mirror of
https://github.com/bitnami/charts.git
synced 2026-03-14 06:47:28 +08:00
74786823f7
* [bitnami/kubeapps] Chart standardised Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Update deps Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Fix linting Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Regenerate README Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Fix Notes.txt Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * dep update Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Add missing values, deprecate ingress.certManager Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Change probes Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Update bitnami/kubeapps/templates/frontend/configmap.yaml Signed-off-by: Miguel Ruiz <miruiz@vmware.com> Co-authored-by: Fran Mulero <fmulero@vmware.com> * Update bitnami/kubeapps/templates/frontend/configmap.yaml Signed-off-by: Miguel Ruiz <miruiz@vmware.com> Co-authored-by: Fran Mulero <fmulero@vmware.com> * Update bitnami/kubeapps/templates/_helpers.tpl Signed-off-by: Miguel Ruiz <miruiz@vmware.com> Co-authored-by: Fran Mulero <fmulero@vmware.com> * Update bitnami/kubeapps/templates/_helpers.tpl Signed-off-by: Miguel Ruiz <miruiz@vmware.com> Co-authored-by: Fran Mulero <fmulero@vmware.com> * Update bitnami/kubeapps/templates/kubeops/deployment.yaml Signed-off-by: Miguel Ruiz <miruiz@vmware.com> Co-authored-by: Fran Mulero <fmulero@vmware.com> * Update bitnami/kubeapps/templates/kubeops/deployment.yaml Signed-off-by: Miguel Ruiz <miruiz@vmware.com> Co-authored-by: Fran Mulero <fmulero@vmware.com> * Drop diagnosticMode command for scratch images Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Helm dep update Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Add frontend missing values Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Apply suggestions and fixes Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Update postgresql values Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Fix rbac issue Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Standardize extraEnvVarsSecret and extraEnvVarsCM Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Minor changes Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Quote values Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Implement skipAvailablePackageDetails Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Add README upgrading notes Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Apply Upgrading notes suggestions Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * [bitnami/kubeapps] Update components versions Signed-off-by: Bitnami Containers <containers@bitnami.com> Co-authored-by: Fran Mulero <fmulero@vmware.com> Co-authored-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> Co-authored-by: Bitnami Containers <containers@bitnami.com>
291 lines
16 KiB
YAML
291 lines
16 KiB
YAML
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ template "common.names.fullname" . }}
|
|
namespace: {{ .Release.Namespace | quote }}
|
|
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
|
app.kubernetes.io/component: frontend
|
|
{{- if .Values.commonLabels }}
|
|
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" . ) | nindent 4 }}
|
|
{{- end }}
|
|
{{- if .Values.commonAnnotations }}
|
|
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
|
{{- end }}
|
|
spec:
|
|
replicas: {{ .Values.frontend.replicaCount }}
|
|
{{- if .Values.frontend.updateStrategy }}
|
|
strategy: {{- toYaml .Values.frontend.updateStrategy | nindent 4 }}
|
|
{{- end }}
|
|
selector:
|
|
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
|
|
app.kubernetes.io/component: frontend
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
checksum/config: {{ include (print $.Template.BasePath "/frontend/configmap.yaml") . | sha256sum }}
|
|
{{- if .Values.frontend.podAnnotations }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.frontend.podAnnotations "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
labels: {{- include "common.labels.standard" . | nindent 8 }}
|
|
app.kubernetes.io/component: frontend
|
|
{{- if .Values.frontend.podLabels }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.frontend.podLabels "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
