Compare commits
33 Commits
postgres-c
...
cloudflare
| Author | SHA1 | Date | |
|---|---|---|---|
| 376ea6ee88 | |||
| 1c9b2e93f4 | |||
| 83ef3d23cb | |||
| 8f2c262845 | |||
| 4f9ab170f4 | |||
ad5d06b065
|
|||
| 50cf277ecb | |||
| e4795f1041 | |||
| dc64cb498e | |||
| 9646667d75 | |||
| 1b68fcabf5 | |||
| d95b7ef6ac | |||
| 8f92b4b3ef | |||
| 2d04080009 | |||
| b63140e74f | |||
| e430d3fe32 | |||
| 8e748b7084 | |||
| f339e8698c | |||
| fbc9293355 | |||
| 2371aeb612 | |||
| 799340aa3b | |||
| 9da5f721c7 | |||
| aa919178a4 | |||
| 55e878d517 | |||
| 3683209b23 | |||
| 2be7e3789c | |||
| f5bb3e2403 | |||
| 0ef4b6ba3c | |||
| 7f46106a10 | |||
| 71dbdbf9df | |||
| 1e17a769dc | |||
| 78024a129f | |||
| 5cca3b2717 |
@@ -1,6 +1,7 @@
|
||||
name: lint-and-test-charts
|
||||
name: lint-and-test
|
||||
|
||||
on: pull_request
|
||||
on:
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
lint-test:
|
||||
@@ -35,4 +36,4 @@ jobs:
|
||||
|
||||
- name: Run Chart Testing (lint)
|
||||
if: steps.list-changed.outputs.changed == 'true'
|
||||
run: ct lint --target-branch ${{ gitea.event.repository.default_branch }}
|
||||
run: ct lint --validate-maintainers=false --target-branch ${{ gitea.event.repository.default_branch }}
|
||||
|
||||
35
.gitea/workflows/process-issues.yaml
Normal file
35
.gitea/workflows/process-issues.yaml
Normal file
@@ -0,0 +1,35 @@
|
||||
name: process-issues
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: '@daily'
|
||||
|
||||
jobs:
|
||||
process-issues:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Python Script
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
repository: alexlebens/workflow-scripts
|
||||
ref: main
|
||||
token: ${{ secrets.BOT_TOKEN }}
|
||||
path: scripts
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: '3.13'
|
||||
|
||||
- name: Install dependencies
|
||||
run: pip install requests
|
||||
|
||||
- name: Run Script
|
||||
env:
|
||||
INSTANCE_URL: ${{ vars.INSTANCE_URL }}
|
||||
REPOSITORY: ${{ gitea.repository }}
|
||||
TOKEN: ${{ secrets.BOT_TOKEN }}
|
||||
STALE_DAYS: 3
|
||||
STALE_TAG: 'stale'
|
||||
EXCLUDE_TAG: 'renovate'
|
||||
run: python ./scripts/scripts/process-issues.py
|
||||
35
.gitea/workflows/process-pull-requests.yaml
Normal file
35
.gitea/workflows/process-pull-requests.yaml
Normal file
@@ -0,0 +1,35 @@
|
||||
name: process-pull-requests
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: '@daily'
|
||||
|
||||
jobs:
|
||||
process-pull-requests:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Python Script
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
repository: alexlebens/workflow-scripts
|
||||
ref: main
|
||||
token: ${{ secrets.BOT_TOKEN }}
|
||||
path: scripts
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: '3.13'
|
||||
|
||||
- name: Install dependencies
|
||||
run: pip install requests
|
||||
|
||||
- name: Run Script
|
||||
env:
|
||||
INSTANCE_URL: ${{ vars.INSTANCE_URL }}
|
||||
REPOSITORY: ${{ gitea.repository }}
|
||||
TOKEN: ${{ secrets.BOT_TOKEN }}
|
||||
STALE_DAYS: 3
|
||||
STALE_TAG: 'stale'
|
||||
REQUIRED_TAG: 'automerge'
|
||||
run: python ./scripts/scripts/process-pull-requests.py
|
||||
@@ -56,11 +56,30 @@ jobs:
|
||||
files: |-
|
||||
${{ env.PACKAGE_PATH }}
|
||||
|
||||
- name: Actions Ntfy
|
||||
run: |
|
||||
curl \
|
||||
-H "Authorization: Bearer ${{ secrets.NTFY_CRED }}" \
|
||||
-H "Title: Chart Released: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}" \
|
||||
-H "Content-Type: text/plain" \
|
||||
-d $'Repo: ${{ gitea.repository }}\nCommit: ${{ gitea.sha }}\nRef: ${{ gitea.ref }}\nStatus: ${{ job.status}}' \
|
||||
${{ secrets.NTFY_URL }}
|
||||
- name: ntfy Success
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: success()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: "Gitea Action"
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: 'Helm Chart for ${{ env.CHART_NAME }} release workflow has successfully completed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: "Gitea Action"
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: 'Helm Chart for ${{ env.CHART_NAME }} release workflow has failed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/helm-charts/actions?workflow=release-charts-${{ env.CHART_NAME }}.yml", "clear": true}]'
|
||||
image: true
|
||||
|
||||
@@ -56,11 +56,30 @@ jobs:
|
||||
files: |-
|
||||
${{ env.PACKAGE_PATH }}
|
||||
|
||||
- name: Actions Ntfy
|
||||
run: |
|
||||
curl \
|
||||
-H "Authorization: Bearer ${{ secrets.NTFY_CRED }}" \
|
||||
-H "Title: Chart Released: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}" \
|
||||
-H "Content-Type: text/plain" \
|
||||
-d $'Repo: ${{ gitea.repository }}\nCommit: ${{ gitea.sha }}\nRef: ${{ gitea.ref }}\nStatus: ${{ job.status}}' \
|
||||
${{ secrets.NTFY_URL }}
|
||||
- name: ntfy Success
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: success()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: "Gitea Action"
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: 'Helm Chart for ${{ env.CHART_NAME }} release workflow has successfully completed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: "Gitea Action"
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: 'Helm Chart for ${{ env.CHART_NAME }} release workflow has failed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/helm-charts/actions?workflow=release-charts-${{ env.CHART_NAME }}.yml", "clear": true}]'
|
||||
image: true
|
||||
|
||||
@@ -1,16 +1,16 @@
|
||||
name: release-charts-cloudfbarman-cloudlared
|
||||
name: release-charts-gitea-actions
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- "charts/barman-cloud/**"
|
||||
- "charts/gitea-actions/**"
|
||||
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
WORKFLOW_DIR: "charts/barman-cloud"
|
||||
WORKFLOW_DIR: "charts/gitea-actions"
|
||||
|
||||
jobs:
|
||||
release:
|
||||
@@ -56,11 +56,30 @@ jobs:
|
||||
files: |-
|
||||
${{ env.PACKAGE_PATH }}
|
||||
|
||||
- name: Actions Ntfy
|
||||
run: |
|
||||
curl \
|
||||
-H "Authorization: Bearer ${{ secrets.NTFY_CRED }}" \
|
||||
-H "Title: Chart Released: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}" \
|
||||
-H "Content-Type: text/plain" \
|
||||
-d $'Repo: ${{ gitea.repository }}\nCommit: ${{ gitea.sha }}\nRef: ${{ gitea.ref }}\nStatus: ${{ job.status}}' \
|
||||
${{ secrets.NTFY_URL }}
|
||||
- name: ntfy Success
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: success()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: "Gitea Action"
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: 'Helm Chart for ${{ env.CHART_NAME }} release workflow has successfully completed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: "Gitea Action"
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: 'Helm Chart for ${{ env.CHART_NAME }} release workflow has failed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/helm-charts/actions?workflow=release-charts-${{ env.CHART_NAME }}.yml", "clear": true}]'
|
||||
image: true
|
||||
@@ -56,11 +56,30 @@ jobs:
|
||||
files: |-
|
||||
${{ env.PACKAGE_PATH }}
|
||||
|
||||
- name: Actions Ntfy
|
||||
run: |
|
||||
curl \
|
||||
-H "Authorization: Bearer ${{ secrets.NTFY_CRED }}" \
|
||||
-H "Title: Chart Released: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}" \
|
||||
-H "Content-Type: text/plain" \
|
||||
