diff --git a/bitnami/ghost/Chart.lock b/bitnami/ghost/Chart.lock index 70613fd66f..87eba1fda2 100644 --- a/bitnami/ghost/Chart.lock +++ b/bitnami/ghost/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: common repository: https://charts.bitnami.com/bitnami - version: 1.2.3 + version: 1.3.2 - name: mariadb repository: https://charts.bitnami.com/bitnami - version: 9.2.0 -digest: sha256:6d8ae64953c5c28571ddce72e30f5e65b035d33b0d062cd9adcf5b588e11223f -generated: "2021-01-05T15:47:37.101968082Z" + version: 9.2.2 +digest: sha256:07cd34202e21afdce4bac8ddf6458a4c6b8e5ccb8b6cf0b724e450ac3915f5ed +generated: "2021-01-14T10:48:51.797894+01:00" diff --git a/bitnami/ghost/Chart.yaml b/bitnami/ghost/Chart.yaml index 09c2f14a25..74149b45c6 100644 --- a/bitnami/ghost/Chart.yaml +++ b/bitnami/ghost/Chart.yaml @@ -33,4 +33,4 @@ name: ghost sources: - https://github.com/bitnami/bitnami-docker-ghost - http://www.ghost.org/ -version: 11.2.4 +version: 12.0.0 diff --git a/bitnami/ghost/README.md b/bitnami/ghost/README.md index 9c6371a341..811c742213 100644 --- a/bitnami/ghost/README.md +++ b/bitnami/ghost/README.md @@ -52,159 +52,162 @@ The following table lists the configurable parameters of the Ghost chart and the ### Global parameters -| Parameter | Description | Default | -|---------------------------------------------|-----------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------| -| `global.imageRegistry` | Global Docker image registry | `nil` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `global.storageClass` | Global storage class for dynamic provisioning | `nil` | +| Parameter | Description | Default | +|---------------------------|-------------------------------------------------|---------------------------------------------------------| +| `global.imageRegistry` | Global Docker image registry | `nil` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| `global.storageClass` | Global storage class for dynamic provisioning | `nil` | ### Common parameters -| Parameter | Description | Default | -|---------------------------------------------|-----------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------| -| `image.registry` | Ghost image registry | `docker.io` | -| `image.repository` | Ghost Image name | `bitnami/ghost` | -| `image.tag` | Ghost Image tag | `{TAG_NAME}` | -| `image.pullPolicy` | Ghost image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `nameOverride` | String to partially override common.names.fullname template | `nil` | -| `fullnameOverride` | String to fully override common.names.fullname template | `nil` | -| `commonLabels` | Labels to add to all deployed objects | `nil` | -| `commonAnnotations` | Annotations to add to all deployed objects | `[]` | -| `extraDeploy` | Array of extra objects to deploy with the release (evaluated as a template). | `nil` | +| Parameter | Description | Default | +|---------------------|------------------------------------------------------------------------------|---------------------------------------------------------| +| `image.registry` | Ghost image registry | `docker.io` | +| `image.repository` | Ghost Image name | `bitnami/ghost` | +| `image.tag` | Ghost Image tag | `{TAG_NAME}` | +| `image.pullPolicy` | Ghost image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `nameOverride` | String to partially override common.names.fullname template | `nil` | +| `fullnameOverride` | String to fully override common.names.fullname template | `nil` | +| `commonLabels` | Labels to add to all deployed objects | `nil` | +| `commonAnnotations` | Annotations to add to all deployed objects | `[]` | +| `extraDeploy` | Array of extra objects to deploy with the release (evaluated as a template). | `nil` | ### Ghost parameters -| Parameter | Description | Default | -|---------------------------------------------|-----------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------| -| `affinity` | Map of node/pod affinities | `{}` | -| `allowEmptyPassword` | Allow DB blank passwords | true | -| `args` | Override default container args (useful when using custom images) | `nil` | -| `command` | Override default container command (useful when using custom images) | `nil` | -| `containerPorts.http` | Sets http port inside Ghost container | `8080` | -| `containerPorts.https` | Sets https port inside Ghost container | `8443` | -| `livenessProbe.enabled` | Would you like a livenessProbe to be enabled | `true` | -| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | 120 | -| `livenessProbe.periodSeconds` | How often to perform the probe | 3 | -| `livenessProbe.timeoutSeconds` | When the probe times out | 5 | -| `livenessProbe.failureThreshold` | Minimum consecutive failures to be considered failed | 6 | -| `livenessProbe.successThreshold` | Minimum consecutive successes to be considered successful | 1 | -| `readinessProbe.enabled` | Would you like a readinessProbe to be enabled | `true` | -| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | 30 | -| `readinessProbe.periodSeconds` | How often to perform the probe | 3 | -| `readinessProbe.timeoutSeconds` | When the probe times out | 5 | -| `readinessProbe.failureThreshold` | Minimum consecutive failures to be considered failed | 6 | -| `readinessProbe.successThreshold` | Minimum consecutive successes to be considered successful | 1 | -| `podSecurityContext.enabled` | Enable security context | `true` | -| `podSecurityContext.fsGroup` | Group ID for the container | `1001` | -| `podSecurityContext.runAsUser` | User ID for the container | `1001` | -| `containerSecurityContext.enabled` | Enable Ghost containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Ghost containers' Security Context | `1001` | -| `containerSecurityContext.runAsNonRoot` | Ghost containers' Security Context Non Root | `true` | -| `customLivenessProbe` | Override default liveness probe | `nil` | -| `customReadinessProbe` | Override default readiness probe | `nil` | -| `existingSecret` | Name of a secret with the application password | `nil` | -| `extraEnvVarsConfigMap` | ConfigMap containing extra env vars | `nil` | -| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `nil` | -| `extraEnvVars` | Extra environment variables | `nil` | -| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `nil` | -| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `nil` | -| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `nil` | -| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `` | -| `ghostHost` | Ghost host to create application URLs | `nil` | -| `ghostPort` | Ghost port to use in application URLs (defaults to `service.port` if `nil`) | `nil` | -| `ghostProtocol` | Protocol (http or https) to use in the application URLs | `http` | -| `ghostPath` | Ghost path to create application URLs | `nil` | -| `ghostUsername` | User of the application | `user@example.com` | -| `ghostPassword` | Application password | Randomly generated | -| `ghostEmail` | Admin email | `user@example.com` | -| `ghostBlogTitle` | Ghost Blog name | `User's Blog` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `nodeSelector` | Node labels for pod assignment | `{}` (The value is evaluated as a template) | -| `persistence.accessMode` | PVC Access Mode for Ghost volume | `ReadWriteOnce` | -| `persistence.enabled` | Enable persistence using PVC | `true` | -| `persistence.existingClaim` | An Existing PVC name | `nil` | -| `persistence.path` | Host mount path for Ghost volume | `nil` (will not mount to a host path) | -| `persistence.size` | PVC Storage Request for Ghost volume | `8Gi` | -| `persistence.storageClass` | PVC Storage Class for Ghost volume | `nil` (uses alpha storage class annotation) | -| `podAnnotations` | Pod annotations | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `podLabels` | Add additional labels to the pod (evaluated as a template) | `nil` | -| `podSecurityContext.enabled` | Enable Ghost pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Ghost pods' group ID | `1001` | -| `priorityClassName` | Define the priority class name to use for the ghost pods here. | `""` | -| `replicaCount` | Number of Ghost Pods to run | `1` | -| `resources` | CPU/Memory resource requests/limits | Memory: `512Mi`, CPU: `300m` | -| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `nil` | -| `smtpHost` | SMTP host | `nil` | -| `smtpPort` | SMTP port | `nil` | -| `smtpUser` | SMTP user | `nil` | -| `smtpPassword` | SMTP password | `nil` | -| `smtpFromAddress` | SMTP from address | `nil` | -| `smtpService` | SMTP service | `nil` | -| `tolerations` | Tolerations for pod assignment | `[]` (The value is evaluated as a template) | -| `updateStrategy` | Deployment update strategy | `nil` | +| Parameter | Description | Default | +|-----------------------------------------|-----------------------------------------------------------------------------------------------------------------------|---------------------------------------------| +| `affinity` | Map of node/pod affinities | `{}` | +| `allowEmptyPassword` | Allow DB blank passwords | true | +| `args` | Override default container args (useful when using custom images) | `nil` | +| `command` | Override default container command (useful when using custom images) | `nil` | +| `containerPorts.http` | Sets http port inside Ghost container | `8080` | +| `containerPorts.https` | Sets https port inside Ghost container | `8443` | +| `livenessProbe.enabled` | Would you like a livenessProbe to be enabled | `true` | +| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | 120 | +| `livenessProbe.periodSeconds` | How often to perform the probe | 3 | +| `livenessProbe.timeoutSeconds` | When the probe times out | 5 | +| `livenessProbe.failureThreshold` | Minimum consecutive failures to be considered failed | 6 | +| `livenessProbe.successThreshold` | Minimum consecutive successes to be considered successful | 1 | +| `readinessProbe.enabled` | Would you like a readinessProbe to be enabled | `true` | +| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | 30 | +| `readinessProbe.periodSeconds` | How often to perform the probe | 3 | +| `readinessProbe.timeoutSeconds` | When the probe times out | 5 | +| `readinessProbe.failureThreshold` | Minimum consecutive failures to be considered failed | 6 | +| `readinessProbe.successThreshold` | Minimum consecutive successes to be considered successful | 1 | +| `podSecurityContext.enabled` | Enable security context | `true` | +| `podSecurityContext.fsGroup` | Group ID for the container | `1001` | +| `podSecurityContext.runAsUser` | User ID for the container | `1001` | +| `containerSecurityContext.enabled` | Enable Ghost containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Ghost containers' Security Context | `1001` | +| `containerSecurityContext.runAsNonRoot` | Ghost containers' Security Context Non Root | `true` | +| `customLivenessProbe` | Override default liveness probe | `nil` | +| `customReadinessProbe` | Override default readiness probe | `nil` | +| `existingSecret` | Name of a secret with the application password | `nil` | +| `extraEnvVarsConfigMap` | ConfigMap containing extra env vars | `nil` | +| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `nil` | +| `extraEnvVars` | Extra environment variables | `nil` | +| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `nil` | +| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `nil` | +| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `nil` | +| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `` | +| `ghostHost` | Ghost host to create application URLs | `nil` | +| `ghostPort` | Ghost port to use in application URLs (defaults to `service.port` if `nil`) | `nil` | +| `ghostProtocol` | Protocol (http or https) to use in the application URLs | `http` | +| `ghostPath` | Ghost path to create application URLs | `nil` | +| `ghostUsername` | User of the application | `user@example.com` | +| `ghostPassword` | Application password | Randomly generated | +| `ghostEmail` | Admin email | `user@example.com` | +| `ghostBlogTitle` | Ghost Blog name | `User's Blog` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `nodeSelector` | Node labels for pod assignment | `{}` (The value is evaluated as a template) | +| `persistence.accessMode` | PVC Access Mode for Ghost volume | `ReadWriteOnce` | +| `persistence.enabled` | Enable persistence using PVC | `true` | +| `persistence.existingClaim` | An Existing PVC name | `nil` | +| `persistence.path` | Host mount path for Ghost