mirror of
https://github.com/bitnami/charts.git
synced 2026-02-19 19:47:22 +08:00
[bitnami/external-dns] chore(providers): Remove unsupported in-tree providers (#35175)
* [bitnami/external-dns] chore(providers): Remove unsupported in-tree providers Signed-off-by: Fran Mulero <francisco-jose.mulero@broadcom.com> * Update CHANGELOG.md Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com> * Fix typo Signed-off-by: Fran Mulero <francisco-jose.mulero@broadcom.com> * Add Webhook providers documentation Signed-off-by: Fran Mulero <francisco-jose.mulero@broadcom.com> --------- Signed-off-by: Fran Mulero <francisco-jose.mulero@broadcom.com> Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com> Co-authored-by: Bitnami Bot <bitnami.bot@broadcom.com>
This commit is contained in:
Fran Mulero
@@ -1,8 +1,12 @@
|
||||
# Changelog
|
||||
|
||||
## 8.9.2 (2025-07-08)
|
||||
## 9.0.0 (2025-07-17)
|
||||
|
||||
* [bitnami/external-dns] :zap: :arrow_up: Update dependency references ([#34882](https://github.com/bitnami/charts/pull/34882))
|
||||
* [bitnami/external-dns] chore(providers): Remove unsupported in-tree providers ([#35175](https://github.com/bitnami/charts/pull/35175))
|
||||
|
||||
## <small>8.9.2 (2025-07-08)</small>
|
||||
|
||||
* [bitnami/external-dns] :zap: :arrow_up: Update dependency references (#34882) ([84a7516](https://github.com/bitnami/charts/commit/84a7516ae6891bbeb2134ba939408867b46a5ba0)), closes [#34882](https://github.com/bitnami/charts/issues/34882)
|
||||
|
||||
## <small>8.9.1 (2025-07-04)</small>
|
||||
|
||||
|
||||
@@ -30,4 +30,4 @@ maintainers:
|
||||
name: external-dns
|
||||
sources:
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/external-dns
|
||||
version: 8.9.2
|
||||
version: 9.0.0
|
||||
|
||||
@@ -101,6 +101,44 @@ You can use the following arguments:
|
||||
--set podSecurityContext.fsGroup=65534 --set podSecurityContext.runAsUser=0
|
||||
```
|
||||
|
||||
### Webhook Providers
|
||||
|
||||
Webhook providers allow integrating ExternalDNS with DNS providers through an HTTP interface. This approach decouples ExternalDNS and the Providers code which can be running in separate processes.
|
||||
|
||||
With the Bitnami ExternalDNS chart, you can deploy Webhook Providers and configure ExternalDNS easely using `sidecars` and `extraArgs` values:
|
||||
|
||||
```yaml
|
||||
provider: webhook
|
||||
|
||||
extraArgs:
|
||||
webhook-provider-url: http://localhost:8080
|
||||
txt-prefix: reg-
|
||||
|
||||
sidecars:
|
||||
- name: my-webhook
|
||||
image: <external-dns-webhook-image>
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
name: http
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: http
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 5
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: http
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 5
|
||||
env:
|
||||
- name: <WEBHOOK-CONFIG-ENV-VAR>
|
||||
value: TEST
|
||||
...
|
||||
```
|
||||
|
||||
More information about these new providers can be found in the [ExternalDNS documentation](https://github.com/kubernetes-sigs/external-dns/tree/master#new-providers)
|
||||
|
||||
## Tutorials
|
||||
|
||||
Find information about the requirements for each DNS provider on the link below:
|
||||
@@ -241,20 +279,6 @@ helm install my-release \
|
||||
| `coredns.etcdTLS.caFilename` | When using the CoreDNS provider, specify CA PEM file name from the `coredns.etcdTLS.secretName` | `ca.crt` |
|
||||
| `coredns.etcdTLS.certFilename` | When using the CoreDNS provider, specify cert PEM file name from the `coredns.etcdTLS.secretName` | `cert.pem` |
|
||||
| `coredns.etcdTLS.keyFilename` | When using the CoreDNS provider, specify private key PEM file name from the `coredns.etcdTLS.secretName` | `key.pem` |
|
||||
| `designate.username` | When using the Designate provider, specify the OpenStack authentication username. (optional) | `""` |
|
||||
| `designate.password` | When using the Designate provider, specify the OpenStack authentication password. (optional) | `""` |
|
||||
| `designate.applicationCredentialId` | When using the Designate provider, specify the OpenStack authentication application credential ID. This conflicts with `designate.username`. (optional) | `""` |
|
||||
| `designate.applicationCredentialSecret` | When using the Designate provider, specify the OpenStack authentication application credential ID. This conflicts with `designate.password`. (optional) | `""` |
|
||||
| `designate.authUrl` | When using the Designate provider, specify the OpenStack authentication Url. (optional) | `""` |
|
||||
| `designate.regionName` | When using the Designate provider, specify the OpenStack region name. (optional) | `""` |
|
||||
| `designate.userDomainName` | When using the Designate provider, specify the OpenStack user domain name. (optional) | `""` |
|
||||
| `designate.projectName` | When using the Designate provider, specify the OpenStack project name. (optional) | `""` |
|
||||
| `designate.authType` | When using the Designate provider, specify the OpenStack auth type. (optional) | `""` |
|
||||
| `designate.customCAHostPath` | When using the Designate provider, use a CA file already on the host to validate Openstack APIs. This conflicts with `designate.customCA.enabled` | `""` |
|
||||
| `designate.customCA.enabled` | When using the Designate provider, enable a custom CA (optional) | `false` |
