` | |
|
||||
| giteaRootURL | string | `""` | |
|
||||
| global.fullnameOverride | string | `""` | |
|
||||
| global.imageRegistry | string | `""` | |
|
||||
| global.nameOverride | string | `""` | |
|
||||
| global.storageClass | string | `""` | |
|
||||
| init.image.repository | string | `"busybox"` | |
|
||||
| init.image.tag | string | `"1.37.0"` | |
|
||||
| statefulset.actRunner.config | string | `"log:\n level: debug\ncache:\n enabled: false\n"` | |
|
||||
| statefulset.actRunner.extraVolumeMounts | list | `[]` | |
|
||||
| statefulset.actRunner.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| statefulset.actRunner.repository | string | `"gitea/act_runner"` | |
|
||||
| statefulset.actRunner.tag | string | `"0.2.11"` | |
|
||||
| statefulset.affinity | object | `{}` | |
|
||||
| statefulset.annotations | object | `{}` | |
|
||||
| statefulset.dind.extraEnvs | list | `[]` | |
|
||||
| statefulset.dind.extraVolumeMounts | list | `[]` | |
|
||||
| statefulset.dind.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| statefulset.dind.repository | string | `"docker"` | |
|
||||
| statefulset.dind.tag | string | `"25.0.2-dind"` | |
|
||||
| statefulset.extraVolumes | list | `[]` | |
|
||||
| statefulset.labels | object | `{}` | |
|
||||
| statefulset.nodeSelector | object | `{}` | |
|
||||
| statefulset.persistence.size | string | `"1Gi"` | |
|
||||
| statefulset.persistence.storageClass | string | `""` | |
|
||||
| statefulset.replicas | int | `1` | |
|
||||
| statefulset.resources | object | `{}` | |
|
||||
| statefulset.tolerations | list | `[]` | |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
|
||||
102
charts/gitea-actions/templates/_helpers.tpl
Normal file
102
charts/gitea-actions/templates/_helpers.tpl
Normal file
@@ -0,0 +1,102 @@
|
||||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
|
||||
{{- define "gitea.actions.name" -}}
|
||||
{{- default .Chart.Name .Values.global.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "gitea.actions.fullname" -}}
|
||||
{{- if .Values.global.fullnameOverride -}}
|
||||
{{- .Values.global.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.global.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "gitea.actions.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Storage Class
|
||||
*/}}
|
||||
{{- define "gitea.actions.persistence.storageClass" -}}
|
||||
{{- $storageClass := (tpl ( default "" .Values.statefulset.persistence.storageClass) .) | default (tpl ( default "" .Values.global.storageClass) .) }}
|
||||
{{- if $storageClass }}
|
||||
storageClassName: {{ $storageClass | quote }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "gitea.actions.labels" -}}
|
||||
helm.sh/chart: {{ include "gitea.actions.chart" . }}
|
||||
app: {{ include "gitea.actions.name" . }}
|
||||
{{ include "gitea.actions.selectorLabels" . }}
|
||||
app.kubernetes.io/version: {{ .Values.statefulset.actRunner.tag | default .Chart.AppVersion | quote }}
|
||||
version: {{ .Values.statefulset.actRunner.tag | default .Chart.AppVersion | quote }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "gitea.actions.labels.actRunner" -}}
|
||||
helm.sh/chart: {{ include "gitea.actions.chart" . }}
|
||||
app: {{ include "gitea.actions.name" . }}-act-runner
|
||||
{{ include "gitea.actions.selectorLabels.actRunner" . }}
|
||||
app.kubernetes.io/version: {{ .Values.statefulset.actRunner.tag | default .Chart.AppVersion | quote }}
|
||||
version: {{ .Values.statefulset.actRunner.tag | default .Chart.AppVersion | quote }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "gitea.actions.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "gitea.actions.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "gitea.actions.selectorLabels.actRunner" -}}
|
||||
app.kubernetes.io/name: {{ include "gitea.actions.name" . }}-act-runner
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "gitea.actions.local_root_url" -}}
|
||||
{{- .Values.giteaRootURL -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Parse the http url to hostname + port separated by space for the nc command
|
||||
*/}}
|
||||
{{- define "gitea.actions.nc" -}}
|
||||
{{- $url := include "gitea.actions.local_root_url" . | urlParse -}}
|
||||
{{- $host := get $url "host" -}}
|
||||
{{- $scheme := get $url "scheme" -}}
|
||||
{{- $port := "80" -}}
|
||||
{{- if contains ":" $host -}}
|
||||
{{- $hostAndPort := regexSplit ":" $host 2 -}}
|
||||
{{- $host = index $hostAndPort 0 -}}
|
||||
{{- $port = index $hostAndPort 1 -}}
|
||||
{{- else if eq $scheme "https" -}}
|
||||
{{- $port = "443" -}}
|
||||
{{- else if eq $scheme "http" -}}
|
||||
{{- $port = "80" -}}