-d $'Repo: ${{ gitea.repository }}\nCommit: ${{ gitea.sha }}\nRef: ${{ gitea.ref }}\nStatus: ${{ job.status}}' \
|
||||
${{ secrets.NTFY_URL }}
|
||||
- name: ntfy Success
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: success()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: "Gitea Action"
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: 'Helm Chart for ${{ env.CHART_NAME }} release workflow has successfully completed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: "Gitea Action"
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: 'Helm Chart for ${{ env.CHART_NAME }} release workflow has failed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/helm-charts/actions?workflow=release-charts-${{ env.CHART_NAME }}.yml", "clear": true}]'
|
||||
image: true
|
||||
|
||||
32
.gitea/workflows/renovate.yaml
Normal file
32
.gitea/workflows/renovate.yaml
Normal file
@@ -0,0 +1,32 @@
|
||||
name: renovate
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: "@daily"
|
||||
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
renovate:
|
||||
runs-on: ubuntu-latest
|
||||
container: ghcr.io/renovatebot/renovate:40
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Renovate
|
||||
run: renovate
|
||||
env:
|
||||
RENOVATE_PLATFORM: gitea
|
||||
RENOVATE_ENDPOINT: ${{ vars.INSTANCE_URL }}
|
||||
RENOVATE_REPOSITORIES: alexlebens/helm-charts
|
||||
RENOVATE_GIT_AUTHOR: Renovate Bot <renovate-bot@alexlebens.net>
|
||||
LOG_LEVEL: info
|
||||
RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }}
|
||||
RENOVATE_GIT_PRIVATE_KEY: ${{ secrets.RENOVATE_GIT_PRIVATE_KEY }}
|
||||
RENOVATE_GITHUB_COM_TOKEN: ${{ secrets.RENOVATE_GITHUB_COM_TOKEN }}
|
||||
RENOVATE_REDIS_URL: ${{ vars.RENOVATE_REDIS_URL }}
|
||||
@@ -1,18 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: barman-cloud
|
||||
version: 0.2.5
|
||||
description: Barman Cloud Plugin
|
||||
keywords:
|
||||
- barman-cloud
|
||||
- cloudnative-pg
|
||||
sources:
|
||||
- https://github.com/cloudnative-pg/plugin-barman-cloud
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/library/common
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.0.1
|
||||
icon: https://avatars.githubusercontent.com/u/100373852?s=48&v=4
|
||||
appVersion: v.0.4.0
|
||||
@@ -1,33 +0,0 @@
|
||||
# barman-cloud
|
||||
|
||||
 
|
||||
|
||||
Barman Cloud Plugin
|
||||
|
||||
## Maintainers
|
||||
|
||||
| Name | Email | Url |
|
||||
| ---- | ------ | --- |
|
||||
| alexlebens | | |
|
||||
|
||||
## Source Code
|
||||
|
||||
* <https://github.com/cloudnative-pg/plugin-barman-cloud>
|
||||
* <https://github.com/bjw-s-labs/helm-charts/tree/main/charts/library/common>
|
||||
|
||||
## Requirements
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 4.0.1 |
|
||||
|
||||
## Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| image | object | `{"pullPolicy":"IfNotPresent","repository":"ghcr.io/cloudnative-pg/plugin-barman-cloud","tag":"v0.4.0"}` | Default image |
|
||||
| name | string | `"barman-cloud"` | Name override of release |
|
||||
| service | object | `{"listenPort":9090}` | Default service |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
|
||||
@@ -1,46 +0,0 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: {{ .Values.name }}-client
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Values.name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
commonName: {{ .Values.name }}-client
|
||||
duration: 2160h
|
||||
isCA: false
|
||||
issuerRef:
|
||||
group: cert-manager.io
|
||||
kind: Issuer
|
||||
name: selfsigned-issuer
|
||||
renewBefore: 360h
|
||||
secretName: {{ .Values.name }}-client-tls
|
||||
usages:
|
||||
- client auth
|
||||
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: {{ .Values.name }}-server
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Values.name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
commonName: {{ .Values.name }}
|
||||
dnsNames:
|
||||
- {{ .Values.name }}
|
||||
duration: 2160h
|
||||
isCA: false
|
||||
issuerRef:
|
||||
group: cert-manager.io
|
||||
kind: Issuer
|
||||
name: selfsigned-issuer
|
||||
renewBefore: 360h
|
||||
secretName: {{ .Values.name }}-server-tls
|
||||
usages:
|
||||
- server auth
|
||||
@@ -1,34 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: metrics-auth-rolebinding
|
||||
labels:
|
||||
app.kubernetes.io/name: metrics-auth-rolebinding
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: metrics-auth-role
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ .Release.Name }}-barman-cloud
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: plugin-barman-cloud-binding
|
||||
labels:
|
||||
app.kubernetes.io/name: plugin-barman-cloud
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: plugin-barman-cloud
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ .Release.Name }}-barman-cloud
|
||||
namespace: {{ .Release.Namespace }}
|
||||
@@ -1,157 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: metrics-auth-role
|
||||
labels:
|
||||
app.kubernetes.io/name: metrics-auth-role
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- authentication.k8s.io
|
||||
resources:
|
||||
- tokenreviews
|
||||
verbs:
|
||||
- create
|
||||
- apiGroups:
|
||||
- authorization.k8s.io
|
||||
resources:
|
||||
- subjectaccessreviews
|
||||
verbs:
|
||||
- create
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: metrics-reader
|
||||
labels:
|
||||
app.kubernetes.io/name: metrics-reader
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
rules:
|
||||
- nonResourceURLs:
|
||||
- /metrics
|
||||
verbs:
|
||||
- get
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: objectstore-editor-role
|
||||
labels:
|
||||
app.kubernetes.io/name: objectstore-editor-role
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- barmancloud.cnpg.io
|
||||
resources:
|
||||
- objectstores
|
||||
verbs:
|
||||
- create
|
||||
- delete
|
||||
- get
|
||||
- list
|
||||
- patch
|
||||
- update
|
||||
- watch
|
||||
- apiGroups:
|
||||
- barmancloud.cnpg.io
|
||||
resources:
|
||||
- objectstores/status
|
||||
verbs:
|
||||
- get
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: objectstore-viewer-role
|
||||
labels:
|
||||
app.kubernetes.io/name: objectstore-viewer-role
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- barmancloud.cnpg.io
|
||||
resources:
|
||||
- objectstores
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- barmancloud.cnpg.io
|
||||
resources:
|
||||
- objectstores/status
|
||||
verbs:
|
||||
- get
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: plugin-barman-cloud
|
||||
labels:
|
||||
app.kubernetes.io/name: plugin-barman-cloud
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- secrets
|
||||
verbs:
|
||||
- create
|
||||
- delete
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- barmancloud.cnpg.io
|
||||
resources:
|
||||
- objectstores
|
||||
verbs:
|
||||
- create
|
||||
- delete
|
||||
- get
|
||||
- list
|
||||
- patch
|
||||
- update
|
||||
- watch
|
||||
- apiGroups:
|
||||
- barmancloud.cnpg.io
|
||||
resources:
|
||||
- objectstores/finalizers
|
||||
verbs:
|
||||
- update
|
||||
- apiGroups:
|
||||
- barmancloud.cnpg.io
|
||||
resources:
|
||||
- objectstores/status
|
||||
verbs:
|
||||
- get
|
||||
- patch
|
||||
- update
|
||||
- apiGroups:
|
||||
- postgresql.cnpg.io
|
||||
resources:
|
||||
- backups
