├── .github
    ├── ISSUE_TEMPLATE.md
    ├── PULL_REQUEST_TEMPLATE.md
    ├── check-for-chart-changes.sh
    ├── config.yml
    ├── ct.yaml
    ├── deploy-chart.sh
    ├── kind-config.yaml
    ├── kubeval.sh
    ├── lint-scripts.sh
    ├── stale.yml
    └── workflows
    │   ├── ci.yaml
    │   └── deploy.yaml
├── .gitignore
├── LICENSE
├── README.md
└── charts
    ├── any-resource
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   └── any-resources.yaml
        └── values.yaml
    ├── ditto-digital-twins
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── nginx-config
        │   ├── index.html
        │   ├── nginx-cors.conf
        │   └── nginx.htpasswd
        ├── openapi
        │   ├── ditto-api-1.yml
        │   └── ditto-api-2.yml
        ├── requirements.yaml
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── concierge-deployment.yaml
        │   ├── concierge-networkpolicy.yaml
        │   ├── concierge-pdb.yaml
        │   ├── connectivity-deployment.yaml
        │   ├── connectivity-networkpolicy.yaml
        │   ├── connectivity-pdb.yaml
        │   ├── gateway-deployment.yaml
        │   ├── gateway-networkpolicy.yaml
        │   ├── gateway-pdb.yaml
        │   ├── gateway-secret.yaml
        │   ├── gateway-service.yaml
        │   ├── mongodb-secret.yaml
        │   ├── nginx-config.yaml
        │   ├── nginx-configmap.yaml
        │   ├── nginx-deployment.yaml
        │   ├── nginx-ingress.yaml
        │   ├── nginx-service.yaml
        │   ├── policies-deployment.yaml
        │   ├── policies-networkpolicy.yaml
        │   ├── policies-pdb.yaml
        │   ├── role.yaml
        │   ├── rolebinding.yaml
        │   ├── serviceaccount.yaml
        │   ├── swaggerui-config.yaml
        │   ├── swaggerui-deployment.yaml
        │   ├── swaggerui-networkpolicy.yaml
        │   ├── swaggerui-pdb.yaml
        │   ├── swaggerui-service.yaml
        │   ├── things-deployment.yaml
        │   ├── things-networkpolicy.yaml
        │   ├── things-pdb.yaml
        │   ├── thingssearch-deployment.yaml
        │   ├── thingssearch-networkpolicy.yaml
        │   └── thingssearch-pdb.yaml
        └── values.yaml
    ├── enmasse-crd
        ├── .helmignore
        ├── Chart.yaml
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── addressplans.crd.yaml
        │   ├── addressspaceplans.crd.yaml
        │   ├── authenticationservices.crd.yaml
        │   ├── brokeredinfraconfigs.crd.yaml
        │   ├── consoleservices.crd.yaml
        │   ├── iotconfigs.crd.yaml
        │   ├── iotprojects.crd.yaml
        │   └── standardinfraconfigs.crd.yaml
        └── values.yaml
    ├── enmasse
        ├── .helmignore
        ├── Chart.yaml
        ├── ci
        │   └── test-values.yaml
        ├── requirements.yaml
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── api-server-cert-secret.yaml
        │   ├── api-service-v1alpha1-enmasse-io.yaml
        │   ├── api-service-v1alpha1-user-enmasse-io.yaml
        │   ├── api-service-v1beta1-enmasse-io.yaml
        │   ├── api-service-v1beta1-user-enmasse-io.yaml
        │   ├── cluster-role-api-server.yaml
        │   ├── cluster-role-binding-api-server.yaml
        │   ├── cluster-role-binding-enmasse-operator.yaml
        │   ├── cluster-role-binding-standard-authservice.yaml
        │   ├── cluster-role-enmasse-operator.yaml
        │   ├── cluster-role-standard-authservice.yaml
        │   ├── deployment-address-space-controller.yaml
        │   ├── deployment-api-server.yaml
        │   ├── deployment-enmasse-operator.yaml
        │   ├── role-address-space-admin.yaml
        │   ├── role-address-space-controller.yaml
        │   ├── role-api-server.yaml
        │   ├── role-binding-address-space-admin.yaml
        │   ├── role-binding-address-space-controller.yaml
        │   ├── role-binding-api-server.yaml
        │   ├── role-binding-enmasse-operator.yaml
        │   ├── role-enmasse-operator.yaml
        │   ├── service-account-address-space-admin.yaml
        │   ├── service-account-address-space-controller.yaml
        │   ├── service-account-api-server.yaml
        │   ├── service-account-enmasse-operator.yaml
        │   ├── service-account-standard-authservice.yaml
        │   ├── service-address-space-controller.yaml
        │   └── service-api-server.yaml
        └── values.yaml
    ├── error-pages
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── deployment.yaml
        │   ├── ingress.yaml
        │   └── service.yaml
        └── values.yaml
    ├── fluentd-elasticsearch
        ├── Chart.yaml
        ├── OWNERS
        ├── README.md
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── clusterrole.yaml
        │   ├── clusterrolebinding.yaml
        │   ├── configmaps.yaml
        │   ├── daemonset.yaml
        │   ├── metrics-service.yaml
        │   ├── pod-security-policy.yaml
        │   ├── prometheusrule.yaml
        │   ├── role.yaml
        │   ├── rolebinding.yaml
        │   ├── service-account.yaml
        │   ├── service.yaml
        │   └── servicemonitor.yaml
        └── values.yaml
    ├── gcp-serviceaccount-controller
        ├── Chart.yaml
        ├── README.md
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── gcpnamespacerestriction_crd.yaml
        │   ├── gcpserviceaccount_crd.yaml
        │   ├── rbac_role.yaml