|
||||
| `designate.customCA.content` | When using the Designate provider, set the content of the custom CA | `""` |
|
||||
| `designate.customCA.mountPath` | When using the Designate provider, set the mountPath in which to mount the custom CA configuration | `/config/designate` |
|
||||
| `designate.customCA.filename` | When using the Designate provider, set the custom CA configuration filename | `designate-ca.pem` |
|
||||
| `exoscale.apiKey` | When using the Exoscale provider, `EXTERNAL_DNS_EXOSCALE_APIKEY` to set (optional) | `""` |
|
||||
| `exoscale.apiToken` | When using the Exoscale provider, `EXTERNAL_DNS_EXOSCALE_APISECRET` to set (optional) | `""` |
|
||||
| `exoscale.secretName` | Use an existing secret with keys "exoscale_api_key" and "exoscale_api_token" defined. | `""` |
|
||||
@@ -266,23 +290,6 @@ helm install my-release \
|
||||
| `google.serviceAccountSecretKey` | When using the Google provider with an existing secret, specify the key name (optional) | `credentials.json` |
|
||||
| `google.serviceAccountKey` | When using the Google provider, specify the service account key JSON file. In this case a new secret will be created holding this service account (optional) | `""` |
|
||||
| `google.zoneVisibility` | When using the Google provider, fiter for zones of a specific visibility (private or public) | `""` |
|
||||
| `hetzner.token` | When using the Hetzner provider, specify your token here. (required when `hetzner.secretName` is not provided. In this case a new secret will be created holding the token.) | `""` |
|
||||
| `hetzner.secretName` | When using the Hetzner provider, specify the existing secret which contains your token. Disables the usage of `hetzner.token` (optional) | `""` |
|
||||
| `hetzner.secretKey` | When using the Hetzner provider with an existing secret, specify the key name (optional) | `hetzner_token` |
|
||||
| `infoblox.wapiUsername` | When using the Infoblox provider, specify the Infoblox WAPI username | `admin` |
|
||||
| `infoblox.wapiPassword` | When using the Infoblox provider, specify the Infoblox WAPI password (required when provider=infoblox) | `""` |
|
||||
| `infoblox.gridHost` | When using the Infoblox provider, specify the Infoblox Grid host (required when provider=infoblox) | `""` |
|
||||
| `infoblox.view` | Infoblox view | `""` |
|
||||
| `infoblox.secretName` | Existing secret name, when in place wapiUsername and wapiPassword are not required | `""` |
|
||||
| `infoblox.domainFilter` | When using the Infoblox provider, specify the domain (optional) | `""` |
|
||||
| `infoblox.nameRegex` | When using the Infoblox provider, specify the name regex filter (optional) | `""` |
|
||||
| `infoblox.noSslVerify` | When using the Infoblox provider, disable SSL verification (optional) | `false` |
|
||||
| `infoblox.wapiPort` | When using the Infoblox provider, specify the Infoblox WAPI port (optional) | `""` |
|
||||
| `infoblox.wapiVersion` | When using the Infoblox provider, specify the Infoblox WAPI version (optional) | `""` |
|
||||
| `infoblox.wapiConnectionPoolSize` | When using the Infoblox provider, specify the Infoblox WAPI request connection pool size (optional) | `""` |
|
||||
| `infoblox.wapiHttpTimeout` | When using the Infoblox provider, specify the Infoblox WAPI request timeout in seconds (optional) | `""` |
|
||||
| `infoblox.maxResults` | When using the Infoblox provider, specify the Infoblox Max Results (optional) | `""` |
|
||||
| `infoblox.createPtr` | When using the Infoblox provider, specify the Infoblox create PTR flag (optional) | `false` |
|
||||
| `linode.apiToken` | When using the Linode provider, `LINODE_TOKEN` to set (optional) | `""` |
|
||||
| `linode.secretName` | Use an existing secret with key "linode_api_token" defined. | `""` |
|
||||
| `ns1.minTTL` | When using the ns1 provider, specify minimal TTL, as an integer, for records | `10` |
|
||||
@@ -332,9 +339,6 @@ helm install my-release \
|
||||
| `pdns.secretName` | When using the PowerDNS provider, specify as secret name containing the API Key | `""` |
|
||||
| `transip.account` | When using the TransIP provider, specify the account name. | `""` |
|
||||
| `transip.apiKey` | When using the TransIP provider, specify the API key to use. | `""` |
|
||||
| `vinyldns.host` | When using the VinylDNS provider, specify the VinylDNS API host. | `""` |
|
||||
| `vinyldns.accessKey` | When using the VinylDNS provider, specify the Access Key to use. | `""` |
|
||||
| `vinyldns.secretKey` | When using the VinylDNS provider, specify the Secret key to use. | `""` |
|
||||
| `domainFilters` | Limit possible target zones by domain suffixes (optional) | `[]` |
|
||||
| `excludeDomains` | Exclude subdomains (optional) | `[]` |
|
||||
| `regexDomainFilter` | Limit possible target zones by regex domain suffixes (optional) | `""` |
|
||||
@@ -501,6 +505,10 @@ Find more information about how to deal with common errors related to Bitnami's
|
||||
|
||||
## Upgrading
|
||||
|
||||
### To 9.0.0
|
||||
|
||||
Unsupported in-tree providers have been removed: OpenStack Designate, Hetzner, Infoblox, VinylDNS
|
||||
|
||||
### To 8.7.0
|
||||
|
||||
This version introduces image verification for security purposes. To disable it, set `global.security.allowInsecureImages` to `true`. More details at [GitHub issue](https://github.com/bitnami/charts/issues/30850).