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- rbac.authorization.k8s.io
|
||||
resources:
|
||||
- rolebindings
|
||||
- roles
|
||||
verbs:
|
||||
- create
|
||||
- get
|
||||
- list
|
||||
- patch
|
||||
- update
|
||||
- watch
|
||||
@@ -1,99 +0,0 @@
|
||||
{{ include "bjw-s.common.loader.init" . }}
|
||||
|
||||
{{ define "barman-cloud.hardcodedValues" }}
|
||||
{{ if not .Values.global.nameOverride }}
|
||||
global:
|
||||
nameOverride: {{ .Values.name }}
|
||||
{{ end }}
|
||||
controllers:
|
||||
main:
|
||||
type: deployment
|
||||
labels:
|
||||
app: {{ .Values.name }}
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
serviceAccount:
|
||||
name: {{ .Release.Name }}-barman-cloud
|
||||
pod:
|
||||
securityContext:
|
||||
runAsNonRoot: true
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ .Values.name }}
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: {{ .Values.image.repository }}
|
||||
tag: {{ .Values.image.tag }}
|
||||
pullPolicy: {{ .Values.image.pullPolicy }}
|
||||
args:
|
||||
- operator
|
||||
- --server-cert=/server/tls.crt
|
||||
- --server-key=/server/tls.key
|
||||
- --client-cert=/client/tls.crt
|
||||
- --server-address=:{{ .Values.service.listenPort }}
|
||||
- --leader-elect
|
||||
- --log-level=debug
|
||||
env:
|
||||
- name: SIDECAR_IMAGE
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: SIDECAR_IMAGE
|
||||
name: plugin-barman-cloud-m76km67hd7
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
readOnlyRootFilesystem: true
|
||||
runAsGroup: 10001
|
||||
runAsUser: 10001
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
serviceAccount:
|
||||
barman-cloud:
|
||||
enabled: true
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
annotations:
|
||||
cnpg.io/pluginPort: "{{ .Values.service.listenPort }}"
|
||||
cnpg.io/pluginClientSecret: {{ .Values.name }}-client-tls
|
||||
cnpg.io/pluginServerSecret: {{ .Values.name }}-server-tls
|
||||
labels:
|
||||
app: {{ .Values.name }}
|
||||
cnpg.io/pluginName: barman-cloud.cloudnative-pg.io
|
||||
ports:
|
||||
http:
|
||||
port: {{ .Values.service.listenPort }}
|
||||
protocol: TCP
|
||||
targetPort: {{ .Values.service.listenPort }}
|
||||
persistence:
|
||||
server-tls:
|
||||
enabled: true
|
||||
type: secret
|
||||
name: {{ .Values.name }}-server-tls
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
- path: /server
|
||||
readOnly: true
|
||||
mountPropagation: None
|
||||
client-tls:
|
||||
enabled: true
|
||||
type: secret
|
||||
name: {{ .Values.name }}-client-tls
|
||||
advancedMounts:
|
||||
main:
|
||||
main:
|
||||
- path: /client
|
||||
readOnly: true
|
||||
mountPropagation: None
|
||||
|
||||
{{ end }}
|
||||
{{ $_ := mergeOverwrite .Values (include "barman-cloud.hardcodedValues" . | fromYaml) }}
|
||||
|
||||
{{/* Render the templates */}}
|
||||
{{ include "bjw-s.common.loader.generate" . }}
|
||||
@@ -1,627 +0,0 @@
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.18.0
|
||||
name: objectstores.barmancloud.cnpg.io
|
||||
spec:
|
||||
group: barmancloud.cnpg.io
|
||||
names:
|
||||
kind: ObjectStore
|
||||
listKind: ObjectStoreList
|
||||
plural: objectstores
|
||||
singular: objectstore
|
||||
scope: Namespaced
|
||||
versions:
|
||||
- name: v1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: ObjectStore is the Schema for the objectstores API.
|
||||
properties:
|
||||
apiVersion:
|
||||
description: |-
|
||||
APIVersion defines the versioned schema of this representation of an object.
|
||||
Servers should convert recognized schemas to the latest internal value, and
|
||||
may reject unrecognized values.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||||
type: string
|
||||
kind:
|
||||
description: |-
|
||||
Kind is a string value representing the REST resource this object represents.
|
||||
Servers may infer this from the endpoint the client submits requests to.
|
||||
Cannot be updated.
|
||||
In CamelCase.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
spec:
|
||||
description: |-
|
||||
Specification of the desired behavior of the ObjectStore.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
|
||||
properties:
|
||||
configuration:
|
||||
description: The configuration for the barman-cloud tool suite
|
||||
properties:
|
||||
azureCredentials:
|
||||
description: The credentials to use to upload data to Azure Blob
|
||||
Storage
|
||||
properties:
|
||||
connectionString:
|
||||
description: The connection string to be used
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
inheritFromAzureAD:
|
||||
description: Use the Azure AD based authentication without
|
||||
providing explicitly the keys.
|
||||
type: boolean
|
||||
storageAccount:
|
||||
description: The storage account where to upload data
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
storageKey:
|
||||
description: |-
|
||||
The storage account key to be used in conjunction
|
||||
with the storage account name
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
storageSasToken:
|
||||
description: |-
|
||||
A shared-access-signature to be used in conjunction with
|
||||
the storage account name
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
type: object
|
||||
data:
|
||||
description: |-
|
||||
The configuration to be used to backup the data files
|
||||
When not defined, base backups files will be stored uncompressed and may
|
||||
be unencrypted in the object store, according to the bucket default
|
||||
policy.
|
||||
properties:
|
||||
additionalCommandArgs:
|
||||
description: |-
|
||||
AdditionalCommandArgs represents additional arguments that can be appended
|
||||
to the 'barman-cloud-backup' command-line invocation. These arguments
|
||||
provide flexibility to customize the backup process further according to
|
||||
specific requirements or configurations.
|
||||
|
||||
Example:
|
||||
In a scenario where specialized backup options are required, such as setting
|
||||
a specific timeout or defining custom behavior, users can use this field
|
||||
to specify additional command arguments.
|
||||
|
||||
Note:
|
||||
It's essential to ensure that the provided arguments are valid and supported
|
||||
by the 'barman-cloud-backup' command, to avoid potential errors or unintended
|
||||
behavior during execution.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
compression:
|
||||
description: |-
|
||||
Compress a backup file (a tar file per tablespace) while streaming it
|
||||
to the object store. Available options are empty string (no
|
||||
compression, default), `gzip`, `bzip2`, and `snappy`.
|
||||
enum:
|
||||
- bzip2
|
||||
- gzip
|
||||
- snappy
|
||||
type: string
|
||||
encryption:
|
||||
description: |-
|
||||
Whenever to force the encryption of files (if the bucket is
|
||||
not already configured for that).
|
||||
Allowed options are empty string (use the bucket policy, default),
|
||||
`AES256` and `aws:kms`
|
||||
enum:
|
||||
- AES256
|
||||
- aws:kms
|
||||
type: string
|
||||
immediateCheckpoint:
|
||||
description: |-
|
||||
Control whether the I/O workload for the backup initial checkpoint will
|
||||
be limited, according to the `checkpoint_completion_target` setting on
|
||||
the PostgreSQL server. If set to true, an immediate checkpoint will be
|
||||
used, meaning PostgreSQL will complete the checkpoint as soon as
|
||||
possible. `false` by default.