        │   ├── rbac_role_binding.yaml
        │   ├── secret.yaml
        │   ├── service.yaml
        │   └── stateful_set.yaml
        └── values.yaml
    ├── grafana-dashboards
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── dashboards
        │   └── grafana-dummy-dashboard.json
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   └── configmap.yaml
        └── values.yaml
    ├── graphite
        ├── .helmignore
        ├── Chart.yaml
        ├── OWNERS
        ├── README.md
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── configmap-statsd.yaml
        │   ├── configmap.yaml
        │   ├── ingress.yaml
        │   ├── pvc.yaml
        │   ├── role.yaml
        │   ├── rolebinding.yaml
        │   ├── service.yaml
        │   ├── serviceaccount.yaml
        │   └── statefulset.yaml
        └── values.yaml
    ├── hawkbit-update-server
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── requirements.yaml
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── configmap.yaml
        │   ├── deployment.yaml
        │   ├── ingress.yaml
        │   ├── poddisruptionbudget.yaml
        │   ├── secrets.yaml
        │   ├── service.yaml
        │   └── tests
        │   │   └── test-connection.yaml
        └── values.yaml
    ├── influxdb-backup
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── ci
        │   └── test-values.yaml
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── configmap.yaml
        │   ├── cronjob.yaml
        │   ├── pvc.yaml
        │   └── secrets.yaml
        └── values.yaml
    ├── ingress-annotator
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── configmap.yaml
        │   ├── deployment.yaml
        │   ├── rbac_role.yaml
        │   ├── rbac_role_binding.yaml
        │   └── serviceaccount.yaml
        └── values.yaml
    ├── keycloak-controller
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── configmap.yaml
        │   ├── deployment.yaml
        │   └── rbac
        │   │   ├── role.yaml
        │   │   ├── role_binding.yaml
        │   │   └── serviceaccount.yaml
        └── values.yaml
    ├── kubernetes-policy-controller
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── clusterrolebinding.yaml
        │   ├── deployment.yaml
        │   ├── matches-configmap.yaml
        │   ├── policymatches-configmap.yaml
        │   ├── role.yaml
        │   ├── rolebinding.yaml
        │   ├── service.yaml
        │   └── webhookconfiguration.yaml
        └── values.yaml
    ├── prometheus-pingdom-exporter
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── deployment.yaml
        │   ├── secret.yaml
        │   └── service.yaml
        └── values.yaml
    ├── prometheus-thanos
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── ci
        │   └── test-values.yaml
        ├── requirements.yaml
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── bucket-web
        │   │   ├── deployment.yaml
        │   │   ├── service.yaml
        │   │   └── serviceaccount.yaml
        │   ├── compactor
        │   │   ├── service.yaml
        │   │   ├── serviceaccount.yaml
        │   │   └── statefulset.yaml
        │   ├── querier
        │   │   ├── deployment-hpa.yaml
        │   │   ├── deployment.yaml
        │   │   ├── service.yaml
        │   │   └── serviceaccount.yaml
        │   ├── query-frontend
        │   │   ├── deployment-hpa.yaml
        │   │   ├── deployment.yaml
        │   │   ├── service.yaml
        │   │   └── serviceaccount.yaml
        │   ├── receiver
        │   │   ├── hashring-configmap.yaml
        │   │   ├── service.yaml
        │   │   ├── serviceaccount.yaml
        │   │   └── statefulset.yaml
        │   ├── ruler
        │   │   ├── clusterrole.yaml
        │   │   ├── clusterrolebinding.yaml
        │   │   ├── configmap.yaml
        │   │   ├── service.yaml
        │   │   ├── serviceaccount.yaml
        │   │   └── statefulset.yaml
        │   └── store-gateway
        │   │   ├── service.yaml
        │   │   ├── serviceaccount.yaml
        │   │   ├── statefulset-hpa.yaml
        │   │   └── statefulset.yaml
        └── values.yaml
    ├── pull-secret-distributor
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── cluster-role.yaml
        │   ├── cluster-rolebinding.yaml
        │   ├── deployment.yaml
        │   └── serviceaccount.yaml
        └── values.yaml
    ├── secret-replicator
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── cluster-role.yaml
        │   ├── cluster-rolebinding.yaml
        │   ├── deployment.yaml
        │   └── serviceaccount.yaml
        └── values.yaml
    ├── spring-cloud-config-server
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── deployment.yaml
        │   ├── ingress.yaml
        │   ├── secret.yaml
        │   └── service.yaml
        └── values.yaml
    ├── stackdriver-exporter
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── templates
        │   ├── NOTES.txt
        │   ├── _helpers.tpl
        │   ├── deployment.yaml
        │   ├── gcpserviceaccount.yaml
        │   └── secret.yaml
        └── values.yaml
    └── zipkin-stackdriver-proxy
        ├── .helmignore
        ├── Chart.yaml
        ├── README.md
        ├── templates
            ├── NOTES.txt
            ├── _helpers.tpl
            ├── deployment.yaml
            └── service.yaml
        └── values.yaml