|
||||
{{- end -}}
|
||||
{{- printf "%s %s" $host $port -}}
|
||||
{{- end -}}
|
||||
15
charts/gitea-actions/templates/config-map.yaml
Normal file
15
charts/gitea-actions/templates/config-map.yaml
Normal file
@@ -0,0 +1,15 @@
|
||||
{{- if .Values.enabled }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ include "gitea.actions.fullname" . }}-act-runner-config
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "gitea.actions.labels" . | nindent 4 }}
|
||||
data:
|
||||
config.yaml: |
|
||||
{{- with .Values.statefulset.actRunner.config -}}
|
||||
{{ . | nindent 4}}
|
||||
{{- end -}}
|
||||
{{- end }}
|
||||
127
charts/gitea-actions/templates/stateful-set.yaml
Normal file
127
charts/gitea-actions/templates/stateful-set.yaml
Normal file
@@ -0,0 +1,127 @@
|
||||
{{- if .Values.enabled }}
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "gitea.actions.labels.actRunner" . | nindent 4 }}
|
||||
{{- with .Values.statefulset.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- with .Values.statefulset.annotations }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
name: {{ include "gitea.actions.fullname" . }}-act-runner
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
spec:
|
||||
replicas: {{ .Values.statefulset.replicas }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "gitea.actions.selectorLabels.actRunner" . | nindent 6 }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "gitea.actions.labels.actRunner" . | nindent 8 }}
|
||||
{{- with .Values.statefulset.labels }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
initContainers:
|
||||
- name: init-gitea
|
||||
image: "{{ .Values.init.image.repository }}:{{ .Values.init.image.tag }}"
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- |
|
||||
while ! nc -z {{ include "gitea.actions.nc" . }}; do
|
||||
sleep 5
|
||||
done
|
||||
containers:
|
||||
- name: act-runner
|
||||
image: "{{ .Values.statefulset.actRunner.repository }}:{{ .Values.statefulset.actRunner.tag }}"
|
||||
imagePullPolicy: {{ .Values.statefulset.actRunner.pullPolicy }}
|
||||
workingDir: /data
|
||||
env:
|
||||
- name: DOCKER_HOST
|
||||
value: tcp://127.0.0.1:2376
|
||||
- name: DOCKER_TLS_VERIFY
|
||||
value: "1"
|
||||
- name: DOCKER_CERT_PATH
|
||||
value: /certs/server
|
||||
- name: GITEA_RUNNER_REGISTRATION_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.existingSecret | default "gitea-actions-token" }}"
|
||||
key: "{{ .Values.existingSecretKey | default "token" }}"
|
||||
- name: GITEA_INSTANCE_URL
|
||||
value: {{ include "gitea.actions.local_root_url" . }}
|
||||
- name: CONFIG_FILE
|
||||
value: /actrunner/config.yaml
|
||||
resources:
|
||||
{{- toYaml .Values.statefulset.resources | nindent 12 }}
|
||||
volumeMounts:
|
||||
- mountPath: /actrunner/config.yaml
|
||||
name: act-runner-config
|
||||
subPath: config.yaml
|
||||
- mountPath: /certs/server
|
||||
name: docker-certs
|
||||
- mountPath: /data
|
||||
name: data-act-runner
|
||||
{{- with .Values.statefulset.actRunner.extraVolumeMounts }}
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
- name: dind
|
||||
image: "{{ .Values.statefulset.dind.repository }}:{{ .Values.statefulset.dind.tag }}"
|
||||
imagePullPolicy: {{ .Values.statefulset.dind.pullPolicy }}
|
||||
env:
|
||||
- name: DOCKER_HOST
|
||||
value: tcp://127.0.0.1:2376
|
||||
- name: DOCKER_TLS_VERIFY
|
||||
value: "1"
|
||||
- name: DOCKER_CERT_PATH
|
||||
value: /certs/server
|
||||
{{- if .Values.statefulset.dind.extraEnvs }}
|
||||
{{- toYaml .Values.statefulset.dind.extraEnvs | nindent 12 }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
privileged: true
|
||||
resources:
|
||||
{{- toYaml .Values.statefulset.resources | nindent 12 }}
|
||||
volumeMounts:
|
||||
- mountPath: /certs/server
|
||||
name: docker-certs
|
||||
{{- with .Values.statefulset.dind.extraVolumeMounts }}
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- range $key, $value := .Values.statefulset.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.statefulset.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.statefulset.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: act-runner-config
|
||||
configMap:
|
||||
name: {{ include "gitea.actions.fullname" . }}-act-runner-config
|
||||
- name: docker-certs
|
||||
emptyDir: {}
|
||||
{{- with .Values.statefulset.extraVolumes }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
name: data-act-runner
|
||||
spec:
|
||||
accessModes: [ "ReadWriteOnce" ]
|
||||
{{- include "gitea.actions.persistence.storageClass" . | nindent 8 }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.statefulset.persistence.size }}