|
||||
type: boolean
|
||||
jobs:
|
||||
description: |-
|
||||
The number of parallel jobs to be used to upload the backup, defaults
|
||||
to 2
|
||||
format: int32
|
||||
minimum: 1
|
||||
type: integer
|
||||
type: object
|
||||
destinationPath:
|
||||
description: |-
|
||||
The path where to store the backup (i.e. s3://bucket/path/to/folder)
|
||||
this path, with different destination folders, will be used for WALs
|
||||
and for data
|
||||
minLength: 1
|
||||
type: string
|
||||
endpointCA:
|
||||
description: |-
|
||||
EndpointCA store the CA bundle of the barman endpoint.
|
||||
Useful when using self-signed certificates to avoid
|
||||
errors with certificate issuer and barman-cloud-wal-archive
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
endpointURL:
|
||||
description: |-
|
||||
Endpoint to be used to upload data to the cloud,
|
||||
overriding the automatic endpoint discovery
|
||||
type: string
|
||||
googleCredentials:
|
||||
description: The credentials to use to upload data to Google Cloud
|
||||
Storage
|
||||
properties:
|
||||
applicationCredentials:
|
||||
description: The secret containing the Google Cloud Storage
|
||||
JSON file with the credentials
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
gkeEnvironment:
|
||||
description: |-
|
||||
If set to true, will presume that it's running inside a GKE environment,
|
||||
default to false.
|
||||
type: boolean
|
||||
type: object
|
||||
historyTags:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: |-
|
||||
HistoryTags is a list of key value pairs that will be passed to the
|
||||
Barman --history-tags option.
|
||||
type: object
|
||||
s3Credentials:
|
||||
description: The credentials to use to upload data to S3
|
||||
properties:
|
||||
accessKeyId:
|
||||
description: The reference to the access key id
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
inheritFromIAMRole:
|
||||
description: Use the role based authentication without providing
|
||||
explicitly the keys.
|
||||
type: boolean
|
||||
region:
|
||||
description: The reference to the secret containing the region
|
||||
name
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
secretAccessKey:
|
||||
description: The reference to the secret access key
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
sessionToken:
|
||||
description: The references to the session key
|
||||
properties:
|
||||
key:
|
||||
description: The key to select
|
||||
type: string
|
||||
name:
|
||||
description: Name of the referent.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
type: object
|
||||
serverName:
|
||||
description: |-
|
||||
The server name on S3, the cluster name is used if this
|
||||
parameter is omitted
|
||||
type: string
|
||||
tags:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: |-
|
||||
Tags is a list of key value pairs that will be passed to the
|
||||
Barman --tags option.
|
||||
type: object
|
||||
wal:
|
||||
description: |-
|
||||
The configuration for the backup of the WAL stream.
|
||||
When not defined, WAL files will be stored uncompressed and may be
|
||||
unencrypted in the object store, according to the bucket default policy.
|
||||
properties:
|
||||
archiveAdditionalCommandArgs:
|
||||
description: |-
|
||||
Additional arguments that can be appended to the 'barman-cloud-wal-archive'
|
||||
command-line invocation. These arguments provide flexibility to customize
|
||||
the WAL archive process further, according to specific requirements or configurations.
|
||||
|
||||
Example:
|
||||
In a scenario where specialized backup options are required, such as setting
|
||||
a specific timeout or defining custom behavior, users can use this field
|
||||
to specify additional command arguments.
|
||||
|
||||
Note:
|
||||
It's essential to ensure that the provided arguments are valid and supported
|
||||
by the 'barman-cloud-wal-archive' command, to avoid potential errors or unintended
|
||||
behavior during execution.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
compression:
|
||||
description: |-
|
||||
Compress a WAL file before sending it to the object store. Available
|
||||
options are empty string (no compression, default), `gzip`, `bzip2`,
|
||||
`lz4`, `snappy`, `xz`, and `zstd`.
|
||||
enum:
|
||||
- bzip2
|
||||
- gzip
|
||||
- lz4
|
||||
- snappy
|
||||
- xz
|
||||
- zstd
|
||||
type: string
|
||||
encryption:
|
||||
description: |-
|
||||
Whenever to force the encryption of files (if the bucket is
|
||||
not already configured for that).
|
||||
Allowed options are empty string (use the bucket policy, default),
|
||||
`AES256` and `aws:kms`
|
||||
enum:
|
||||
- AES256
|
||||
- aws:kms
|
||||
type: string
|
||||
maxParallel:
|
||||
description: |-
|
||||
Number of WAL files to be either archived in parallel (when the
|
||||
PostgreSQL instance is archiving to a backup object store) or
|
||||
restored in parallel (when a PostgreSQL standby is fetching WAL
|
||||
files from a recovery object store). If not specified, WAL files
|
||||
will be processed one at a time. It accepts a positive integer as a
|
||||
value - with 1 being the minimum accepted value.
|
||||
minimum: 1
|
||||
type: integer
|
||||
restoreAdditionalCommandArgs:
|
||||
description: |-
|
||||
Additional arguments that can be appended to the 'barman-cloud-wal-restore'
|
||||
command-line invocation. These arguments provide flexibility to customize
|
||||
the WAL restore process further, according to specific requirements or configurations.
|
||||
|
||||
Example:
|
||||
In a scenario where specialized backup options are required, such as setting
|
||||
a specific timeout or defining custom behavior, users can use this field
|
||||
to specify additional command arguments.
|
||||
|
||||
Note:
|
||||
It's essential to ensure that the provided arguments are valid and supported
|
||||
by the 'barman-cloud-wal-restore' command, to avoid potential errors or unintended
|
||||
behavior during execution.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
type: object
|
||||
required:
|
||||
- destinationPath
|
||||
type: object
|
||||
x-kubernetes-validations:
|
||||
- fieldPath: .serverName
|
||||
message: use the 'serverName' plugin parameter in the Cluster resource
|
||||
reason: FieldValueForbidden
|
||||
rule: '!has(self.serverName)'
|
||||
instanceSidecarConfiguration:
|
||||
description: The configuration for the sidecar that runs in the instance
|
||||
pods
|
||||
properties:
|
||||
env:
|
||||
description: The environment to be explicitly passed to the sidecar
|
||||
items:
|
||||
description: EnvVar represents an environment variable present
|
||||
in a Container.
|
||||
properties:
|
||||
name:
|
||||
description: Name of the environment variable. Must be a
|
||||
C_IDENTIFIER.
|
||||
type: string
|
||||
value:
|
||||
description: |-
|
||||
Variable references $(VAR_NAME) are expanded
|
||||
using the previously defined environment variables in the container and
|
||||
any service environment variables. If a variable cannot be resolved,
|
||||
the reference in the input string will be unchanged. Double $$ are reduced
|
||||
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
|
||||
"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
|
||||
Escaped references will never be expanded, regardless of whether the variable
|
||||
exists or not.
|
||||
Defaults to "".
|
||||
type: string
|
||||
valueFrom:
|
||||
description: Source for the environment variable's value.
|
||||
Cannot be used if value is not empty.
|
||||
properties:
|
||||
configMapKeyRef:
|
||||
description: Selects a key of a ConfigMap.
|
||||
properties:
|
||||
key:
|
||||
description: The key to select.
|
||||
type: string
|
||||
name:
|
||||
default: ""
|
||||
description: |-
|
||||
Name of the referent.
|
||||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
type: string
|
||||
optional:
|
||||
description: Specify whether the ConfigMap or its
|
||||
key must be defined
|
||||
type: boolean
|
||||
required:
|
||||
- key
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
fieldRef:
|
||||
description: |-
|
||||
Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
|
||||
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
|
||||
properties:
|
||||
apiVersion:
|
||||
description: Version of the schema the FieldPath
|
||||
is written in terms of, defaults to "v1".