|
||||
|
||||
@@ -33,20 +33,12 @@ Return true if a secret object should be created
|
||||
{{- true -}}
|
||||
{{- else if and (eq .Values.provider "cloudflare") (or .Values.cloudflare.apiToken .Values.cloudflare.apiKey) (not .Values.cloudflare.secretName) -}}
|
||||
{{- true -}}
|
||||
{{- else if and (eq .Values.provider "designate") (or .Values.designate.username .Values.designate.password) -}}
|
||||
{{- true -}}
|
||||
{{- else if and (eq .Values.provider "designate") (or .Values.designate.applicationCredentialId .Values.designate.applicationCredentialSecret) -}}
|
||||
{{- true -}}
|
||||
{{- else if and (eq .Values.provider "digitalocean") .Values.digitalocean.apiToken (not .Values.digitalocean.secretName) -}}
|
||||
{{- true -}}
|
||||
{{- else if and (eq .Values.provider "exoscale") .Values.exoscale.apiKey (not .Values.exoscale.secretName) -}}
|
||||
{{- true -}}
|
||||
{{- else if and (eq .Values.provider "google") .Values.google.serviceAccountKey (not .Values.google.serviceAccountSecret) -}}
|
||||
{{- true -}}
|
||||
{{- else if and (eq .Values.provider "hetzner") .Values.hetzner.token (not .Values.hetzner.secretName) -}}
|
||||
{{- true -}}
|
||||
{{- else if and (eq .Values.provider "infoblox") (and .Values.infoblox.wapiUsername .Values.infoblox.wapiPassword) (not .Values.infoblox.secretName) -}}
|
||||
{{- true -}}
|
||||
{{- else if and (eq .Values.provider "linode") .Values.linode.apiToken (not .Values.linode.secretName) -}}
|
||||
{{- true -}}
|
||||
{{- else if and (eq .Values.provider "oci") (or .Values.oci.privateKeyFingerprint .Values.oci.useWorkloadIdentity) (not .Values.oci.secretName) -}}
|
||||
@@ -61,8 +53,6 @@ Return true if a secret object should be created
|
||||
{{- true -}}
|
||||
{{- else if and (eq .Values.provider "scaleway") .Values.scaleway.scwAccessKey (not .Values.scaleway.secretName) -}}
|
||||
{{- true -}}
|
||||
{{- else if and (eq .Values.provider "vinyldns") (or .Values.vinyldns.secretKey .Values.vinyldns.accessKey) -}}
|
||||
{{- true -}}
|
||||
{{- else if and (eq .Values.provider "ns1") .Values.ns1.apiKey (not .Values.ns1.secretName) -}}
|
||||
{{- true -}}
|
||||
{{- else if and (eq .Values.provider "civo") .Values.civo.apiToken (not .Values.civo.secretName) -}}
|
||||
@@ -78,9 +68,7 @@ Return true if a secret object should be created
|
||||
Return true if a configmap object should be created
|
||||
*/}}
|
||||
{{- define "external-dns.createConfigMap" -}}
|
||||
{{- if and (eq .Values.provider "designate") .Values.designate.customCA.enabled }}
|
||||
{{- true -}}
|
||||
{{- else if and (eq .Values.provider "rfc2136") .Values.rfc2136.rfc3645Enabled }}
|
||||
{{- if and (eq .Values.provider "rfc2136") .Values.rfc2136.rfc3645Enabled }}
|
||||
{{- true -}}
|
||||
{{- else -}}
|
||||
{{- end -}}
|
||||
@@ -106,8 +94,6 @@ Return the name of the Secret used to store the passwords
|
||||
{{- .Values.exoscale.secretName }}
|
||||
{{- else if and (eq .Values.provider "google") .Values.google.serviceAccountSecret }}
|
||||
{{- .Values.google.serviceAccountSecret }}
|
||||
{{- else if and (eq .Values.provider "hetzner") .Values.hetzner.secretName }}
|
||||
{{- .Values.hetzner.secretName }}
|
||||
{{- else if and (eq .Values.provider "linode") .Values.linode.secretName }}
|
||||
{{- .Values.linode.secretName }}
|
||||
{{- else if and (eq .Values.provider "oci") .Values.oci.secretName }}