|
||||
{{- end }}
|
||||
102
charts/gitea-actions/values.yaml
Normal file
102
charts/gitea-actions/values.yaml
Normal file
@@ -0,0 +1,102 @@
|
||||
# Configure Gitea Actions
|
||||
# - must enable persistence if the job is enabled
|
||||
## @section Gitea Actions
|
||||
#
|
||||
## @param enabled Create an act runner StatefulSet.
|
||||
## @param init.image.repository The image used for the init containers
|
||||
## @param init.image.tag The image tag used for the init containers
|
||||
## @param statefulset.annotations Act runner annotations
|
||||
## @param statefulset.labels Act runner labels
|
||||
## @param statefulset.resources Act runner resources
|
||||
## @param statefulset.nodeSelector NodeSelector for the statefulset
|
||||
## @param statefulset.tolerations Tolerations for the statefulset
|
||||
## @param statefulset.affinity Affinity for the statefulset
|
||||
## @param statefulset.extraVolumes Extra volumes for the statefulset
|
||||
## @param statefulset.actRunner.repository The Gitea act runner image
|
||||
## @param statefulset.actRunner.tag The Gitea act runner tag
|
||||
## @param statefulset.actRunner.pullPolicy The Gitea act runner pullPolicy
|
||||
## @param statefulset.actRunner.extraVolumeMounts Allows mounting extra volumes in the act runner container
|
||||
## @param statefulset.actRunner.config [default: Too complex. See values.yaml] Act runner custom configuration. See [Act Runner documentation](https://docs.gitea.com/usage/actions/act-runner#configuration) for details.
|
||||
## @param statefulset.dind.repository The Docker-in-Docker image
|
||||
## @param statefulset.dind.tag The Docker-in-Docker image tag
|
||||
## @param statefulset.dind.pullPolicy The Docker-in-Docker pullPolicy
|
||||
## @param statefulset.dind.extraVolumeMounts Allows mounting extra volumes in the Docker-in-Docker container
|
||||
## @param statefulset.dind.extraEnvs Allows adding custom environment variables, such as `DOCKER_IPTABLES_LEGACY`
|
||||
## @param statefulset.persistence.size Size for persistence to store act runner data
|
||||
## @param provisioning.enabled Create a job that will create and save the token in a Kubernetes Secret
|
||||
## @param provisioning.annotations Job's annotations
|
||||
## @param provisioning.labels Job's labels
|
||||
## @param provisioning.resources Job's resources
|
||||
## @param provisioning.nodeSelector NodeSelector for the job
|
||||
## @param provisioning.tolerations Tolerations for the job
|
||||
## @param provisioning.affinity Affinity for the job
|
||||
## @param provisioning.ttlSecondsAfterFinished ttl for the job after finished in order to allow helm to properly recognize that the job completed
|
||||
## @param provisioning.publish.repository The image that can create the secret via kubectl
|
||||
## @param provisioning.publish.tag The publish image tag that can create the secret
|
||||
## @param provisioning.publish.pullPolicy The publish image pullPolicy that can create the secret
|
||||
## @param existingSecret Secret that contains the token
|
||||
## @param existingSecretKey Secret key
|
||||
## @param giteaRootURL URL the act_runner registers and connect with
|
||||
enabled: true
|
||||
statefulset:
|
||||
replicas: 1
|
||||
annotations: {}
|
||||
labels: {}
|
||||
resources: {}
|
||||
nodeSelector: {}
|
||||
tolerations: []
|
||||
affinity: {}
|
||||
extraVolumes: []
|
||||
|
||||
actRunner:
|
||||
repository: gitea/act_runner
|
||||
tag: 0.2.11
|
||||
pullPolicy: IfNotPresent
|
||||
extraVolumeMounts: []
|
||||
|
||||
# See full example here: https://gitea.com/gitea/act_runner/src/branch/main/internal/pkg/config/config.example.yaml
|
||||
config: |
|
||||
log:
|
||||
level: debug
|
||||
cache:
|
||||
enabled: false
|
||||
|
||||
dind:
|
||||
repository: docker
|
||||
tag: 25.0.2-dind
|
||||
pullPolicy: IfNotPresent
|
||||
extraVolumeMounts: []
|
||||
|
||||
# If the container keeps crashing in your environment, you might have to add the `DOCKER_IPTABLES_LEGACY` environment variable.
|
||||
# See https://github.com/docker-library/docker/issues/463#issuecomment-1881909456
|
||||
extraEnvs:
|
||||
[]
|
||||
# - name: "DOCKER_IPTABLES_LEGACY"
|
||||
# value: "1"
|
||||
|
||||
persistence:
|
||||
storageClass: ""
|
||||
size: 1Gi
|
||||
|
||||
init:
|
||||
image:
|
||||
repository: busybox
|
||||
tag: "1.37.0"
|
||||
|
||||
## Specify an existing token secret
|
||||
##
|
||||
existingSecret: ""
|
||||
existingSecretKey: ""
|
||||
|
||||
## Specify the root URL of the Gitea instance
|
||||
giteaRootURL: ""
|
||||
|
||||
## @section Global
|
||||
#
|
||||
## @param global.imageRegistry global image registry override
|
||||