|
||||
type: string
|
||||
fieldPath:
|
||||
description: Path of the field to select in the
|
||||
specified API version.
|
||||
type: string
|
||||
required:
|
||||
- fieldPath
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
resourceFieldRef:
|
||||
description: |-
|
||||
Selects a resource of the container: only resources limits and requests
|
||||
(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
|
||||
properties:
|
||||
containerName:
|
||||
description: 'Container name: required for volumes,
|
||||
optional for env vars'
|
||||
type: string
|
||||
divisor:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: Specifies the output format of the
|
||||
exposed resources, defaults to "1"
|
||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||
x-kubernetes-int-or-string: true
|
||||
resource:
|
||||
description: 'Required: resource to select'
|
||||
type: string
|
||||
required:
|
||||
- resource
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
secretKeyRef:
|
||||
description: Selects a key of a secret in the pod's
|
||||
namespace
|
||||
properties:
|
||||
key:
|
||||
description: The key of the secret to select from. Must
|
||||
be a valid secret key.
|
||||
type: string
|
||||
name:
|
||||
default: ""
|
||||
description: |-
|
||||
Name of the referent.
|
||||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
type: string
|
||||
optional:
|
||||
description: Specify whether the Secret or its key
|
||||
must be defined
|
||||
type: boolean
|
||||
required:
|
||||
- key
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
type: object
|
||||
required:
|
||||
- name
|
||||
type: object
|
||||
type: array
|
||||
resources:
|
||||
description: Resources define cpu/memory requests and limits for
|
||||
the sidecar that runs in the instance pods.
|
||||
properties:
|
||||
claims:
|
||||
description: |-
|
||||
Claims lists the names of resources, defined in spec.resourceClaims,
|
||||
that are used by this container.
|
||||
|
||||
This is an alpha field and requires enabling the
|
||||
DynamicResourceAllocation feature gate.
|
||||
|
||||
This field is immutable. It can only be set for containers.
|
||||
items:
|
||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||
properties:
|
||||
name:
|
||||
description: |-
|
||||
Name must match the name of one entry in pod.spec.resourceClaims of
|
||||
the Pod where this field is used. It makes that resource available
|
||||
inside a container.
|
||||
type: string
|
||||
request:
|
||||
description: |-
|
||||
Request is the name chosen for a request in the referenced claim.
|
||||
If empty, everything from the claim is made available, otherwise
|
||||
only the result of this request.
|
||||
type: string
|
||||
required:
|
||||
- name
|
||||
type: object
|
||||
type: array
|
||||
x-kubernetes-list-map-keys:
|
||||
- name
|
||||
x-kubernetes-list-type: map
|
||||
limits:
|
||||
additionalProperties:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||
x-kubernetes-int-or-string: true
|
||||
description: |-
|
||||
Limits describes the maximum amount of compute resources allowed.
|
||||
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
||||
type: object
|
||||
requests:
|
||||
additionalProperties:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||
x-kubernetes-int-or-string: true
|
||||
description: |-
|
||||
Requests describes the minimum amount of compute resources required.
|
||||
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
|
||||
otherwise to an implementation-defined value. Requests cannot exceed Limits.
|
||||
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
||||
type: object
|
||||
type: object
|
||||
retentionPolicyIntervalSeconds:
|
||||
default: 1800
|
||||
description: |-
|
||||
The retentionCheckInterval defines the frequency at which the
|
||||
system checks and enforces retention policies.
|
||||
type: integer
|
||||
type: object
|
||||
retentionPolicy:
|
||||
description: |-
|
||||
RetentionPolicy is the retention policy to be used for backups
|
||||
and WALs (i.e. '60d'). The retention policy is expressed in the form
|
||||
of `XXu` where `XX` is a positive integer and `u` is in `[dwm]` -
|
||||
days, weeks, months.
|
||||
pattern: ^[1-9][0-9]*[dwm]$
|
||||
type: string
|
||||
required:
|
||||
- configuration
|
||||
type: object
|
||||
status:
|
||||
description: |-
|
||||
Most recently observed status of the ObjectStore. This data may not be up to
|
||||
date. Populated by the system. Read-only.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
|
||||
properties:
|
||||
serverRecoveryWindow:
|
||||
additionalProperties:
|
||||
description: |-
|
||||
RecoveryWindow represents the time span between the first
|
||||
recoverability point and the last successful backup of a PostgreSQL
|
||||
server, defining the period during which data can be restored.
|
||||
properties:
|
||||
firstRecoverabilityPoint:
|
||||
description: |-
|
||||
The first recoverability point in a PostgreSQL server refers to
|
||||
the earliest point in time to which the database can be
|
||||
restored.
|
||||
format: date-time
|
||||
type: string
|
||||
lastSuccussfulBackupTime:
|
||||
description: The last successful backup time
|
||||
format: date-time
|
||||
type: string
|
||||
type: object
|
||||
description: ServerRecoveryWindow maps each server to its recovery
|
||||
window
|
||||
type: object
|
||||
type: object
|
||||
required:
|
||||
- metadata
|
||||
- spec
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
||||
subresources:
|
||||
status: {}
|
||||
@@ -1,11 +0,0 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Issuer
|
||||
metadata:
|
||||
name: selfsigned-issuer
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Values.name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
selfSigned: {}
|
||||
@@ -1,17 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: leader-election-rolebinding
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: plugin-barman-cloud
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: leader-election-role
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ .Release.Name }}-barman-cloud
|
||||
namespace: {{ .Release.Namespace }}
|
||||
@@ -1,41 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: leader-election-role
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: leader-election-role
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- configmaps
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- create
|
||||
- update
|
||||
- patch
|
||||
- delete
|
||||
- apiGroups:
|
||||
- coordination.k8s.io
|
||||
resources:
|
||||
- leases
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- create
|
||||
- update
|
||||
- patch
|
||||
- delete
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- events
|
||||
verbs:
|
||||
- create
|
||||
- patch
|
||||
@@ -1,14 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: plugin-barman-cloud-m76km67hd7
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Values.name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
type: Opaque
|
||||
data:
|
||||
SIDECAR_IMAGE: |
|
||||
Z2hjci5pby9jbG91ZG5hdGl2ZS1wZy9wbHVnaW4tYmFybWFuLWNsb3VkLXNpZGVjYXI6dj
|
||||
AuNC4w
|
||||
@@ -1,12 +0,0 @@
|
||||
# -- Name override of release
|
||||
name: barman-cloud
|
||||
|
||||
# -- Default image
|
||||
image:
|
||||
repository: ghcr.io/cloudnative-pg/plugin-barman-cloud
|
||||
tag: "v0.4.0"
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
# -- Default service
|
||||
service:
|
||||
listenPort: 9090
|
||||
@@ -1,6 +1,6 @@
|
||||
apiVersion: v2
|
||||
name: cloudflared
|
||||
version: 1.15.0
|
||||
version: 1.17.0
|
||||
description: Cloudflared Tunnel