|
||||
@@ -116,8 +102,6 @@ Return the name of the Secret used to store the passwords
|
||||
{{- .Values.ovh.secretName }}
|
||||
{{- else if and (eq .Values.provider "pdns") .Values.pdns.secretName }}
|
||||
{{- .Values.pdns.secretName }}
|
||||
{{- else if and (eq .Values.provider "infoblox") .Values.infoblox.secretName }}
|
||||
{{- .Values.infoblox.secretName }}
|
||||
{{- else if and (eq .Values.provider "rfc2136") .Values.rfc2136.secretName }}
|
||||
{{- .Values.rfc2136.secretName }}
|
||||
{{- else if and (eq .Values.provider "ns1") .Values.ns1.secretName }}
|
||||
@@ -230,8 +214,6 @@ Compile all warnings into a single message, and call fail if the validation is e
|
||||
{{- $messages := append $messages (include "external-dns.validateValues.akamai.clientToken" .) -}}
|
||||
{{- $messages := append $messages (include "external-dns.validateValues.akamai.clientSecret" .) -}}
|
||||
{{- $messages := append $messages (include "external-dns.validateValues.aws" .) -}}
|
||||
{{- $messages := append $messages (include "external-dns.validateValues.infoblox.gridHost" .) -}}
|
||||
{{- $messages := append $messages (include "external-dns.validateValues.infoblox.wapiPassword" .) -}}
|
||||
{{- $messages := append $messages (include "external-dns.validateValues.pdns.apiUrl" .) -}}
|
||||
{{- $messages := append $messages (include "external-dns.validateValues.pdns.apiKey" .) -}}
|
||||
{{- $messages := append $messages (include "external-dns.validateValues.azure.resourceGroupWithoutTenantId" .) -}}
|
||||
@@ -359,31 +341,6 @@ external-dns: aws.assumeRoleArn
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Validate values of External DNS:
|
||||
- must provide the Grid Manager host when provider is "infoblox"
|
||||
*/}}
|
||||
{{- define "external-dns.validateValues.infoblox.gridHost" -}}
|
||||
{{- if and (eq .Values.provider "infoblox") (not .Values.infoblox.gridHost) -}}
|
||||
external-dns: infoblox.gridHost
|
||||
You must provide the Grid Manager host when provider="infoblox".
|
||||
Please set the gridHost parameter (--set infoblox.gridHost="xxxx")
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Validate values of External DNS:
|
||||
- must provide a WAPI password when provider is "infoblox"
|
||||
*/}}
|
||||
{{- define "external-dns.validateValues.infoblox.wapiPassword" -}}
|
||||
{{- if and (eq .Values.provider "infoblox") (not .Values.infoblox.wapiPassword) (not .Values.infoblox.secretName) -}}
|
||||
external-dns: infoblox.wapiPassword
|
||||
You must provide a WAPI password when provider="infoblox".
|
||||
Please set the wapiPassword parameter (--set infoblox.wapiPassword="xxxx")
|
||||
or you can provide an existing secret name via infoblox.secretName
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Validate values of External DNS:
|
||||
- must provide the PowerDNS API URL when provider is "pdns"
|
||||
@@ -633,19 +590,6 @@ external-dns: transip.account
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Validate values of External DNS:
|
||||
- must provide an API token when provider is "hetzner"
|
||||
*/}}
|
||||
{{- define "external-dns.validateValues.hetzner" -}}
|
||||
{{- if and (eq .Values.provider "hetzner") (or (not .Values.hetzner.token) (not .Values.hetzner.secretName)) -}}
|
||||
external-dns: hetzner.token
|
||||
You must provide the a Hetzner API Token when provider="hetzner".