## @param global.storageClass global storage class override
|
||||
global:
|
||||
imageRegistry: ""
|
||||
storageClass: ""
|
||||
nameOverride: ""
|
||||
fullnameOverride: ""
|
||||
@@ -1,6 +1,6 @@
|
||||
apiVersion: v2
|
||||
name: postgres-cluster
|
||||
version: 6.3.2
|
||||
version: 6.15.0
|
||||
description: Cloudnative-pg Cluster
|
||||
keywords:
|
||||
- database
|
||||
@@ -11,4 +11,4 @@ sources:
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
icon: https://avatars.githubusercontent.com/u/100373852?s=48&v=4
|
||||
appVersion: v1.26.0
|
||||
appVersion: v1.27.0
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# postgres-cluster
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
Cloudnative-pg Cluster
|
||||
|
||||
@@ -19,22 +19,21 @@ Cloudnative-pg Cluster
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| backup | object | `{"enabled":false,"method":"objectStore","objectStore":[],"scheduledBackups":[]}` | Backup settings |
|
||||
| backup.enabled | bool | `false` | You need to configure backups manually, so backups are disabled by default. |
|
||||
| backup | object | `{"method":"objectStore","objectStore":[],"scheduledBackups":[]}` | Backup settings |
|
||||
| backup.method | string | `"objectStore"` | Method to create backups, options currently are only objectStore |
|
||||
| backup.objectStore | list | `[]` | Options for object store backups |
|
||||
| backup.scheduledBackups | list | `[]` | List of scheduled backups |
|
||||
| cluster | object | `{"additionalLabels":{},"affinity":{"enablePodAntiAffinity":true,"topologyKey":"kubernetes.io/hostname"},"annotations":{},"certificates":{},"enablePDB":true,"enableSuperuserAccess":false,"image":{"repository":"ghcr.io/cloudnative-pg/postgresql","tag":"17.5-1-bullseye"},"imagePullPolicy":"IfNotPresent","imagePullSecrets":[],"initdb":{},"instances":3,"logLevel":"info","monitoring":{"customQueries":[],"customQueriesSecret":[],"disableDefaultQueries":false,"enabled":false,"podMonitor":{"enabled":true,"metricRelabelings":[],"relabelings":[]},"prometheusRule":{"enabled":false,"excludeRules":[]}},"postgresGID":-1,"postgresUID":-1,"postgresql":{"ldap":{},"parameters":{"hot_standby_feedback":"on","max_slot_wal_keep_size":"2000MB","shared_buffers":"128MB"},"pg_hba":[],"pg_ident":[],"shared_preload_libraries":[],"synchronous":{}},"primaryUpdateMethod":"switchover","primaryUpdateStrategy":"unsupervised","priorityClassName":"","resources":{"limits":{"hugepages-2Mi":"256Mi"},"requests":{"cpu":"100m","memory":"256Mi"}},"roles":[],"serviceAccountTemplate":{},"services":{},"storage":{"size":"10Gi","storageClass":""},"superuserSecret":"","walStorage":{"enabled":true,"size":"2Gi","storageClass":""}}` | Cluster settings |
|
||||
| cluster | object | `{"additionalLabels":{},"affinity":{"enablePodAntiAffinity":true,"topologyKey":"kubernetes.io/hostname"},"annotations":{},"certificates":{},"enablePDB":true,"enableSuperuserAccess":false,"image":{"repository":"ghcr.io/cloudnative-pg/postgresql","tag":"17.6-standard-trixie"},"imagePullPolicy":"IfNotPresent","imagePullSecrets":[],"initdb":{},"instances":3,"logLevel":"info","monitoring":{"customQueries":[],"customQueriesSecret":[],"disableDefaultQueries":false,"enabled":false,"podMonitor":{"enabled":true,"metricRelabelings":[],"relabelings":[]},"prometheusRule":{"enabled":false,"excludeRules":["CNPGClusterLastFailedArchiveTimeWarning"]}},"postgresGID":-1,"postgresUID":-1,"postgresql":{"ldap":{},"parameters":{"hot_standby_feedback":"on","max_slot_wal_keep_size":"2000MB","shared_buffers":"128MB"},"pg_hba":[],"pg_ident":[],"shared_preload_libraries":[],"synchronous":{}},"primaryUpdateMethod":"switchover","primaryUpdateStrategy":"unsupervised","priorityClassName":"","resources":{"limits":{"hugepages-2Mi":"256Mi"},"requests":{"cpu":"100m","memory":"256Mi"}},"roles":[],"serviceAccountTemplate":{},"services":{},"storage":{"size":"10Gi","storageClass":""},"superuserSecret":"","walStorage":{"enabled":true,"size":"2Gi","storageClass":""}}` | Cluster settings |
|
||||
| cluster.affinity | object | `{"enablePodAntiAffinity":true,"topologyKey":"kubernetes.io/hostname"}` | Affinity/Anti-affinity rules for Pods. See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-AffinityConfiguration |
|
||||
| cluster.certificates | object | `{}` | The configuration for the CA and related certificates. See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-CertificatesConfiguration |
|
||||
| cluster.enablePDB | bool | `true` | Allow to disable PDB, mainly useful for upgrade of single-instance clusters or development purposes See: https://cloudnative-pg.io/documentation/current/kubernetes_upgrade/#pod-disruption-budgets |
|
||||