|
||||
keywords:
|
||||
- cloudflare
|
||||
@@ -13,6 +13,6 @@ maintainers:
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.0.1
|
||||
version: 4.1.0
|
||||
icon: https://avatars.githubusercontent.com/u/314135?s=48&v=4
|
||||
appVersion: "2025.5.0"
|
||||
appVersion: "2025.6.0"
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# cloudflared
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
Cloudflared Tunnel
|
||||
|
||||
@@ -19,7 +19,7 @@ Cloudflared Tunnel
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 4.0.1 |
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 4.1.0 |
|
||||
|
||||
## Values
|
||||
|
||||
@@ -27,7 +27,7 @@ Cloudflared Tunnel
|
||||
|-----|------|---------|-------------|
|
||||
| existingSecretKey | string | `"cf-tunnel-token"` | Name of key that contains the token in the existingSecret |
|
||||
| existingSecretName | string | `"cloudflared-secret"` | Name of existing secret that contains Cloudflare token |
|
||||
| image | object | `{"pullPolicy":"IfNotPresent","repository":"cloudflare/cloudflared","tag":"2025.5.0"}` | Default image |
|
||||
| image | object | `{"pullPolicy":"IfNotPresent","repository":"cloudflare/cloudflared","tag":"2025.6.0"}` | Default image |
|
||||
| name | string | `"cloudflared"` | Name override of release |
|
||||
| resources | object | `{"requests":{"cpu":"10m","memory":"128Mi"}}` | Default resources |
|
||||
|
||||
|
||||
@@ -10,7 +10,7 @@ existingSecretKey: cf-tunnel-token
|
||||
# -- Default image
|
||||
image:
|
||||
repository: cloudflare/cloudflared
|
||||
tag: "2025.5.0"
|
||||
tag: "2025.6.0"
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
# -- Default resources
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
apiVersion: v2
|
||||
name: generic-device-plugin
|
||||
version: 0.1.10
|
||||
version: 0.3.0
|
||||
description: Generic Device Plugin
|
||||
keywords:
|
||||
- generic-device-plugin
|
||||
@@ -13,6 +13,6 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://bjw-s.github.io/helm-charts/
|
||||
version: 3.7.3
|
||||
appVersion: 0.1.10
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.1.0
|
||||
appVersion: 0.2.0
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# generic-device-plugin
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
Generic Device Plugin
|
||||
|
||||
@@ -19,7 +19,7 @@ Generic Device Plugin
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://bjw-s.github.io/helm-charts/ | common | 3.7.3 |
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 4.1.0 |
|
||||
|
||||
## Values
|
||||
|
||||
|
||||
15
charts/gitea-actions/Chart.yaml
Normal file
15
charts/gitea-actions/Chart.yaml
Normal file
@@ -0,0 +1,15 @@
|
||||
apiVersion: v2
|
||||
name: gitea-actions
|
||||
version: 0.2.1
|
||||
description: Gitea Actions
|
||||
keywords:
|
||||
- cicd
|
||||
- runner
|
||||
- actions
|
||||
sources:
|
||||
- https://gitea.com/gitea/helm-actions
|
||||
- https://gitea.com/gitea/act
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
icon: https://avatars.githubusercontent.com/u/100373852?s=48&v=4
|
||||
appVersion: 0.2.11
|
||||
18
charts/gitea-actions/LICENSE
Normal file
18
charts/gitea-actions/LICENSE
Normal file
@@ -0,0 +1,18 @@
|
||||
MIT License
|
||||
|
||||
Copyright (c) 2025 gitea
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
|
||||
associated documentation files (the "Software"), to deal in the Software without restriction, including
|
||||
without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the
|
||||
following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all copies or substantial
|
||||
portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
|
||||
LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO
|
||||
EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
||||
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
|
||||
USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
54
charts/gitea-actions/README.md
Normal file
54
charts/gitea-actions/README.md
Normal file
@@ -0,0 +1,54 @@
|
||||
# gitea-actions
|
||||
|
||||
 
|
||||
|
||||
Gitea Actions
|
||||
|
||||
## Maintainers
|
||||
|
||||
| Name | Email | Url |
|
||||
| ---- | ------ | --- |
|
||||
| alexlebens | | |
|
||||
|
||||
## Source Code
|
||||
|
||||
* <https://gitea.com/gitea/helm-actions>
|
||||
* <https://gitea.com/gitea/act>
|
||||
|
||||
## Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| enabled | bool | `true` | |
|
||||
| existingSecret | string | `""` | |
|
||||
| existingSecretKey | string | `""` | |
|
||||
| giteaRootURL | string | `""` | |
|
||||
| global.fullnameOverride | string | `""` | |
|
||||
| global.imageRegistry | string | `""` | |
|
||||
| global.nameOverride | string | `""` | |
|
||||
| global.storageClass | string | `""` | |
|
||||
| init.image.repository | string | `"busybox"` | |
|
||||
| init.image.tag | string | `"1.37.0"` | |
|
||||
| statefulset.actRunner.config | string | `"log:\n level: debug\ncache:\n enabled: false\n"` | |
|
||||
| statefulset.actRunner.extraVolumeMounts | list | `[]` | |
|
||||
| statefulset.actRunner.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| statefulset.actRunner.repository | string | `"gitea/act_runner"` | |
|
||||
| statefulset.actRunner.tag | string | `"0.2.11"` | |
|
||||
| statefulset.affinity | object | `{}` | |
|
||||
| statefulset.annotations | object | `{}` | |
|
||||
| statefulset.dind.extraEnvs | list | `[]` | |
|
||||
| statefulset.dind.extraVolumeMounts | list | `[]` | |
|
||||
| statefulset.dind.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| statefulset.dind.repository | string | `"docker"` | |
|
||||
| statefulset.dind.tag | string | `"25.0.2-dind"` | |
|
||||
| statefulset.extraVolumes | list | `[]` | |
|
||||
| statefulset.labels | object | `{}` | |
|
||||
| statefulset.nodeSelector | object | `{}` | |
|
||||
| statefulset.persistence.size | string | `"1Gi"` | |
|
||||
| statefulset.persistence.storageClass | string | `""` | |
|
||||
| statefulset.replicas | int | `1` | |
|
||||
| statefulset.resources | object | `{}` | |
|
||||
| statefulset.tolerations | list | `[]` | |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
|
||||
102
charts/gitea-actions/templates/_helpers.tpl
Normal file
102
charts/gitea-actions/templates/_helpers.tpl
Normal file
@@ -0,0 +1,102 @@
|
||||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
|
||||
{{- define "gitea.actions.name" -}}
|
||||
{{- default .Chart.Name .Values.global.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "gitea.actions.fullname" -}}
|
||||
{{- if .Values.global.fullnameOverride -}}
|
||||
{{- .Values.global.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.global.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "gitea.actions.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Storage Class
|
||||
*/}}
|
||||
{{- define "gitea.actions.persistence.storageClass" -}}
|
||||
{{- $storageClass := (tpl ( default "" .Values.statefulset.persistence.storageClass) .) | default (tpl ( default "" .Values.global.storageClass) .) }}
|
||||
{{- if $storageClass }}
|
||||
storageClassName: {{ $storageClass | quote }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "gitea.actions.labels" -}}
|
||||
helm.sh/chart: {{ include "gitea.actions.chart" . }}
|
||||
app: {{ include "gitea.actions.name" . }}
|
||||
{{ include "gitea.actions.selectorLabels" . }}
|
||||
app.kubernetes.io/version: {{ .Values.statefulset.actRunner.tag | default .Chart.AppVersion | quote }}
|
||||
version: {{ .Values.statefulset.actRunner.tag | default .Chart.AppVersion | quote }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "gitea.actions.labels.actRunner" -}}