|
||||
Please set the token parameter (--set hetzner.token="xxxx")
|
||||
or specify a secret that contains an API token. (--set hetzner.secretName="xxxx")
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Validate values of TransIP DNS:
|
||||
- must provide the API key when provider is "transip"
|
||||
|
||||
@@ -14,10 +14,6 @@ metadata:
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
data:
|
||||
{{- if .Values.designate.customCA.enabled }}
|
||||
{{ .Values.designate.customCA.filename }}: |
|
||||
{{ .Values.designate.customCA.content | indent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.rfc2136.rfc3645Enabled }}
|
||||
krb5.conf: |
|
||||
{{ .Values.rfc2136.kerberosConfig | indent 4 }}
|
||||
|
||||
@@ -24,7 +24,7 @@ spec:
|
||||
template:
|
||||
metadata:
|
||||
labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }}
|
||||
{{- if or .Values.podAnnotations (and .Values.metrics.enabled .Values.metrics.podAnnotations) (include "external-dns.createSecret" .) (and (eq .Values.provider "designate") .Values.designate.customCA.enabled) }}
|
||||
{{- if or .Values.podAnnotations (and .Values.metrics.enabled .Values.metrics.podAnnotations) (include "external-dns.createSecret" .) }}
|
||||
annotations:
|
||||
{{- if or .Values.podAnnotations (and .Values.metrics.enabled .Values.metrics.podAnnotations) }}
|
||||
{{- $podAnnotations := include "common.tplvalues.merge" (dict "values" (list .Values.podAnnotations .Values.metrics.podAnnotations) "context" .) }}
|
||||
@@ -33,7 +33,7 @@ spec:
|
||||
{{- if (include "external-dns.createSecret" .) }}
|
||||
checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
|
||||
{{- end }}
|
||||
{{- if and (eq .Values.provider "designate") .Values.designate.customCA.enabled }}
|
||||
{{- if (include "external-dns.createConfigMap" .) }}
|
||||
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -464,64 +464,6 @@ spec:
|
||||
value: {{ .Values.coredns.etcdTLS.mountPath }}/{{ include "external-dns.tlsCACert" . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.provider "designate" }}
|
||||
# Designate environment variables
|
||||
{{- if .Values.designate.customCA.enabled }}
|
||||
- name: OPENSTACK_CA_FILE
|
||||
value: {{ .Values.designate.customCA.mountPath }}/{{ .Values.designate.customCA.filename }}
|
||||
{{- else if .Values.designate.customCAHostPath }}
|
||||
- name: OPENSTACK_CA_FILE
|
||||
value: {{ .Values.designate.customCAHostPath }}
|
||||
{{- end }}
|
||||
{{- if .Values.designate.username }}
|
||||
- name: OS_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ template "external-dns.secretName" . }}
|
||||
key: designate_username
|
||||
{{- end }}
|
||||
{{- if .Values.designate.password }}
|
||||
- name: OS_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ template "external-dns.secretName" . }}
|
||||
key: designate_password
|
||||
{{- end }}
|
||||
{{- if .Values.designate.applicationCredentialId }}
|
||||
- name: OS_APPLICATION_CREDENTIAL_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ template "external-dns.secretName" . }}
|
||||
key: designate_application_credential_id
|
||||
{{- end }}
|
||||
{{- if .Values.designate.applicationCredentialSecret }}
|
||||
- name: OS_APPLICATION_CREDENTIAL_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ template "external-dns.secretName" . }}
|
||||
key: designate_application_credential_secret
|
||||
{{- end }}
|
||||
{{- if .Values.designate.authUrl }}
|
||||
- name: OS_AUTH_URL
|
||||
value: {{ .Values.designate.authUrl }}
|
||||
{{- end }}
|
||||
{{- if .Values.designate.regionName }}
|
||||
- name: OS_REGION_NAME
|
||||
value: {{ .Values.designate.regionName }}
|
||||
{{- end }}
|
||||
{{- if .Values.designate.userDomainName }}
|
||||
- name: OS_USER_DOMAIN_NAME
|
||||
value: {{ .Values.designate.userDomainName }}
|
||||
{{- end }}
|
||||
{{- if .Values.designate.projectName }}
|
||||
- name: OS_PROJECT_NAME
|
||||
value: {{ .Values.designate.projectName }}
|
||||
{{- end }}
|
||||
{{- if .Values.designate.authType }}
|
||||
- name: OS_AUTH_TYPE
|
||||
value: {{ .Values.designate.authType }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if and (eq .Values.provider "digitalocean") (or .Values.digitalocean.apiToken .Values.digitalocean.secretName) }}
|
||||
# DigitalOcean environment variables
|
||||
- name: DO_TOKEN
|
||||
@@ -554,22 +496,6 @@ spec:
|
||||
value: /etc/secrets/service-account/credentials.json
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.provider "hetzner" }}
|
||||
# Hetzner environment variables
|
||||
{{- if .Values.hetzner.secretName }}
|
||||
- name: HETZNER_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.hetzner.secretName }}
|
||||
key: {{ .Values.hetzner.secretKey }}
|
||||
{{- else }}
|
||||
- name: HETZNER_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ template "external-dns.secretName" . }}
|
||||
key: hetzner_token
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.provider "linode" }}
|
||||
# Linode environment variables
|
||||
{{- if or (.Values.linode.apiToken) (.Values.linode.secretName) }}
|
||||
@@ -621,29 +547,6 @@ spec:
|
||||
key: scw_secret_key
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.provider "infoblox" }}
|
||||
# Infloblox environment variables
|
||||
{{- if .Values.infoblox.wapiConnectionPoolSize }}
|
||||
- name: EXTERNAL_DNS_INFOBLOX_HTTP_POOL_CONNECTIONS
|
||||