| cluster.enableSuperuserAccess | bool | `false` | When this option is enabled, the operator will use the SuperuserSecret to update the postgres user password. If the secret is not present, the operator will automatically create one. When this option is disabled, the operator will ignore the SuperuserSecret content, delete it when automatically created, and then blank the password of the postgres user by setting it to NULL. |
|
||||
| cluster.image | object | `{"repository":"ghcr.io/cloudnative-pg/postgresql","tag":"17.5-1-bullseye"}` | Default image |
|
||||
| cluster.image | object | `{"repository":"ghcr.io/cloudnative-pg/postgresql","tag":"17.6-standard-trixie"}` | Default image |
|
||||
| cluster.imagePullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images |
|
||||
| cluster.imagePullSecrets | list | `[]` | The list of pull secrets to be used to pull the images. See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-LocalObjectReference |
|
||||
| cluster.initdb | object | `{}` | Bootstrap is the configuration of the bootstrap process when initdb is used. See: https://cloudnative-pg.io/documentation/current/bootstrap/ See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-bootstrapinitdb |
|
||||
| cluster.logLevel | string | `"info"` | The instances' log level, one of the following values: error, warning, info (default), debug, trace |
|
||||
| cluster.monitoring | object | `{"customQueries":[],"customQueriesSecret":[],"disableDefaultQueries":false,"enabled":false,"podMonitor":{"enabled":true,"metricRelabelings":[],"relabelings":[]},"prometheusRule":{"enabled":false,"excludeRules":[]}}` | Enable default monitoring and alert rules |
|
||||
| cluster.monitoring | object | `{"customQueries":[],"customQueriesSecret":[],"disableDefaultQueries":false,"enabled":false,"podMonitor":{"enabled":true,"metricRelabelings":[],"relabelings":[]},"prometheusRule":{"enabled":false,"excludeRules":["CNPGClusterLastFailedArchiveTimeWarning"]}}` | Enable default monitoring and alert rules |
|
||||
| cluster.monitoring.customQueries | list | `[]` | Custom Prometheus metrics Will be stored in the ConfigMap |
|
||||
| cluster.monitoring.customQueriesSecret | list | `[]` | The list of secrets containing the custom queries |
|
||||
| cluster.monitoring.disableDefaultQueries | bool | `false` | Whether the default queries should be injected. Set it to true if you don't want to inject default queries into the cluster. |
|
||||
@@ -43,7 +42,7 @@ Cloudnative-pg Cluster
|
||||
| cluster.monitoring.podMonitor.metricRelabelings | list | `[]` | The list of metric relabelings for the PodMonitor. Applied to samples before ingestion. |
|
||||
| cluster.monitoring.podMonitor.relabelings | list | `[]` | The list of relabelings for the PodMonitor. Applied to samples before scraping. |
|
||||
| cluster.monitoring.prometheusRule.enabled | bool | `false` | Whether to enable the PrometheusRule automated alerts |
|
||||
| cluster.monitoring.prometheusRule.excludeRules | list | `[]` | Exclude specified rules |
|
||||
| cluster.monitoring.prometheusRule.excludeRules | list | `["CNPGClusterLastFailedArchiveTimeWarning"]` | Exclude specified rules |
|
||||
| cluster.postgresUID | int | `-1` | The UID and GID of the postgres user inside the image, defaults to 26 |
|
||||
| cluster.postgresql | object | `{"ldap":{},"parameters":{"hot_standby_feedback":"on","max_slot_wal_keep_size":"2000MB","shared_buffers":"128MB"},"pg_hba":[],"pg_ident":[],"shared_preload_libraries":[],"synchronous":{}}` | Parameters to be set for the database itself See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-PostgresConfiguration |
|
||||
| cluster.postgresql.ldap | object | `{}` | PostgreSQL LDAP configuration (see https://cloudnative-pg.io/documentation/current/postgresql_conf/#ldap-configuration) |
|
||||
@@ -109,7 +108,7 @@ Cloudnative-pg Cluster
|
||||
| recovery.pgBaseBackup.source.passwordSecret.key | string | `"password"` | The key in the secret containing the password |
|
||||
| recovery.pgBaseBackup.source.passwordSecret.name | string | `""` | Name of the secret containing the password |
|
||||
| recovery.pgBaseBackup.source.passwordSecret.value | string | `""` | The password value to use when creating the secret |
|
||||
| type | string | `"postgresql"` | Type of the CNPG database. Available types: * `postgresql` * `tensorchord` |
|
||||
| type | string | `"postgresql"` | Type of the CNPG database. Available types: * `postgresql` |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
|
||||
|
||||
@@ -6,7 +6,7 @@ annotations:
|
||||
description: |-
|
||||
Archiving failed for {{`{{`}} $labels.pod {{`}}`}}
|
||||
expr: |
|
||||