|
||||
helm.sh/chart: {{ include "gitea.actions.chart" . }}
|
||||
app: {{ include "gitea.actions.name" . }}-act-runner
|
||||
{{ include "gitea.actions.selectorLabels.actRunner" . }}
|
||||
app.kubernetes.io/version: {{ .Values.statefulset.actRunner.tag | default .Chart.AppVersion | quote }}
|
||||
version: {{ .Values.statefulset.actRunner.tag | default .Chart.AppVersion | quote }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "gitea.actions.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "gitea.actions.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "gitea.actions.selectorLabels.actRunner" -}}
|
||||
app.kubernetes.io/name: {{ include "gitea.actions.name" . }}-act-runner
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "gitea.actions.local_root_url" -}}
|
||||
{{- .Values.giteaRootURL -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Parse the http url to hostname + port separated by space for the nc command
|
||||
*/}}
|
||||
{{- define "gitea.actions.nc" -}}
|
||||
{{- $url := include "gitea.actions.local_root_url" . | urlParse -}}
|
||||
{{- $host := get $url "host" -}}
|
||||
{{- $scheme := get $url "scheme" -}}
|
||||
{{- $port := "80" -}}
|
||||
{{- if contains ":" $host -}}
|
||||
{{- $hostAndPort := regexSplit ":" $host 2 -}}
|
||||
{{- $host = index $hostAndPort 0 -}}
|
||||
{{- $port = index $hostAndPort 1 -}}
|
||||
{{- else if eq $scheme "https" -}}
|
||||
{{- $port = "443" -}}
|
||||
{{- else if eq $scheme "http" -}}
|
||||
{{- $port = "80" -}}
|
||||
{{- end -}}
|
||||
{{- printf "%s %s" $host $port -}}
|
||||
{{- end -}}
|
||||
15
charts/gitea-actions/templates/config-map.yaml
Normal file
15
charts/gitea-actions/templates/config-map.yaml
Normal file
@@ -0,0 +1,15 @@
|
||||
{{- if .Values.enabled }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ include "gitea.actions.fullname" . }}-act-runner-config
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "gitea.actions.labels" . | nindent 4 }}
|
||||
data:
|
||||
config.yaml: |
|
||||
{{- with .Values.statefulset.actRunner.config -}}
|
||||
{{ . | nindent 4}}
|
||||
{{- end -}}
|
||||
{{- end }}
|
||||
127
charts/gitea-actions/templates/stateful-set.yaml
Normal file
127
charts/gitea-actions/templates/stateful-set.yaml
Normal file
@@ -0,0 +1,127 @@
|
||||
{{- if .Values.enabled }}
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "gitea.actions.labels.actRunner" . | nindent 4 }}
|
||||
{{- with .Values.statefulset.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- with .Values.statefulset.annotations }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
name: {{ include "gitea.actions.fullname" . }}-act-runner
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
spec:
|
||||
replicas: {{ .Values.statefulset.replicas }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "gitea.actions.selectorLabels.actRunner" . | nindent 6 }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "gitea.actions.labels.actRunner" . | nindent 8 }}
|
||||
{{- with .Values.statefulset.labels }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
initContainers:
|
||||
- name: init-gitea
|
||||
image: "{{ .Values.init.image.repository }}:{{ .Values.init.image.tag }}"
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- |
|
||||
while ! nc -z {{ include "gitea.actions.nc" . }}; do
|
||||
sleep 5
|
||||
done
|
||||
containers:
|
||||
- name: act-runner
|
||||
image: "{{ .Values.statefulset.actRunner.repository }}:{{ .Values.statefulset.actRunner.tag }}"
|
||||
imagePullPolicy: {{ .Values.statefulset.actRunner.pullPolicy }}
|
||||
workingDir: /data
|
||||
env:
|
||||
- name: DOCKER_HOST
|
||||
value: tcp://127.0.0.1:2376
|
||||
- name: DOCKER_TLS_VERIFY
|
||||
value: "1"
|
||||
- name: DOCKER_CERT_PATH
|
||||
value: /certs/server
|
||||
- name: GITEA_RUNNER_REGISTRATION_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.existingSecret | default "gitea-actions-token" }}"
|
||||
key: "{{ .Values.existingSecretKey | default "token" }}"
|
||||
- name: GITEA_INSTANCE_URL
|
||||
value: {{ include "gitea.actions.local_root_url" . }}
|
||||
- name: CONFIG_FILE
|
||||
value: /actrunner/config.yaml
|
||||
resources:
|
||||
{{- toYaml .Values.statefulset.resources | nindent 12 }}
|
||||
volumeMounts:
|
||||
- mountPath: /actrunner/config.yaml
|
||||
name: act-runner-config
|
||||
subPath: config.yaml
|
||||
- mountPath: /certs/server
|
||||
name: docker-certs
|
||||
- mountPath: /data
|
||||
name: data-act-runner
|
||||
{{- with .Values.statefulset.actRunner.extraVolumeMounts }}
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
- name: dind
|
||||
image: "{{ .Values.statefulset.dind.repository }}:{{ .Values.statefulset.dind.tag }}"
|
||||
imagePullPolicy: {{ .Values.statefulset.dind.pullPolicy }}
|
||||
env:
|
||||
- name: DOCKER_HOST
|
||||
value: tcp://127.0.0.1:2376
|
||||
- name: DOCKER_TLS_VERIFY
|
||||
value: "1"
|
||||
- name: DOCKER_CERT_PATH
|
||||
value: /certs/server
|
||||
{{- if .Values.statefulset.dind.extraEnvs }}
|
||||
{{- toYaml .Values.statefulset.dind.extraEnvs | nindent 12 }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
privileged: true
|
||||
resources:
|
||||
{{- toYaml .Values.statefulset.resources | nindent 12 }}
|
||||
volumeMounts:
|
||||
- mountPath: /certs/server
|
||||
name: docker-certs
|
||||
{{- with .Values.statefulset.dind.extraVolumeMounts }}
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- range $key, $value := .Values.statefulset.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.statefulset.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.statefulset.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: act-runner-config
|
||||
configMap:
|
||||
name: {{ include "gitea.actions.fullname" . }}-act-runner-config
|
||||
- name: docker-certs
|
||||
emptyDir: {}
|
||||
{{- with .Values.statefulset.extraVolumes }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
name: data-act-runner
|
||||
spec:
|
||||
accessModes: [ "ReadWriteOnce" ]
|
||||
{{- include "gitea.actions.persistence.storageClass" . | nindent 8 }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.statefulset.persistence.size }}
|
||||
{{- end }}
|
||||
102
charts/gitea-actions/values.yaml
Normal file
102
charts/gitea-actions/values.yaml
Normal file
@@ -0,0 +1,102 @@
|
||||
# Configure Gitea Actions
|
||||
# - must enable persistence if the job is enabled
|
||||
## @section Gitea Actions
|
||||
#
|
||||
## @param enabled Create an act runner StatefulSet.
|
||||
## @param init.image.repository The image used for the init containers
|
||||
## @param init.image.tag The image tag used for the init containers
|
||||
## @param statefulset.annotations Act runner annotations
|
||||
## @param statefulset.labels Act runner labels
|
||||
## @param statefulset.resources Act runner resources
|
||||
## @param statefulset.nodeSelector NodeSelector for the statefulset
|
||||
## @param statefulset.tolerations Tolerations for the statefulset
|
||||
## @param statefulset.affinity Affinity for the statefulset
|
||||
## @param statefulset.extraVolumes Extra volumes for the statefulset
|
||||
## @param statefulset.actRunner.repository The Gitea act runner image
|
||||
## @param statefulset.actRunner.tag The Gitea act runner tag
|
||||
## @param statefulset.actRunner.pullPolicy The Gitea act runner pullPolicy
|
||||
## @param statefulset.actRunner.extraVolumeMounts Allows mounting extra volumes in the act runner container
|
||||
## @param statefulset.actRunner.config [default: Too complex. See values.yaml] Act runner custom configuration. See [Act Runner documentation](https://docs.gitea.com/usage/actions/act-runner#configuration) for details.