/.github/ISSUE_TEMPLATE.md:
--------------------------------------------------------------------------------
 1 | <!-- Thanks for filing an issue!
 2 | Before hitting the button, please answer these questions.
 3 | It's helpful to search the existing GitHub issues first.
 4 | It's likely that another user has already reported the issue you're facing,
 5 | or it's a known issue that we're already aware of-->
 6 | 
 7 | **Is this a request for help?**:
 8 | 
 9 | ---
10 | 
11 | **Is this a BUG REPORT or FEATURE REQUEST?** (choose one):
12 | 
13 | <!--
14 | If this is a BUG REPORT, please:
15 |   - Fill in as much of the template below as you can.  If you leave out
16 |     information, we can't help you as well.
17 | 
18 | If this is a FEATURE REQUEST, please:
19 |   - Describe *in detail* the feature/behavior/change you'd like to see.
20 | 
21 | In both cases, be ready for followup questions, and please respond in a timely
22 | manner.  If we can't reproduce a bug or think a feature already exists, we
23 | might close your issue.  If we're wrong, PLEASE feel free to reopen it and
24 | explain why.
25 | -->
26 | 
27 | **Version of Helm and Kubernetes**:
28 | 
29 | 
30 | **Which chart in which version**:
31 | 
32 | 
33 | **What happened**:
34 | 
35 | 
36 | **What you expected to happen**:
37 | 
38 | 
39 | **How to reproduce it** (as minimally and precisely as possible):
40 | 
41 | 
42 | **Anything else we need to know**:
43 | 