(cnpg_pg_stat_archiver_last_failed_time - cnpg_pg_stat_archiver_last_archived_time) > 1
|
||||
(cnpg_pg_stat_archiver_last_failed_time - cnpg_pg_stat_archiver_last_archived_time) > 2
|
||||
for: 1m
|
||||
labels:
|
||||
severity: warning
|
||||
|
||||
@@ -11,21 +11,8 @@ bootstrap:
|
||||
{{- if .Values.cluster.initdb.owner }}
|
||||
owner: {{ tpl .Values.cluster.initdb.owner . }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.type "tensorchord" }}
|
||||
dataChecksums: true
|
||||
{{- end }}
|
||||
{{- if or (eq .Values.type "tensorchord") (.Values.cluster.initdb.postInitApplicationSQL) }}
|
||||
{{- if (.Values.cluster.initdb.postInitApplicationSQL) }}
|
||||
postInitApplicationSQL:
|
||||
{{- if eq .Values.type "tensorchord" }}
|
||||
- ALTER SYSTEM SET search_path TO "$user", public, vectors;
|
||||
- SET search_path TO "$user", public, vectors;
|
||||
- CREATE EXTENSION IF NOT EXISTS "vectors";
|
||||
- CREATE EXTENSION IF NOT EXISTS "cube";
|
||||
- CREATE EXTENSION IF NOT EXISTS "earthdistance";
|
||||
- ALTER SCHEMA vectors OWNER TO "app";
|
||||
- GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA vectors TO "app";
|
||||
- GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "app";
|
||||
{{- end }}
|
||||
{{- with .Values.cluster.initdb }}
|
||||
{{- range .postInitApplicationSQL }}
|
||||
{{- printf "- %s" . | nindent 6 }}
|
||||
@@ -131,6 +118,8 @@ externalClusters:
|
||||
- name: {{ include "cluster.recoveryServerName" . }}
|
||||
plugin:
|
||||
name: barman-cloud.cloudnative-pg.io
|
||||
enabled: true
|
||||
isWALArchiver: false
|
||||
parameters:
|
||||
barmanObjectName: "{{ include "cluster.name" . }}-{{ .Values.recovery.objectStore.name }}"
|
||||
serverName: {{ include "cluster.recoveryServerName" . }}
|
||||
|
||||
@@ -80,24 +80,6 @@ Generate recovery server name
|
||||
{{- if .Values.recovery.recoveryServerName -}}
|
||||
{{- .Values.recovery.recoveryServerName -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-backup-%s" (include "cluster.name" .) (toString .Values.recovery.recoveryIndex) | trunc 63 | trimSuffix "-" -}}
|
||||
{{- printf "%s-backup-%s" (include "cluster.name" .) (toString .Values.recovery.objectStore.index) | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Generate name for recovery object store credentials
|
||||
*/}}
|
||||
{{- define "cluster.recoveryCredentials" -}}
|
||||
{{- if .Values.recovery.endpointCredentials -}}
|
||||
{{- .Values.recovery.endpointCredentials -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-backup-secret" (include "cluster.name" .) | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Generate name for backup object store credentials
|
||||
*/}}
|
||||
{{- define "cluster.backupCredentials" -}}
|
||||
{{- printf "%s-backup-secret" (include "cluster.name" .) | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end }}
|
||||
|
||||
@@ -19,19 +19,31 @@ spec:
|
||||
{{- end }}
|
||||
postgresUID: {{ include "cluster.postgresUID" . }}
|
||||
postgresGID: {{ include "cluster.postgresGID" . }}
|
||||
{{ if or (eq .Values.backup.method "objectStore") (eq .Values.recovery.method "objectStore") }}
|
||||
plugins:
|
||||
{{ end }}
|
||||
{{- range $objectStore := .Values.backup.objectStore }}
|
||||
- name: barman-cloud.cloudnative-pg.io
|
||||
isWALArchiver: {{ $objectStore.isWALArchiver | default true }}
|
||||
enabled: true
|
||||
{{- if $objectStore.isWALArchiver }}
|
||||
isWALArchiver: true
|
||||
{{- else }}
|
||||
isWALArchiver: false
|
||||
{{- end }}
|
||||
parameters:
|
||||
barmanObjectName: "{{ include "cluster.name" $ }}-{{ $objectStore.name }}-backup"
|
||||
{{- if $objectStore.clusterName }}
|
||||
serverName: "{{ $objectStore.clusterName }}-backup-{{ $objectStore.index }}"
|
||||
{{- else }}
|
||||
serverName: "{{ include "cluster.name" $ }}-backup-{{ $objectStore.index }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{ if eq .Values.recovery.method "objectStore" }}
|
||||
- name: barman-cloud.cloudnative-pg.io
|
||||
parameters:
|
||||
barmanObjectName: "{{ include "cluster.name" . }}-{{ .Values.recovery.objectStore.name }}"
|
||||
{{ if (eq .Values.recovery.method "objectStore") }}
|
||||
externalClusters:
|
||||
- name: recovery
|
||||
plugin:
|
||||
name: barman-cloud.cloudnative-pg.io
|
||||
parameters:
|
||||
barmanObjectName: "{{ include "cluster.name" . }}-{{ .Values.recovery.objectStore.name }}"
|
||||
serverName: {{ include "cluster.recoveryServerName" . }}
|
||||
{{ end }}
|
||||
storage:
|
||||
size: {{ .Values.cluster.storage.size }}
|
||||
@@ -72,11 +84,8 @@ spec:
|
||||
enablePDB: {{ .Values.cluster.enablePDB }}
|
||||
|
||||
postgresql:
|
||||