|
||||
## @param statefulset.dind.repository The Docker-in-Docker image
|
||||
## @param statefulset.dind.tag The Docker-in-Docker image tag
|
||||
## @param statefulset.dind.pullPolicy The Docker-in-Docker pullPolicy
|
||||
## @param statefulset.dind.extraVolumeMounts Allows mounting extra volumes in the Docker-in-Docker container
|
||||
## @param statefulset.dind.extraEnvs Allows adding custom environment variables, such as `DOCKER_IPTABLES_LEGACY`
|
||||
## @param statefulset.persistence.size Size for persistence to store act runner data
|
||||
## @param provisioning.enabled Create a job that will create and save the token in a Kubernetes Secret
|
||||
## @param provisioning.annotations Job's annotations
|
||||
## @param provisioning.labels Job's labels
|
||||
## @param provisioning.resources Job's resources
|
||||
## @param provisioning.nodeSelector NodeSelector for the job
|
||||
## @param provisioning.tolerations Tolerations for the job
|
||||
## @param provisioning.affinity Affinity for the job
|
||||
## @param provisioning.ttlSecondsAfterFinished ttl for the job after finished in order to allow helm to properly recognize that the job completed
|
||||
## @param provisioning.publish.repository The image that can create the secret via kubectl
|
||||
## @param provisioning.publish.tag The publish image tag that can create the secret
|
||||
## @param provisioning.publish.pullPolicy The publish image pullPolicy that can create the secret
|
||||
## @param existingSecret Secret that contains the token
|
||||
## @param existingSecretKey Secret key
|
||||
## @param giteaRootURL URL the act_runner registers and connect with
|
||||
enabled: true
|
||||
statefulset:
|
||||
replicas: 1
|
||||
annotations: {}
|
||||
labels: {}
|
||||
resources: {}
|
||||
nodeSelector: {}
|
||||
tolerations: []
|
||||
affinity: {}
|
||||
extraVolumes: []
|
||||
|
||||
actRunner:
|
||||
repository: gitea/act_runner
|
||||
tag: 0.2.11
|
||||
pullPolicy: IfNotPresent
|
||||
extraVolumeMounts: []
|
||||
|
||||
# See full example here: https://gitea.com/gitea/act_runner/src/branch/main/internal/pkg/config/config.example.yaml
|
||||
config: |
|
||||
log:
|
||||
level: debug
|
||||
cache:
|
||||
enabled: false
|
||||
|
||||
dind:
|
||||
repository: docker
|
||||
tag: 25.0.2-dind
|
||||
pullPolicy: IfNotPresent
|
||||
extraVolumeMounts: []
|
||||
|
||||
# If the container keeps crashing in your environment, you might have to add the `DOCKER_IPTABLES_LEGACY` environment variable.
|
||||
# See https://github.com/docker-library/docker/issues/463#issuecomment-1881909456
|
||||
extraEnvs:
|
||||
[]
|
||||
# - name: "DOCKER_IPTABLES_LEGACY"
|
||||
# value: "1"
|
||||
|
||||
persistence:
|
||||
storageClass: ""
|
||||
size: 1Gi
|
||||
|
||||
init:
|
||||
image:
|
||||
repository: busybox
|
||||
tag: "1.37.0"
|
||||
|
||||
## Specify an existing token secret
|
||||
##
|
||||
existingSecret: ""
|
||||
existingSecretKey: ""
|
||||
|
||||
## Specify the root URL of the Gitea instance
|
||||
giteaRootURL: ""
|
||||
|
||||
## @section Global
|
||||
#
|
||||
## @param global.imageRegistry global image registry override
|
||||
## @param global.storageClass global storage class override
|
||||
global:
|
||||
imageRegistry: ""
|
||||
storageClass: ""
|
||||
nameOverride: ""
|
||||
fullnameOverride: ""
|
||||
@@ -1,6 +1,6 @@
|
||||
apiVersion: v2
|
||||
name: postgres-cluster
|
||||
version: 6.4.0
|
||||
version: 6.4.4
|
||||
description: Cloudnative-pg Cluster
|
||||
keywords:
|
||||
- database
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# postgres-cluster
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
Cloudnative-pg Cluster
|
||||
|
||||
|
||||
@@ -131,6 +131,8 @@ externalClusters:
|
||||
- name: {{ include "cluster.recoveryServerName" . }}
|
||||
plugin:
|
||||
name: barman-cloud.cloudnative-pg.io
|
||||
enabled: true
|
||||
isWALArchiver: false
|
||||
parameters:
|
||||
barmanObjectName: "{{ include "cluster.name" . }}-{{ .Values.recovery.objectStore.name }}"
|
||||
serverName: {{ include "cluster.recoveryServerName" . }}
|
||||
|
||||
@@ -80,7 +80,7 @@ Generate recovery server name
|
||||
{{- if .Values.recovery.recoveryServerName -}}
|
||||
{{- .Values.recovery.recoveryServerName -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-backup-%s" (include "cluster.name" .) (toString .Values.recovery.recoveryIndex) | trunc 63 | trimSuffix "-" -}}
|
||||
{{- printf "%s-backup-%s" (include "cluster.name" .) (toString .Values.recovery.objectStore.index) | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
|
||||
@@ -24,6 +24,7 @@ spec:
|
||||
{{ end }}
|
||||
{{- range $objectStore := .Values.backup.objectStore }}
|
||||
- name: barman-cloud.cloudnative-pg.io
|
||||
enabled: true
|
||||
isWALArchiver: {{ $objectStore.isWALArchiver | default true }}
|
||||
parameters:
|
||||
barmanObjectName: "{{ include "cluster.name" $ }}-{{ $objectStore.name }}-backup"
|
||||
@@ -35,6 +36,8 @@ spec:
|
||||
{{- end }}
|
||||
{{ if eq .Values.recovery.method "objectStore" }}
|
||||
- name: barman-cloud.cloudnative-pg.io
|
||||
enabled: true
|
||||
isWALArchiver: false
|
||||
parameters:
|
||||
barmanObjectName: "{{ include "cluster.name" . }}-{{ .Values.recovery.objectStore.name }}"
|
||||
serverName: {{ include "cluster.recoveryServerName" . }}
|
||||
|
||||
@@ -493,7 +493,7 @@ backup:
|
||||
# name: daily-backup
|
||||
|
||||
# # -- Schedule in cron format
|
||||
# schedule: "0 0 */3 * *"
|
||||
# schedule: "0 0 0 * * *"
|
||||
|
||||
# # -- Start backup on deployment
|
||||
# immediate: false
|
||||
|
||||
@@ -19,7 +19,14 @@
|
||||
"addLabels": [
|
||||
"chart"
|
||||
],
|
||||
"automerge": false
|
||||
"automerge": false,
|
||||
"bumpVersions": [
|
||||
{
|
||||
"filePatterns": ["{{packageFileDir}}/Chart.{yaml,yml}"],
|
||||
"matchStrings": ["version:\\s(?<version>[^\\s]+)"],
|
||||
"bumpType": "{{#if isPatch}}patch{{else}}minor{{/if}}"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"description": "Label images",
|
||||
@@ -29,7 +36,14 @@
|
||||
"addLabels": [
|
||||
"image"
|
||||
],
|
||||
"automerge": false
|
||||
"automerge": false,
|
||||
"bumpVersions": [
|
||||
{
|
||||
"filePatterns": ["{{packageFileDir}}/Chart.{yaml,yml}"],
|
||||
"matchStrings": ["version:\\s(?<version>[^\\s]+)"],
|
||||
"bumpType": "{{#if isPatch}}patch{{else}}minor{{/if}}"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"description": "CNPG image",
|
||||
@@ -43,7 +57,14 @@
|
||||
"image"
|
||||
],
|
||||
"automerge": false,
|
||||
"versioning": "deb"
|
||||
"versioning": "deb",
|
||||
"bumpVersions": [
|
||||
{
|
||||
"filePatterns": ["{{packageFileDir}}/Chart.{yaml,yml}"],
|
||||
"matchStrings": ["version:\\s(?<version>[^\\s]+)"],
|
||||
"bumpType": "{{#if isPatch}}patch{{else}}minor{{/if}}"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user