--------------------------------------------------------------------------------
/.github/check-for-chart-changes.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | #
 3 | # check for chart changes to speedup ci
 4 | #
 5 | 
 6 | set -x
 7 | set -o errexit
 8 | set -o pipefail
 9 | 
10 | echo "Check for chart changes to speedup ci..."
11 | 
12 | CHART_CHANGES="$(git diff --find-renames --name-only "$(git rev-parse --abbrev-ref HEAD)" remotes/origin/master -- charts)"
13 | 
14 | if [ -z "${CHART_CHANGES}" ]; then
15 |   echo -e "\n\n Error! No chart changes detected! Exiting... \n"
16 |   exit 1
17 | else
18 |   echo -e "\nChanges found in:"
19 |   echo "${CHART_CHANGES}"
20 |   echo -e "\nContinue with next job... \n"
21 | fi
22 | 


--------------------------------------------------------------------------------
/.github/config.yml:
--------------------------------------------------------------------------------
 1 | # Configuration for request-info - https://github.com/behaviorbot/request-info
 2 | 
 3 | # *OPTIONAL* Comment to reply with
 4 | # Can be either a string :
 5 | # requestInfoReplyComment: >
 6 | #   We would appreciate it if you could provide us with more info about this issue/pr!
 7 | 
 8 | # Or an array:
 9 | requestInfoReplyComment:
10 |  - Ah no! young blade! That was a trifle short!
11 |  - Tell me more !
12 |  - I am sure you can be more effusive ;-)
13 | 
14 | # *OPTIONAL* default titles to check against for lack of descriptiveness
15 | # MUST BE ALL LOWERCASE
16 | requestInfoDefaultTitles:
17 |   - Update README.md
18 | 
19 | # *OPTIONAL* Label to be added to Issues and Pull Requests with insufficient information given
20 | requestInfoLabelToAdd: needs-more-info
21 | 
22 | # *OPTIONAL* Require Issues to contain more information than what is provided in the issue templates
23 | # Will fail if the issue's body is equal to a provided template
24 | checkIssueTemplate: true
25 | 
26 | # *OPTIONAL* Require Pull Requests to contain more information than what is provided in the PR template
27 | # Will fail if the pull request's body is equal to the provided template
28 | checkPullRequestTemplate: true
29 | 
30 | # # *OPTIONAL* Only warn about insufficient information on these events type
31 | # # Keys must be lowercase. Valid values are 'issue' and 'pullRequest'
32 | # requestInfoOn:
33 | #   pullRequest: true
34 | #   issue: true
35 | 
36 | # # *OPTIONAL* Add a list of people whose Issues/PRs will not be commented on
37 | # # keys must be GitHub usernames
38 | # requestInfoUserstoExclude:
39 | #   - monotek
40 | #   - axdotl
41 | 


--------------------------------------------------------------------------------
/.github/ct.yaml:
--------------------------------------------------------------------------------
1 | helm-extra-args: --timeout 1200s
2 | check-version-increment: true
3 | debug: true
4 | chart-repos:
5 |   - kiwigrid=https://kiwigrid.github.io/
6 |   - minio=https://helm.min.io
7 | 


--------------------------------------------------------------------------------
/.github/kind-config.yaml:
--------------------------------------------------------------------------------
1 | kind: Cluster
2 | apiVersion: kind.x-k8s.io/v1alpha4
3 | nodes:
4 | # the control plane node config
5 | - role: control-plane
6 | # the 2 workers
7 | - role: worker
8 | - role: worker
9 | 


--------------------------------------------------------------------------------
/.github/kubeval.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | #
 3 | # use kubeval to validate helm generated kubernetes manifest
 4 | #
 5 | 
 6 | set -x
 7 | set -o errexit
 8 | set -o pipefail
 9 | 
10 | CHART_DIRS="$(git diff --find-renames --name-only "$(git rev-parse --abbrev-ref HEAD)" remotes/origin/master -- charts | grep '[cC]hart.yaml' | sed -e 's#/[Cc]hart.yaml##g')"
11 | HELM_VERSION="v3.1.2"
12 | KUBEVAL_VERSION="0.15.0"
13 | SCHEMA_LOCATION="https://raw.githubusercontent.com/instrumenta/kubernetes-json-schema/master/"
14 | 
15 | # install helm
16 | curl --silent --show-error --fail --location --output get_helm.sh https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get
17 | chmod 700 get_helm.sh
18 | ./get_helm.sh --version "${HELM_VERSION}"
19 | 
20 | # install kubeval
21 | curl --silent --show-error --fail --location --output /tmp/kubeval.tar.gz https://github.com/instrumenta/kubeval/releases/download/"${KUBEVAL_VERSION}"/kubeval-linux-amd64.tar.gz
22 | sudo tar -C /usr/local/bin -xf /tmp/kubeval.tar.gz kubeval
23 | 
24 | # validate charts
25 | for CHART_DIR in ${CHART_DIRS};do
26 |   echo "helm dependency build..."
27 |   helm dependency build "${CHART_DIR}"
28 | 
29 |   echo "kubeval(idating) ${CHART_DIR##charts/} chart..."
30 |   helm template "${CHART_DIR}" | kubeval --strict --ignore-missing-schemas --kubernetes-version "${KUBERNETES_VERSION#v}" --schema-location "${SCHEMA_LOCATION}"
31 | done
32 | 