value: "{{ .Values.infoblox.wapiConnectionPoolSize }}"
|
||||
{{- end }}
|
||||
{{- if .Values.infoblox.wapiHttpTimeout }}
|
||||
- name: EXTERNAL_DNS_INFOBLOX_HTTP_REQUEST_TIMEOUT
|
||||
value: "{{ .Values.infoblox.wapiHttpTimeout }}"
|
||||
{{- end }}
|
||||
{{- if or (and .Values.infoblox.wapiUsername .Values.infoblox.wapiPassword) (.Values.infoblox.secretName) }}
|
||||
- name: EXTERNAL_DNS_INFOBLOX_WAPI_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ template "external-dns.secretName" . }}
|
||||
key: infoblox_wapi_username
|
||||
- name: EXTERNAL_DNS_INFOBLOX_WAPI_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ template "external-dns.secretName" . }}
|
||||
key: infoblox_wapi_password
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.provider "rfc2136" }}
|
||||
{{- if .Values.rfc2136.tsigSecret | or (and .Values.rfc2136.kerberosUsername .Values.rfc2136.kerberosPassword) | or .Values.rfc2136.secretName }}
|
||||
# RFC 2136 environment variables
|
||||
@@ -674,27 +577,6 @@ spec:
|
||||
secretKeyRef:
|
||||
name: {{ template "external-dns.secretName" . }}
|
||||
key: pdns_api_key
|
||||
{{- end }}
|
||||
{{- if eq .Values.provider "vinyldns" }}
|
||||
# VinylDNS environment variables
|
||||
{{- if .Values.vinyldns.host }}
|
||||
- name: VINYLDNS_HOST
|
||||
value: {{ .Values.vinyldns.host }}
|
||||
{{- end }}
|
||||
{{- if .Values.vinyldns.accessKey }}
|
||||
- name: VINYLDNS_ACCESS_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ template "external-dns.secretName" . }}
|
||||
key: vinyldns-access-key
|
||||
{{- end }}
|
||||
{{- if .Values.vinyldns.secretKey }}
|
||||
- name: VINYLDNS_SECRET_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ template "external-dns.secretName" . }}
|
||||
key: vinyldns-secret-key
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraEnvVars }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }}
|
||||
@@ -825,20 +707,6 @@ spec:
|
||||
- name: oci-config-file
|
||||
mountPath: /etc/kubernetes/
|
||||
{{- end }}
|
||||
{{- if eq .Values.provider "designate" }}
|
||||
# Designate mountPath(s)
|
||||
{{- if and (.Values.designate.customCAHostPath) (.Values.designate.customCA.enabled) }}
|
||||
{{- fail "designate.customCAHostPath cannot be specified with designate.customCA.enabled set to true" }}
|
||||
{{- else if .Values.designate.customCA.enabled }}
|
||||
- name: designate-custom-ca
|
||||
mountPath: {{ .Values.designate.customCA.mountPath }}
|
||||
readOnly: true
|
||||
{{- else if .Values.designate.customCAHostPath }}
|
||||
- name: designate-custom-ca-hostpath
|
||||
mountPath: {{ .Values.designate.customCAHostPath }}
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if and (eq .Values.provider "rfc2136") .Values.rfc2136.rfc3645Enabled }}
|
||||
- name: krb5config
|
||||
mountPath: /etc/krb5.conf
|
||||
@@ -913,21 +781,6 @@ spec:
|
||||
path: credentials.json
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.provider "designate" }}
|
||||
# Designate volume(s)
|
||||
{{- if .Values.designate.customCA.enabled }}
|
||||
- name: designate-custom-ca
|
||||
configMap:
|
||||
name: {{ template "common.names.fullname" . }}
|
||||
items:
|
||||
- key: {{ .Values.designate.customCA.filename }}
|
||||
path: {{ .Values.designate.customCA.filename }}
|
||||
{{- else if .Values.designate.customCAHostPath }}
|
||||
- name: designate-custom-ca-hostpath
|
||||
hostPath:
|
||||
path: {{ .Values.designate.customCAHostPath }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if and (eq .Values.provider "rfc2136") .Values.rfc2136.rfc3645Enabled }}
|
||||
# Kerberos config volume
|
||||
- name: krb5config
|
||||
|
||||
@@ -34,9 +34,6 @@ data:
|
||||
{{- if eq .Values.provider "google" }}
|
||||
credentials.json: {{ .Values.google.serviceAccountKey | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- if and (eq .Values.provider "hetzner") (not .Values.hetzner.secretName) }}
|
||||
hetzner_token: {{ .Values.hetzner.token | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.provider "civo" }}
|
||||
apiToken: {{ .Values.civo.apiToken | b64enc | quote }}
|
||||
{{- end }}
|
||||
@@ -47,20 +44,6 @@ data:
|
||||
cloudflare_api_key: {{ required "cloudflare.apiKey is required if cloudflare.apiToken is not provided" .Values.cloudflare.apiKey | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.provider "designate" }}
|
||||
{{- if .Values.designate.username }}
|
||||
designate_username: {{ .Values.designate.username | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.designate.password }}
|
||||
designate_password: {{ .Values.designate.password | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.designate.applicationCredentialId }}
|
||||
designate_application_credential_id: {{ .Values.designate.applicationCredentialId | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.designate.applicationCredentialSecret }}
|
||||
designate_application_credential_secret: {{ .Values.designate.applicationCredentialSecret | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.provider "digitalocean" }}
|
||||
digitalocean_api_token: {{ .Values.digitalocean.apiToken | b64enc | quote }}
|
||||
{{- end }}
|
||||
@@ -68,10 +51,6 @@ data:
|
||||
exoscale_api_key: {{ .Values.exoscale.apiKey | b64enc | quote }}
|
||||
exoscale_api_token: {{ .Values.exoscale.apiToken | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.provider "infoblox" }}
|
||||