spec:
|
|
{{- include "kubeapps.imagePullSecrets" . | indent 6 }}
|
|
{{- if .Values.frontend.hostAliases }}
|
|
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.hostAliases "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.frontend.affinity }}
|
|
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.affinity "context" $) | nindent 8 }}
|
|
{{- else }}
|
|
affinity:
|
|
podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.frontend.podAffinityPreset "component" "frontend" "context" $) | nindent 10 }}
|
|
podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.frontend.podAntiAffinityPreset "component" "frontend" "context" $) | nindent 10 }}
|
|
nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.frontend.nodeAffinityPreset.type "key" .Values.frontend.nodeAffinityPreset.key "values" .Values.frontend.nodeAffinityPreset.values) | nindent 10 }}
|
|
{{- end }}
|
|
{{- if .Values.frontend.schedulerName }}
|
|
schedulerName: {{ .Values.frontend.schedulerName }}
|
|
{{- end }}
|
|
{{- if .Values.frontend.topologySpreadConstraints }}
|
|
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.topologySpreadConstraints "context" .) | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.frontend.nodeSelector }}
|
|
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.nodeSelector "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.frontend.tolerations }}
|
|
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.tolerations "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.frontend.priorityClassName }}
|
|
priorityClassName: {{ .Values.frontend.priorityClassName | quote }}
|
|
{{- end }}
|
|
{{- if .Values.frontend.podSecurityContext.enabled }}
|
|
securityContext: {{- omit .Values.frontend.podSecurityContext "enabled" | toYaml | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.frontend.initContainers }}
|
|
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.initContainers "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
containers:
|
|
- name: nginx
|
|
image: {{ include "kubeapps.frontend.image" . }}
|
|
imagePullPolicy: {{ .Values.frontend.image.pullPolicy | quote }}
|
|
{{- if .Values.frontend.containerSecurityContext.enabled }}
|
|
securityContext: {{- omit .Values.frontend.containerSecurityContext "enabled" | toYaml | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.diagnosticMode.enabled }}
|
|
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
|
|
{{- else if .Values.frontend.command }}
|
|
command: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.command "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.diagnosticMode.enabled }}
|
|
args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
|
|
{{- else if .Values.frontend.args }}
|
|
args: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.args "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.frontend.lifecycleHooks }}
|
|
lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.lifecycleHooks "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
env:
|
|
- name: BITNAMI_DEBUG
|
|
value: {{ ternary "true" "false" .Values.frontend.image.debug | quote }}
|
|
{{- if .Values.frontend.extraEnvVars }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.frontend.extraEnvVars "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
envFrom:
|
|
{{- if .Values.frontend.extraEnvVarsCM }}
|
|
- configMapRef:
|
|
name: {{ include "common.tplvalues.render" (dict "value" .Values.frontend.extraEnvVarsCM "context" $) }}
|
|
{{- end }}
|
|
{{- if .Values.frontend.extraEnvVarsSecret }}
|
|
- secretRef:
|
|
name: {{ include "common.tplvalues.render" (dict "value" .Values.frontend.extraEnvVarsSecret "context" $) }}
|
|
{{- end }}
|
|
ports:
|
|
- name: http
|
|
containerPort: {{ .Values.frontend.containerPorts.http }}
|
|
{{- if not .Values.diagnosticMode.enabled }}
|
|
{{- if .Values.frontend.livenessProbe.enabled }}
|
|
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.frontend.livenessProbe "enabled") "context" $) | nindent 12 }}
|
|
httpGet:
|
|
path: /healthz
|
|
port: http
|
|
{{- else if .Values.frontend.customLivenessProbe }}
|
|