--------------------------------------------------------------------------------
/.github/lint-scripts.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | #
 3 | # lint bash scripts
 4 | #
 5 | 
 6 | set -x
 7 | set -o errexit
 8 | 
 9 | CONFIG_DIR=".github"
10 | 
11 | TMP_FILE="$(mktemp)"
12 | 
13 | find "${CONFIG_DIR}" -type f -name "*.sh" > "${TMP_FILE}"
14 | 
15 | while read -r FILE; do
16 |   echo lint "${FILE}"
17 |   shellcheck -x "${FILE}"
18 | done < "${TMP_FILE}"
19 | 


--------------------------------------------------------------------------------
/.github/stale.yml:
--------------------------------------------------------------------------------
 1 | # Number of days of inactivity before an issue becomes stale
 2 | daysUntilStale: 60
 3 | # Number of days of inactivity before a stale issue is closed
 4 | daysUntilClose: 7
 5 | # Issues with these labels will never be considered stale
 6 | exemptLabels:
 7 |   - pinned
 8 |   - security
 9 | # Label to use when marking an issue as stale
10 | staleLabel: wontfix
11 | # Comment to post when marking an issue as stale. Set to `false` to disable
12 | markComment: >
13 |   This issue has been automatically marked as stale because it has not had
14 |   recent activity. It will be closed if no further activity occurs. Thank you
15 |   for your contributions.
16 | # Comment to post when closing a stale issue. Set to `false` to disable
17 | closeComment: false
18 | 


--------------------------------------------------------------------------------
/.github/workflows/deploy.yaml:
--------------------------------------------------------------------------------
 1 | name: deploy
 2 | 
 3 | on:
 4 |   push:
 5 |     branches: [master]
 6 | 
 7 | jobs:
 8 |   deploy-chart:
 9 |     name: deploy-chart
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Checkout
13 |         uses: actions/checkout@v2
14 |       - name: Fetch history
15 |         run: git fetch --prune --unshallow  
16 |       - name: Lint Bash scripts
17 |         uses: docker://koalaman/shellcheck-alpine:v0.7.0
18 |         with:
19 |           args: /github/workspace/.github/lint-scripts.sh        
20 |       - name: Set user permissions
21 |         run: chmod -R 777 /home/runner/work
22 |       - name: Deploy Helm chart
23 |         env:
24 |           SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY_KIWIGRID_GITHUB_IO }}
25 |         uses: docker://kiwigrid/gcloud-kubectl-helm:2.16.1-272.0.0-184
26 |         with:
27 |           args: /github/workspace/.github/deploy-chart.sh
28 | 
29 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | *.tgz
2 | .ci/test.sh
3 | charts/*/charts
4 | charts/*/requirements.lock
5 | kiwigrid.github.io
6 | tmp
7 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2018 Kiwigrid GmbH
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Kiwigrid Helm charts
 2 | 
 3 | [![Github Action](https://github.com/kiwigrid/helm-charts/workflows/deploy/badge.svg)](https://github.com/kiwigrid/helm-charts/actions)
 4 | 
 5 | ## Add repo
 6 | 
 7 | ```console
 8 | $ helm repo add kiwigrid https://kiwigrid.github.io
 9 | ```
10 | 
11 | ## Support
12 | 
13 | * Please don't write mails directly to the maintainers.
14 | * Use the Github issue tracker instead.
15 | 
16 | ## Adding charts
17 | 
18 | * Use a fork of this repo
19 | * Always sign your commits (git commit -s -m 'usefull commitmessage')
20 | * Do NOT touch default (master) branch in any forks
21 | * Always create new branches to work on
22 | * Create a Github pull request and fill out the PR template
23 | * Follow Helm best practices: [https://docs.helm.sh/chart_best_practices](https://docs.helm.sh/chart_best_practices)
24 | 


--------------------------------------------------------------------------------
/charts/any-resource/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 | 