volume | `nil` (will not mount to a host path) | +| `persistence.size` | PVC Storage Request for Ghost volume | `8Gi` | +| `persistence.storageClass` | PVC Storage Class for Ghost volume | `nil` (uses alpha storage class annotation) | +| `podAnnotations` | Pod annotations | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `podLabels` | Add additional labels to the pod (evaluated as a template) | `nil` | +| `podSecurityContext.enabled` | Enable Ghost pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Ghost pods' group ID | `1001` | +| `priorityClassName` | Define the priority class name to use for the ghost pods here. | `""` | +| `replicaCount` | Number of Ghost Pods to run | `1` | +| `resources` | CPU/Memory resource requests/limits | Memory: `512Mi`, CPU: `300m` | +| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `nil` | +| `smtpHost` | SMTP host | `nil` | +| `smtpPort` | SMTP port | `nil` | +| `smtpUser` | SMTP user | `nil` | +| `smtpPassword` | SMTP password | `nil` | +| `smtpFromAddress` | SMTP from address | `nil` | +| `smtpService` | SMTP service | `nil` | +| `tolerations` | Tolerations for pod assignment | `[]` (The value is evaluated as a template) | +| `updateStrategy` | Deployment update strategy | `nil` | ### Traffic Exposure Parameters -| Parameter | Description | Default | -|---------------------------------------------|-----------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------| -| `service.type` | Kubernetes Service type | `LoadBalancer` | -| `service.port` | Service HTTP port | `80` | -| `service.nodePorts.http` | Kubernetes http node port | `""` | -| `service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `service.loadBalancerIP` | LoadBalancerIP for the Ghost service | `` | -| `service.annotations` | Service annotations. Evaluated as a template | `{}` | -| `service.extraPorts` | Service extra ports, normally used with the `sidecar` value. Evaluated as a template | `[]` | -| `ingress.enabled` | Enable ingress controller resource | `false` | -| `ingress.annotations` | Ingress annotations. Evaluated as a template | `{}` | -| `ingress.certManager` | Add annotations for cert-manager | `false` | -| `ingress.hosts[0].name` | Hostname to your Ghost installation | `ghost.local` | -| `ingress.hosts[0].path` | Path within the url structure | `/` | -| `ingress.hosts[0].tls` | Utilize TLS backend in ingress | `false` | -| `ingress.hosts[0].tlsHosts` | Array of TLS hosts for ingress record (defaults to `ingress.hosts[0].name` if `nil`) | `nil` | -| `ingress.hosts[0].tlsSecret` | TLS Secret (certificates) | `ghost.local-tls-secret` | -| `ingress.secrets[0].name` | TLS Secret Name | `nil` | -| `ingress.secrets[0].certificate` | TLS Secret Certificate | `nil` | -| `ingress.secrets[0].key` | TLS Secret Key | `nil` | +| Parameter | Description | Default | +|----------------------------------|--------------------------------------------------------------------------------------|--------------------------------| +| `service.type` | Kubernetes Service type | `LoadBalancer` | +| `service.port` | Service HTTP port | `80` | +| `service.nodePorts.http` | Kubernetes http node port | `""` | +| `service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | +| `service.loadBalancerIP` | LoadBalancerIP for the Ghost service | `` | +| `service.annotations` | Service annotations. Evaluated as a template | `{}` | +| `service.extraPorts` | Service extra ports, normally used with the `sidecar` value. Evaluated as a template | `[]` | +| `ingress.enabled` | Enable ingress controller resource | `false` | +| `ingress.certManager` | Add annotations for cert-manager | `false` | +| `ingress.hostname` | Default host for the ingress resource | `ghost.local` | +| `ingress.path` | Default path for the ingress resource | `/` | +| `ingress.tls` | Create TLS Secret | `false` | +| `ingress.annotations` | Ingress annotations | `[]` (evaluated as a template) | +| `ingress.extraHosts[0].name` | Additional hostnames to be covered | `nil` | +| `ingress.extraHosts[0].path` | Additional hostnames to be covered | `nil` | +| `ingress.extraPaths` | Additional arbitrary path/backend objects | `nil` | +| `ingress.extraTls[0].hosts[0]` | TLS configuration for additional hostnames to be covered | `nil` | +| `ingress.extraTls[0].secretName` | TLS configuration for additional hostnames to be covered | `nil` | +| `ingress.secrets[0].name` | TLS Secret Name | `nil` | +| `ingress.secrets[0].certificate` | TLS Secret Certificate | `nil` | +| `ingress.secrets[0].key` | TLS Secret Key | `nil` | ### Database parameters -| Parameter | Description | Default | -|---------------------------------------------|-----------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------| -| `mariadb.enabled` | Whether to use the MariaDB chart | `true` | -| `mariadb.architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` | -| `mariadb.auth.rootPassword` | Password for the MariaDB `root` user | _random 10 character alphanumeric string_ | -| `mariadb.auth.database` | Database name to create | `bitnami_ghost` | -| `mariadb.auth.username` | Database user to create | `bn_ghost` | -| `mariadb.auth.password` | Password for the database | _random 10 character long alphanumeric string_ | -| `mariadb.primary.persistence.enabled` | Enable database persistence using PVC | `true` | -| `mariadb.primary.persistence.existingClaim` | Name of an existing `PersistentVolumeClaim` for MariaDB primary replicas | `nil` | -| `mariadb.primary.persistence.accessMode` | Database Persistent Volume Access Modes | `[ReadWriteOnce]` | -| `mariadb.primary.persistence.size` | Database Persistent Volume Size | `8Gi` | -| `mariadb.primary.persistence.storageClass` | MariaDB primary persistent volume storage Class | `nil` (uses alpha storage class annotation) | -| `mariadb.primary.persistence.hostPath` | Host mount path for MariaDB volume | `nil` (will not mount to a host path) | -| `externalDatabase.user` | Existing username in the external db | `bn_ghost` | -| `externalDatabase.password` | Password for the above username | `nil` | -| `externalDatabase.existingSecret` | Name of an existing secret resource containing the DB password in a 'mariadb-password' key | `nil` | -| `externalDatabase.database` | Name of the existing database | `bitnami_ghost` | -| `externalDatabase.host` | Host of the existing database | `nil` | -| `externalDatabase.port` | Port of the existing database | `3306` | +| Parameter | Description | Default | +|---------------------------------------------|--------------------------------------------------------------------------------------------|------------------------------------------------| +| `mariadb.enabled` | Whether to use the MariaDB chart | `true` | +| `mariadb.architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` | +| `mariadb.auth.rootPassword` | Password for the MariaDB `root` user | _random 10 character alphanumeric string_ | +| `mariadb.auth.database` | Database name to create | `bitnami_ghost` | +| `mariadb.auth.username` | Database user to create | `bn_ghost` | +| `mariadb.auth.password` | Password for the database | _random 10 character long alphanumeric string_ | +| `mariadb.primary.persistence.enabled` | Enable database persistence using PVC | `true` | +| `mariadb.primary.persistence.existingClaim` | Name of an existing `PersistentVolumeClaim` for MariaDB primary replicas | `nil` | +| `mariadb.primary.persistence.accessMode` | Database Persistent Volume Access Modes | `[ReadWriteOnce]` | +| `mariadb.primary.persistence.size` | Database Persistent Volume Size | `8Gi` | +| `mariadb.primary.persistence.storageClass` | MariaDB primary persistent volume storage Class | `nil` (uses alpha storage class annotation) | +| `mariadb.primary.persistence.hostPath` | Host mount path for MariaDB volume | `nil` (will not mount to a host path) | +| `externalDatabase.user` | Existing username in the external db | `bn_ghost` | +| `externalDatabase.password` | Password for the above username | `nil` | +| `externalDatabase.existingSecret` | Name of an existing secret resource containing the DB password in a 'mariadb-password' key | `nil` | +| `externalDatabase.database` | Name of the existing database | `bitnami_ghost` | +| `externalDatabase.host` | Host of the existing database | `nil` | +| `externalDatabase.port` | Port