infoblox_wapi_username: {{ .Values.infoblox.wapiUsername | b64enc | quote }}
|
||||
infoblox_wapi_password: {{ .Values.infoblox.wapiPassword | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.provider "linode" }}
|
||||
linode_api_token: {{ .Values.linode.apiToken | b64enc | quote }}
|
||||
{{- end }}
|
||||
@@ -98,10 +77,6 @@ data:
|
||||
scw_access_key: {{ .Values.scaleway.scwAccessKey | b64enc | quote }}
|
||||
scw_secret_key: {{ .Values.scaleway.scwSecretKey | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.provider "vinyldns" }}
|
||||
vinyldns-access-key: {{ .Values.vinyldns.accessKey | b64enc | quote }}
|
||||
vinyldns-secret-key: {{ .Values.vinyldns.secretKey | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.provider "ns1" }}
|
||||
ns1-api-key: {{ .Values.ns1.apiKey | b64enc | quote }}
|
||||
{{- end }}
|
||||
|
||||
@@ -118,7 +118,7 @@ sources:
|
||||
# - contour-httpproxy
|
||||
## @param provider DNS provider where the DNS records will be created.
|
||||
## Available providers are:
|
||||
## - akamai, alibabacloud, aws, azure, azure-private-dns, cloudflare, coredns, designate, digitalocean, google, hetzner, infoblox, linode, rfc2136, transip, oci
|
||||
## - akamai, alibabacloud, aws, azure, azure-private-dns, civo, cloudflare, coredns, digitalocean, exoscale, google, linode, ns1, oci, ovh, pdns, pihole, rfc2136, scaleway, transip
|
||||
##
|
||||
provider: aws
|
||||
## @param initContainers Attach additional init containers to the pod (evaluated as a template)
|
||||
@@ -414,52 +414,6 @@ coredns:
|
||||
## Will be used by external-dns to authenticate against etcd
|
||||
##
|
||||
keyFilename: "key.pem"
|
||||
## OpenStack Designate provider configuration to be set via arguments/env. variables
|
||||
##
|
||||
designate:
|
||||
## Set Openstack environment variables (optional). Username and password will be saved in a kubernetes secret
|
||||
## The alternative to this is to export the necessary Openstack environment variables in the extraEnv argument
|
||||
## @param designate.username When using the Designate provider, specify the OpenStack authentication username. (optional)
|
||||
## @param designate.password When using the Designate provider, specify the OpenStack authentication password. (optional)
|
||||
## @param designate.applicationCredentialId When using the Designate provider, specify the OpenStack authentication application credential ID. This conflicts with `designate.username`. (optional)
|
||||
## @param designate.applicationCredentialSecret When using the Designate provider, specify the OpenStack authentication application credential ID. This conflicts with `designate.password`. (optional)
|
||||
## @param designate.authUrl When using the Designate provider, specify the OpenStack authentication Url. (optional)
|
||||
## @param designate.regionName When using the Designate provider, specify the OpenStack region name. (optional)
|
||||
## @param designate.userDomainName When using the Designate provider, specify the OpenStack user domain name. (optional)
|
||||
## @param designate.projectName When using the Designate provider, specify the OpenStack project name. (optional)
|
||||
## @param designate.authType When using the Designate provider, specify the OpenStack auth type. (optional)
|
||||
## e.g:
|
||||
## username: "someuser"
|
||||
## password: "p@55w0rd"
|
||||
## authUrl: "https://mykeystone.example.net:5000/v3/"
|
||||
## regionName: "dev"
|
||||
## userDomainName: "development"
|
||||
## projectName: "myteamname"
|
||||
##
|
||||
username: ""
|
||||
password: ""
|
||||
applicationCredentialId: ""
|
||||
applicationCredentialSecret: ""
|
||||
authUrl: ""
|
||||
regionName: ""
|
||||
userDomainName: ""
|
||||
projectName: ""
|
||||
authType: ""
|
||||
## @param designate.customCAHostPath When using the Designate provider, use a CA file already on the host to validate Openstack APIs. This conflicts with `designate.customCA.enabled`
|
||||
## This conflicts setting the above customCA to true and chart rendering will fail if you set customCA to true and specify customCAHostPath
|
||||
##
|
||||
customCAHostPath: ""
|
||||
## Use a custom CA (optional)
|
||||
## @param designate.customCA.enabled When using the Designate provider, enable a custom CA (optional)
|
||||
## @param designate.customCA.content When using the Designate provider, set the content of the custom CA
|
||||
## @param designate.customCA.mountPath When using the Designate provider, set the mountPath in which to mount the custom CA configuration
|
||||
## @param designate.customCA.filename When using the Designate provider, set the custom CA configuration filename
|
||||
##
|
||||
customCA:
|
||||
enabled: false
|
||||
content: ""
|
||||
mountPath: "/config/designate"
|
||||
filename: "designate-ca.pem"
|
||||
## Exoscale configuration to be set via arguments/env. variables
|
||||
##
|
||||
exoscale:
|
||||
@@ -506,68 +460,6 @@ google:
|
||||
## @param google.zoneVisibility When using the Google provider, fiter for zones of a specific visibility (private or public)
|
||||
##
|
||||
zoneVisibility: ""
|
||||
## Hetzner configuration to be set via arguments/env. variables
|
||||
##
|
||||
hetzner:
|
||||
## @param hetzner.token When using the Hetzner provider, specify your token here. (required when `hetzner.secretName` is not provided. In this case a new secret will be created holding the token.)