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.customLivenessProbe "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.frontend.readinessProbe.enabled }}
|
|
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.frontend.readinessProbe "enabled") "context" $) | nindent 12 }}
|
|
httpGet:
|
|
path: /
|
|
port: http
|
|
{{- else if .Values.frontend.customReadinessProbe }}
|
|
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.customReadinessProbe "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.frontend.startupProbe.enabled }}
|
|
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.frontend.startupProbe "enabled") "context" $) | nindent 12 }}
|
|
tcpSocket:
|
|
port: http
|
|
{{- else if .Values.frontend.customStartupProbe }}
|
|
startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.customStartupProbe "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.frontend.resources }}
|
|
resources: {{- toYaml .Values.frontend.resources | nindent 12 }}
|
|
{{- end }}
|
|
volumeMounts:
|
|
- name: vhost
|
|
mountPath: /opt/bitnami/nginx/conf/server_blocks
|
|
{{- if .Values.frontend.extraVolumeMounts }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.frontend.extraVolumeMounts "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
{{- if and .Values.authProxy.enabled (not .Values.authProxy.external) }}
|
|
- name: auth-proxy
|
|
image: {{ include "kubeapps.authProxy.image" . }}
|
|
imagePullPolicy: {{ .Values.authProxy.image.pullPolicy | quote }}
|
|
{{- if .Values.authProxy.containerSecurityContext.enabled }}
|
|
securityContext: {{- omit .Values.authProxy.containerSecurityContext "enabled" | toYaml | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.authProxy.lifecycleHooks }}
|
|
lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.authProxy.lifecycleHooks "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.diagnosticMode.enabled }}
|
|
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
|
|
{{- else if .Values.authProxy.command }}
|
|
command: {{- include "common.tplvalues.render" (dict "value" .Values.authProxy.command "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.diagnosticMode.enabled }}
|
|
args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
|
|
{{- else if .Values.authProxy.args }}
|
|
args: {{- include "common.tplvalues.render" (dict "value" .Values.authProxy.args "context" $) | nindent 12 }}
|
|
{{- else }}
|
|
args:
|
|
- --provider={{ required "You must fill \".Values.authProxy.provider\" with the provider. Valid values at https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/overview" .Values.authProxy.provider }}
|
|
- --upstream=http://localhost:{{ .Values.frontend.containerPorts.http }}/
|
|
- --http-address=0.0.0.0:{{ .Values.authProxy.containerPorts.proxy }}
|
|
- --email-domain={{ .Values.authProxy.emailDomain }}
|
|
- --pass-basic-auth=false
|
|
- --pass-access-token=true
|
|
- --pass-authorization-header=true
|
|
- --skip-auth-regex=^\/config\.json$
|
|
- --skip-auth-regex=^\/manifest\.json$
|
|
- --skip-auth-regex=^\/custom_style\.css$
|
|
- --skip-auth-regex=^\/clr-ui.min\.css$
|
|
- --skip-auth-regex=^\/clr-ui-dark.min\.css$
|
|
- --skip-auth-regex=^\/custom_locale\.json$
|
|
- --skip-auth-regex=^\/favicon.*\.png$
|
|
- --skip-auth-regex=^\/favicon.*\.ico$
|
|
- --skip-auth-regex=^\/static\/
|
|
- --skip-auth-regex=^\/$
|
|
- --scope={{ .Values.authProxy.scope }}
|
|
- --cookie-refresh={{ .Values.authProxy.cookieRefresh }}
|
|
{{- range .Values.authProxy.extraFlags }}
|
|
- {{ . }}
|
|
{{- end }}
|
|
{{- end }}
|
|
env:
|
|
- name: OAUTH2_PROXY_CLIENT_ID
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ template "kubeapps.oauth2_proxy-secret.name" . }}
|
|
key: clientID
|
|
- name: OAUTH2_PROXY_CLIENT_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ template "kubeapps.oauth2_proxy-secret.name" . }}
|
|
key: clientSecret
|
|
- name: OAUTH2_PROXY_COOKIE_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ template "kubeapps.oauth2_proxy-secret.name" . }}
|
|
key: cookieSecret
|
|
{{- if .Values.authProxy.extraEnvVars }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.authProxy.extraEnvVars "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
envFrom:
|
|