of the existing database | `3306` | ### Volume Permissions parameters -| Parameter | Description | Default | -|---------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------| -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/minideb` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `buster` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `Always` | -| `volumePermissions.resources` | Init container resource requests/limit | `nil` | +| Parameter | Description | Default | +|---------------------------------------|-----------------------------------------------------|---------------------------------------------------------| +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | +| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/minideb` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `buster` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `Always` | +| `volumePermissions.resources` | Init container resource requests/limit | `nil` | The above parameters map to the env variables defined in [bitnami/ghost](http://github.com/bitnami/bitnami-docker-ghost). For more information please refer to the [bitnami/ghost](http://github.com/bitnami/bitnami-docker-ghost) image documentation. @@ -279,6 +282,10 @@ Find more information about how to deal with common errors related to Bitnami’ ## Upgrading +### To 12.0.0 + +This version standardizes the way of defining Ingress rules. When configuring a single hostname for the Ingress rule, set the `ingress.hostname` value. When defining more than one, set the `ingress.extraHosts` array. Apart from this case, no issues are expected to appear when upgrading. + ### To 11.0.0 In this major there were two main changes introduced: diff --git a/bitnami/ghost/templates/ingress.yaml b/bitnami/ghost/templates/ingress.yaml index f160a6aee4..61ab1919c9 100644 --- a/bitnami/ghost/templates/ingress.yaml +++ b/bitnami/ghost/templates/ingress.yaml @@ -20,27 +20,38 @@ metadata: {{- end }} spec: rules: - {{- range .Values.ingress.hosts }} - - host: {{ .name }} + {{- if .Values.ingress.hostname }} + - host: {{ .Values.ingress.hostname }} + http: + paths: + {{- if .Values.ingress.extraPaths }} + {{- toYaml .Values.ingress.extraPaths | nindent 10 }} + {{- end }} + - path: {{ .Values.ingress.path }} + {{- if eq "true" (include "common.ingress.supportsPathType" .) }} + pathType: {{ .Values.ingress.pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- range .Values.ingress.extraHosts }} + - host: {{ .name | quote }} http: paths: - path: {{ default "/" .path }} - backend: - serviceName: "{{ include "common.names.fullname" $ }}" - servicePort: http - {{- end }} + {{- if eq "true" (include "common.ingress.supportsPathType" $) }} + pathType: {{ default "ImplementationSpecific" .pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- if or .Values.ingress.tls .Values.ingress.extraTls }} tls: - {{- range .Values.ingress.hosts }} - {{- if .tls }} + {{- if .Values.ingress.tls }} - hosts: - {{- if .tlsHosts }} - {{- range $host := .tlsHosts }} - - {{ $host }} - {{- end }} - {{- else }} - - {{ .name }} - {{- end }} - secretName: {{ default (printf "%s-tls" .name) .tlsSecret }} + - {{ .Values.ingress.hostname }} + secretName: {{ printf "%s-tls" .Values.ingress.hostname }} + {{- end }} + {{- if .Values.ingress.extraTls }} + {{- include "common.tplvalues.render" ( dict "value" .Values.ingress.extraTls "context" $ ) | nindent 4 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/ghost/values.yaml b/bitnami/ghost/values.yaml index 4f7dc2d1d9..c1cd052eb2 100644 --- a/bitnami/ghost/values.yaml +++ b/bitnami/ghost/values.yaml @@ -27,7 +27,12 @@ image: # pullSecrets: # - myRegistryKeySecretName +## Force target Kubernetes version (using Helm capabilites if not set) +## +kubeVersion: + ## Number of ghost replicas to deploy +## replicaCount: 1 ## Command and args for running the Ghost container (set to default if not set). Use array form @@ -107,6 +112,7 @@ ghostBlogTitle: User's Blog ## Set to `true` to allow the container to be started with blank passwords ## ref: https://github.com/bitnami/bitnami-docker-ghost#environment-variables +## allowEmptyPassword: true ## SMTP mail delivery configuration @@ -162,18 +168,23 @@ externalDatabase: # existingSecret: ## Database host + ## host: localhost ## non-root Username for Ghost Database + ## user: bn_ghost ## Database password + ## password: "" ## Database name + ## database: bitnami_ghost ## Database port number + ## port: 3306 ## @@ -236,6 +247,7 @@ service: type: LoadBalancer ## HTTP Port + ## port: 80 ## Extra ports to expose (normally used with the `sidecar` value) @@ -250,6 +262,7 @@ service: ## nodePorts: ## http: + ## nodePorts: http: "" @@ -325,40 +338,68 @@ resources: ## ingress: ## Set to true to enable ingress record generation + ## enabled: false ## Set this to true in order to add the corresponding annotations for cert-manager + ## certManager: false - ## Ingress annotations. Evaluated as a template. + ## Ingress Path type + ## + pathType: ImplementationSpecific + + ## Override API Version (automatically detected if not set) + ## + apiVersion: + + ## When the ingress is enabled, a host pointing to this will be created + ## + hostname: ghost.local + + ## The Path to Ghost. You may need to set this to '/*' in order to use this + ## with ALB ingress controllers. + ## + path: / + + ## Ingress annotations done as key:value pairs ## For a full list of possible ingress annotations, please see ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md ## - ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set ## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set + ## annotations: {} - # kubernetes.io/ingress.class: nginx - ## The list of hostnames to be covered with this ingress record. - ## Most likely this will be just one host, but in the event more hosts are needed, this is an array - hosts: - - name: ghost.local - path: / + ## Enable TLS configuration for the hostname defined at ingress.hostname parameter + ## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.ingress.hostname }} + ## You can use the ingress.secrets parameter to create this TLS secret or relay on cert-manager to create it + ## + tls: false - ## Set this to true in order to enable TLS on the ingress record - tls: false + ## The list of additional hostnames to be covered with this ingress record. + ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array + ## extraHosts: + ## - name: ghost.local + ## path: / + ## - ## Optionally specify the TLS hosts for the ingress record - ## Useful when the Ingress controller supports www-redirection - ## If not specified, the above host name will be used - # tlsHosts: - # - www.ghost.local - # - ghost.local + ## Any additional arbitrary paths that may need to be added to the ingress under the main host. + ## For example: The ALB ingress controller requires a special rule for handling SSL redirection. + ## extraPaths: + ## - path: /* + ## backend: + ## serviceName: ssl-redirect + ## servicePort: use-annotation + ## - ## If TLS is set to true, you must declare what secret will store the key/certificate for TLS - tlsSecret: ghost.local-tls + ## The tls configuration for additional hostnames to be covered with this ingress record. + ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls + ## extraTls: + ## - hosts: + ## - ghost.local + ## secretName: ghost.local-tls + ## - secrets: ## If you're providing your own certificates, please use this to add the certificates as secrets ## key and certificate should start with -----BEGIN CERTIFICATE----- or ## -----BEGIN RSA PRIVATE KEY----- @@ -368,9 +409,12 @@ ingress: ## ## It is also possible to create and manage the certificates outside of this helm chart ## Please see README.md for more information - # - name: ghost.local-tls - # key: - # certificate: + ## + secrets: [] + ## - name: ghost.local-tls + ## key: + ## certificate: + ## ## Pod affinity preset ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity @@ -391,6 +435,7 @@ podAntiAffinityPreset: soft nodeAffinityPreset: ## Node affinity type ## Allowed values: soft, hard + ## type: "" ## Node label key to match ## E.g. @@ -461,6 +506,7 @@ extraDeploy: [] ## ports: ## - name: portname ## containerPort: 1234 +## sidecars: {} ## Add init containers to the pod