{{- if or (eq .Values.type "tensorchord") (not (empty .Values.cluster.postgresql.shared_preload_libraries)) }}
|
||||
{{- if .Values.cluster.postgresql.shared_preload_libraries }}
|
||||
shared_preload_libraries:
|
||||
{{- if eq .Values.type "tensorchord" }}
|
||||
- vectors.so
|
||||
{{- end }}
|
||||
{{- with .Values.cluster.postgresql.shared_preload_libraries }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
{{ if and (.Values.backup.enabled) (eq .Values.backup.method "objectStore") }}
|
||||
{{ if (eq .Values.backup.method "objectStore") }}
|
||||
{{ $context := . -}}
|
||||
{{ range .Values.backup.objectStore -}}
|
||||
---
|
||||
@@ -19,11 +19,6 @@ spec:
|
||||
name: {{ .endpointCA.name }}
|
||||
key: {{ .endpointCA.key }}
|
||||
{{- end }}
|
||||
{{- if .clusterName }}
|
||||
serverName: "{{ .clusterName }}-backup-{{ .index }}"
|
||||
{{- else }}
|
||||
serverName: "{{ include "cluster.name" $context }}-backup-{{ .index }}"
|
||||
{{- end }}
|
||||
{{- if .wal }}
|
||||
wal:
|
||||
compression: {{ .wal.compression | default "snappy" }}
|
||||
@@ -32,7 +27,7 @@ spec:
|
||||
{{ end }}
|
||||
maxParallel: {{ .wal.maxParallel | default "1" }}
|
||||
{{- end }}
|
||||
{{- if .wal }}
|
||||
{{- if .data }}
|
||||
data:
|
||||
compression: {{ .data.compression | default "snappy" }}
|
||||
{{- with .data.encryption }}
|
||||
@@ -42,19 +37,16 @@ spec:
|
||||
{{- end }}
|
||||
s3Credentials:
|
||||
accessKeyId:
|
||||
{{- if .endpointCredentials }}
|
||||
name: {{ .endpointCredentials }}
|
||||
{{- else }}
|
||||
name: {{ include "cluster.backupCredentials" $context }}
|
||||
{{- end }}
|
||||
name: {{ .endpointCredentials | default (printf "%s-cluster-backup-secret" (include "cluster.name" $context) | trunc 63 | trimSuffix "-") }}
|
||||
key: ACCESS_KEY_ID
|
||||
secretAccessKey:
|
||||
{{- if .endpointCredentials }}
|
||||
name: {{ .endpointCredentials }}
|
||||
{{- else }}
|
||||
name: {{ include "cluster.backupCredentials" $context }}
|
||||
{{- end }}
|
||||
name: {{ .endpointCredentials | default (printf "%s-cluster-backup-secret" (include "cluster.name" $context) | trunc 63 | trimSuffix "-") }}
|
||||
key: ACCESS_SECRET_KEY
|
||||
{{- if .endpointCredentialsIncludeRegion }}
|
||||
region:
|
||||
name: {{ .endpointCredentials | default (printf "%s-cluster-backup-secret" (include "cluster.name" $context) | trunc 63 | trimSuffix "-") }}
|
||||
key: ACCESS_REGION
|
||||
{{- end }}
|
||||
{{ end -}}
|
||||
{{ end }}
|
||||
|
||||
@@ -76,7 +68,6 @@ spec:
|
||||
name: {{ .Values.recovery.objectStore.endpointCA.name }}
|
||||
key: {{ .Values.recovery.objectStore.endpointCA.key }}
|
||||
{{- end }}
|
||||
serverName: {{ include "cluster.recoveryServerName" . }}
|
||||
wal:
|
||||
compression: {{ .Values.recovery.objectStore.wal.compression }}
|
||||
{{- with .Values.recovery.objectStore.wal.encryption}}
|
||||
@@ -91,9 +82,9 @@ spec:
|
||||
jobs: {{ .Values.recovery.objectStore.data.jobs }}
|
||||
s3Credentials:
|
||||
accessKeyId:
|
||||
name: {{ include "cluster.recoveryCredentials" . }}
|
||||
name: {{ .Values.recovery.objectStore.endpointCredentials | default (printf "%s-cluster-backup-secret" (include "cluster.name" .) | trunc 63 | trimSuffix "-") }}
|
||||
key: ACCESS_KEY_ID
|
||||
secretAccessKey:
|
||||
name: {{ include "cluster.recoveryCredentials" . }}
|
||||
name: {{ .Values.recovery.objectStore.endpointCredentials | default (printf "%s-cluster-backup-secret" (include "cluster.name" .) | trunc 63 | trimSuffix "-") }}
|
||||
key: ACCESS_SECRET_KEY
|
||||
{{ end }}
|
||||
|
||||
@@ -1,4 +1,3 @@
|
||||
{{ if .Values.backup.enabled }}
|
||||
{{ $context := . -}}
|
||||
{{ range .Values.backup.scheduledBackups -}}
|
||||
---
|
||||
@@ -10,7 +9,7 @@ metadata:
|
||||
labels:
|
||||
{{- include "cluster.labels" $context | nindent 4 }}
|
||||
spec:
|
||||
immediate: {{ .immediate | default true }}
|
||||
immediate: {{ .immediate | default false }}
|
||||
suspend: {{ .suspend | default false }}
|
||||
schedule: {{ .schedule | quote | required "Schedule is required" }}
|
||||
backupOwnerReference: {{ .backupOwnerReference | default "self" }}
|
||||
@@ -22,4 +21,3 @@ spec:
|
||||
parameters:
|
||||
barmanObjectName: "{{ include "cluster.name" $context }}-{{ .backupName }}-backup"
|
||||
{{ end -}}
|
||||
{{ end }}
|
||||
|
||||
@@ -6,7 +6,6 @@ namespaceOverride: ""
|
||||
|
||||
# -- Type of the CNPG database. Available types:
|
||||
# * `postgresql`
|
||||
# * `tensorchord`
|
||||
type: postgresql
|
||||
|
||||
# -- Cluster mode of operation. Available modes:
|
||||
@@ -21,7 +20,7 @@ cluster:
|
||||
# -- Default image
|
||||
image:
|
||||
repository: ghcr.io/cloudnative-pg/postgresql
|
||||
tag: "17.5-1-bullseye"