{{- if .Values.authProxy.extraEnvVarsCM }}
|
|
- configMapRef:
|
|
name: {{ include "common.tplvalues.render" (dict "value" .Values.authProxy.extraEnvVarsCM "context" $) }}
|
|
{{- end }}
|
|
{{- if .Values.authProxy.extraEnvVarsSecret }}
|
|
- secretRef:
|
|
name: {{ include "common.tplvalues.render" (dict "value" .Values.authProxy.extraEnvVarsSecret "context" $) }}
|
|
{{- end }}
|
|
ports:
|
|
- name: proxy
|
|
containerPort: {{ .Values.authProxy.containerPorts.proxy }}
|
|
{{- if .Values.authProxy.resources }}
|
|
resources: {{- toYaml .Values.authProxy.resources | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.authProxy.extraVolumeMounts }}
|
|
volumeMounts: {{- include "common.tplvalues.render" (dict "value" .Values.authProxy.extraVolumeMounts "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if and (gt (len .Values.clusters) 1) (not .Values.authProxy.enabled) }}
|
|
{{ fail "clusters can be configured only when using an auth proxy for cluster oidc authentication." }}
|
|
{{- end }}
|
|
{{- if .Values.pinnipedProxy.enabled }}
|
|
- name: pinniped-proxy
|
|
image: {{ include "kubeapps.pinnipedProxy.image" . }}
|
|
imagePullPolicy: {{ .Values.pinnipedProxy.image.pullPolicy | quote }}
|
|
{{- if .Values.pinnipedProxy.containerSecurityContext.enabled }}
|
|
securityContext: {{- omit .Values.pinnipedProxy.containerSecurityContext "enabled" | toYaml | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.diagnosticMode.enabled }}
|
|
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
|
|
{{- else if .Values.pinnipedProxy.command }}
|
|
command: {{- include "common.tplvalues.render" (dict "value" .Values.pinnipedProxy.command "context" $) | nindent 12 }}
|
|
{{- else }}
|
|
command:
|
|
- pinniped-proxy
|
|
{{- end }}
|
|
{{- if .Values.diagnosticMode.enabled }}
|
|
args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
|
|
{{- else if .Values.pinnipedProxy.args }}
|
|
args: {{- include "common.tplvalues.render" (dict "value" .Values.pinnipedProxy.args "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.pinnipedProxy.lifecycleHooks }}
|
|
lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.pinnipedProxy.lifecycleHooks "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
env:
|
|
- name: DEFAULT_PINNIPED_NAMESPACE
|
|
value: {{ .Values.pinnipedProxy.defaultPinnipedNamespace | quote }}
|
|
- name: DEFAULT_PINNIPED_AUTHENTICATOR_TYPE
|
|
value: {{ .Values.pinnipedProxy.defaultAuthenticatorType | quote }}
|
|
- name: DEFAULT_PINNIPED_AUTHENTICATOR_NAME
|
|
value: {{ .Values.pinnipedProxy.defaultAuthenticatorName | quote }}
|
|
- name: DEFAULT_PINNIPED_API_SUFFIX
|
|
value: {{ .Values.pinnipedProxy.defaultPinnipedAPISuffix | quote }}
|
|
- name: RUST_LOG
|
|
value: info
|
|
{{- if .Values.pinnipedProxy.extraEnvVars }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.pinnipedProxy.extraEnvVars "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
envFrom:
|
|
{{- if .Values.pinnipedProxy.extraEnvVarsCM }}
|
|
- configMapRef:
|
|
name: {{ include "common.tplvalues.render" (dict "value" .Values.pinnipedProxy.extraEnvVarsCM "context" $) }}
|
|
{{- end }}
|
|
{{- if .Values.pinnipedProxy.extraEnvVarsSecret }}
|
|
- secretRef:
|
|
name: {{ include "common.tplvalues.render" (dict "value" .Values.pinnipedProxy.extraEnvVarsSecret "context" $) }}
|
|
{{- end }}
|
|
ports:
|
|
- name: pinniped-proxy
|
|
containerPort: {{ .Values.pinnipedProxy.containerPorts.pinnipedProxy }}
|
|
{{- if .Values.pinnipedProxy.resources }}
|
|
resources: {{- toYaml .Values.pinnipedProxy.resources | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.pinnipedProxy.extraVolumeMounts }}
|
|
volumeMounts: {{- include "common.tplvalues.render" (dict "value" .Values.pinnipedProxy.extraVolumeMounts "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.frontend.sidecars }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.frontend.sidecars "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
volumes:
|
|
- name: vhost
|
|
configMap:
|
|
name: {{ template "kubeapps.frontend-config.fullname" . }}
|
|
{{- if .Values.frontend.extraVolumes }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.frontend.extraVolumes "context" $) | nindent 8 }}
|
|
{{- end }}
|