|
||||
## Mutually exclusive with `hetzner.secretName`.
|
||||
##
|
||||
token: ""
|
||||
## @param hetzner.secretName When using the Hetzner provider, specify the existing secret which contains your token. Disables the usage of `hetzner.token` (optional)
|
||||
##
|
||||
secretName: ""
|
||||
## @param hetzner.secretKey When using the Hetzner provider with an existing secret, specify the key name (optional)
|
||||
##
|
||||
secretKey: "hetzner_token"
|
||||
## Infoblox configuration to be set via arguments/env. variables
|
||||
##
|
||||
infoblox:
|
||||
## @param infoblox.wapiUsername When using the Infoblox provider, specify the Infoblox WAPI username
|
||||
##
|
||||
wapiUsername: "admin"
|
||||
## @param infoblox.wapiPassword When using the Infoblox provider, specify the Infoblox WAPI password (required when provider=infoblox)
|
||||
##
|
||||
wapiPassword: ""
|
||||
## @param infoblox.gridHost When using the Infoblox provider, specify the Infoblox Grid host (required when provider=infoblox)
|
||||
##
|
||||
gridHost: ""
|
||||
## @param infoblox.view Infoblox view
|
||||
##
|
||||
view: ""
|
||||
## Optional keys
|
||||
##
|
||||
## @param infoblox.secretName Existing secret name, when in place wapiUsername and wapiPassword are not required
|
||||
##
|
||||
secretName: ""
|
||||
##
|
||||
## @param infoblox.domainFilter When using the Infoblox provider, specify the domain (optional)
|
||||
##
|
||||
domainFilter: ""
|
||||
##
|
||||
## @param infoblox.nameRegex When using the Infoblox provider, specify the name regex filter (optional)
|
||||
##
|
||||
nameRegex: ""
|
||||
## @param infoblox.noSslVerify When using the Infoblox provider, disable SSL verification (optional)
|
||||
##
|
||||
noSslVerify: false
|
||||
## @param infoblox.wapiPort When using the Infoblox provider, specify the Infoblox WAPI port (optional)
|
||||
##
|
||||
wapiPort: ""
|
||||
## @param infoblox.wapiVersion When using the Infoblox provider, specify the Infoblox WAPI version (optional)
|
||||
##
|
||||
wapiVersion: ""
|
||||
## @param infoblox.wapiConnectionPoolSize When using the Infoblox provider, specify the Infoblox WAPI request connection pool size (optional)
|
||||
##
|
||||
wapiConnectionPoolSize: ""
|
||||
## @param infoblox.wapiHttpTimeout When using the Infoblox provider, specify the Infoblox WAPI request timeout in seconds (optional)
|
||||
##
|
||||
wapiHttpTimeout: ""
|
||||
## @param infoblox.maxResults When using the Infoblox provider, specify the Infoblox Max Results (optional)
|
||||
##
|
||||
maxResults: ""
|
||||
## @param infoblox.createPtr When using the Infoblox provider, specify the Infoblox create PTR flag (optional)
|
||||
##
|
||||
createPtr: false
|
||||
## Linode configuration to be set via arguments/env. variables
|
||||
##
|
||||
linode:
|
||||
@@ -757,18 +649,6 @@ transip:
|
||||
## @param transip.apiKey When using the TransIP provider, specify the API key to use.
|
||||
##
|
||||
apiKey: ""
|
||||
## VinylDNS configuration to be set via arguments/env. variables
|
||||
##
|
||||
vinyldns:
|
||||
## @param vinyldns.host When using the VinylDNS provider, specify the VinylDNS API host.
|
||||
##
|
||||
host: ""
|
||||
## @param vinyldns.accessKey When using the VinylDNS provider, specify the Access Key to use.
|
||||
##
|
||||
accessKey: ""
|
||||
## @param vinyldns.secretKey When using the VinylDNS provider, specify the Secret key to use.
|
||||
##
|
||||
secretKey: ""
|
||||
## @param domainFilters Limit possible target zones by domain suffixes (optional)
|
||||
##
|
||||
domainFilters: []
|
||||
|
||||
Reference in New Issue
Block a user