|
||||
tag: 17.6-standard-trixie
|
||||
|
||||
# -- Image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent. Cannot be updated.
|
||||
# More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
|
||||
@@ -131,7 +130,8 @@ cluster:
|
||||
enabled: false
|
||||
|
||||
# -- Exclude specified rules
|
||||
excludeRules: []
|
||||
excludeRules:
|
||||
- CNPGClusterLastFailedArchiveTimeWarning
|
||||
|
||||
# -- Whether the default queries should be injected.
|
||||
# Set it to true if you don't want to inject default queries into the cluster.
|
||||
@@ -417,9 +417,6 @@ recovery:
|
||||
# -- Backup settings
|
||||
backup:
|
||||
|
||||
# -- You need to configure backups manually, so backups are disabled by default.
|
||||
enabled: false
|
||||
|
||||
# -- Method to create backups, options currently are only objectStore
|
||||
method: objectStore
|
||||
|
||||
@@ -493,7 +490,7 @@ backup:
|
||||
# name: daily-backup
|
||||
|
||||
# # -- Schedule in cron format
|
||||
# schedule: "0 0 */3 * *"
|
||||
# schedule: "0 0 0 * * *"
|
||||
|
||||
# # -- Start backup on deployment
|
||||
# immediate: false
|
||||
|
||||
@@ -1,49 +1,56 @@
|
||||
{
|
||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||
"extends": [
|
||||
"config:recommended",
|
||||
"mergeConfidence:all-badges",
|
||||
":rebaseStalePrs"
|
||||
],
|
||||
"timezone": "US/Central",
|
||||
"schedule": [ "* */1 * * *" ],
|
||||
"labels": [],
|
||||
"prHourlyLimit": 0,
|
||||
"prConcurrentLimit": 0,
|
||||
"packageRules": [
|
||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||
"extends": [
|
||||
"config:recommended",
|
||||
"mergeConfidence:all-badges",
|
||||
":rebaseStalePrs"
|
||||
],
|
||||
"timezone": "US/Central",
|
||||
"schedule": ["* */1 * * *"],
|
||||
"labels": [],
|
||||
"prHourlyLimit": 0,
|
||||
"prConcurrentLimit": 0,
|
||||
"packageRules": [
|
||||
{
|
||||
"description": "Label charts",
|
||||
"matchDatasources": ["helm"],
|
||||
"addLabels": ["chart"],
|
||||
"automerge": false,
|
||||
"bumpVersions": [
|
||||
{
|
||||
"description": "Label charts",
|
||||
"matchDatasources": [
|
||||
"helm"
|
||||
],
|
||||
"addLabels": [
|
||||
"chart"
|
||||
],
|
||||
"automerge": false
|
||||
},
|
||||
{
|
||||
"description": "Label images",
|
||||
"matchDatasources": [
|
||||
"docker"
|
||||
],
|
||||
"addLabels": [
|
||||
"image"
|
||||
],
|
||||
"automerge": false
|
||||
},
|
||||
{
|
||||
"description": "CNPG image",
|
||||
"matchDepNames": [
|
||||
"ghcr.io/cloudnative-pg/postgresql"
|
||||
],
|
||||
"matchDatasources": [
|
||||
"docker"
|
||||
],
|
||||
"addLabels": [
|
||||
"image"
|
||||
],
|
||||
"automerge": false,
|
||||
"versioning": "deb"
|
||||
"filePatterns": ["{{packageFileDir}}/Chart.{yaml,yml}"],
|
||||
"matchStrings": ["version:\\s(?<version>[^\\s]+)"],
|
||||
"bumpType": "{{#if isPatch}}patch{{else}}minor{{/if}}"
|
||||
}
|
||||
]
|
||||
]
|
||||
},
|
||||
{
|
||||
"description": "Label images",
|
||||
"matchDatasources": ["docker"],
|
||||
"addLabels": ["image"],
|
||||
"automerge": false,
|
||||
"bumpVersions": [
|
||||
{
|
||||
"filePatterns": ["{{packageFileDir}}/Chart.{yaml,yml}"],
|
||||
"matchStrings": ["version:\\s(?<version>[^\\s]+)"],
|
||||
"bumpType": "{{#if isPatch}}patch{{else}}minor{{/if}}"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"description": "CNPG image",
|
||||
"matchDepNames": ["ghcr.io/cloudnative-pg/postgresql"],
|
||||
"matchDatasources": ["docker"],
|
||||
"addLabels": ["image"],
|
||||
"matchUpdateTypes": ["major", "minor"],
|
||||
"automerge": false,
|
||||
"bumpVersions": [
|
||||
{
|
||||
"filePatterns": ["{{packageFileDir}}/Chart.{yaml,yml}"],
|
||||
"matchStrings": ["version:\\s(?<version>[^\\s]+)"],
|
||||
"bumpType": "{{#if isPatch}}patch{{else}}minor{{/if}}"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user