--------------------------------------------------------------------------------
/charts/any-resource/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: "0.1.0"
 3 | description: A Helm chart to bring any kind of resources in a k8s cluster
 4 | name: any-resource
 5 | version: 0.1.0
 6 | home: https://github.com/kiwigrid/helm-charts
 7 | maintainers:
 8 | - name: axdotl
 9 |   email: axel.koehler@kiwigrid.com
10 | 


--------------------------------------------------------------------------------
/charts/any-resource/README.md:
--------------------------------------------------------------------------------
 1 | # A Helm Chart for any Kind of Resources
 2 | 
 3 | The purpose of this chart is to become able to manage every installed resources in a Kubernetes cluster via HELM.
 4 | 
 5 | For example:
 6 |   * Global secrets (e.g. TLS certs or `imagePullSecrets`)
 7 |   * ConfigMaps (e.g. grafana-dashboards, see https://github.com/helm/charts/tree/master/stable/grafana#sidecar-for-dashboards)
 8 |   * Custom Resources (e.g. `GcpNamespaceRestriction`, see https://github.com/kiwigrid/gcp-serviceaccount-controller)
 9 | 
10 | ## Example
11 | 
12 | Create a file called `custom-values.yaml` with following content:
13 | ```yaml
14 | anyResources:
15 |   myPullSecret: |-
16 |     apiVersion: v1
17 |     data:
18 |       .dockercfg: eyJodHRwczovL215LmRvY2tlci5yZWdpc3RyeSI6eyJ1c2VybmFtZSI6ImRvY2tlciIsInBhc3N3b3JkIjoidW5rbm93biIsImF1dGgiOiJFaWsxYWhrdXVzaG9ocGhpdWY5emFocGhlZVRoYXhhPSJ9fQo=
19 |     kind: Secret
20 |     metadata:
21 |       name: my-pull-secret
22 |     type: kubernetes.io/dockercfg
23 | ```
24 | 
25 | Install
26 | ```console
27 | helm upgrade --install my-pull-secret --values custom-values.yaml kiwigrid/any-resource
28 | ```
29 | 
30 | ## Open Issue
31 | 
32 | * HELM standard label support
33 | 


--------------------------------------------------------------------------------
/charts/any-resource/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Any resources deployed.
2 | 


--------------------------------------------------------------------------------
/charts/any-resource/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "any-resource.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 7 | {{- end -}}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "any-resource.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "any-resource.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 | 


--------------------------------------------------------------------------------
/charts/any-resource/templates/any-resources.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.anyResources -}}
 2 | {{- range $key, $value := .Values.anyResources -}}
 3 | {{ $value }}
 4 | ---
 5 | {{ end -}}
 6 | {{ else }}
 7 | apiVersion: v1
 8 | kind: ConfigMap
 9 | metadata:
10 |   name: {{ include "any-resource.fullname" . }}-dummy
11 |   labels:
12 |     app.kubernetes.io/name: {{ include "any-resource.name" . }}
13 |     helm.sh/chart: {{ include "any-resource.chart" . }}
14 |     app.kubernetes.io/instance: {{ .Release.Name }}
15 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
16 | data:
17 |   foo: bar
18 | {{- end -}}
19 | 


--------------------------------------------------------------------------------
/charts/any-resource/values.yaml:
--------------------------------------------------------------------------------
1 | anyResources: {}
2 | #  exampleResource: |-
3 | #    apiVersion: v1
4 | #    kind: ConfigMap
5 | #    metadata:
6 | #      name: example-resource
7 | #    data:
8 | #      foo: bar
9 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: "1.0.0-M3"
 3 | description: A Helm chart for Eclipse Ditto
 4 | name: ditto-digital-twins
 5 | version: 0.7.1
 6 | home: www.eclipse.org/ditto
 7 | sources:
 8 | - https://github.com/eclipse/ditto
 9 | - https://github.com/kiwigrid/helm-charts/tree/master/charts/ditto-digital-twins
10 | icon: https://www.eclipse.org/ditto/images/ditto.svg
11 | deprecated: true
12 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/nginx-config/index.html:
--------------------------------------------------------------------------------
 1 | <!doctype html>
 2 | <html>
 3 | <head>
 4 |   <title>Welcome to Eclipse Ditto</title>
 5 |   <style>
 6 |     body {
 7 |       text-align: center;
 8 |       padding: 150px;
 9 |     }
10 | 
11 |     h1 {
12 |       font-size: 50px;
13 |     }
14 | 
15 |     body {
16 |       font: 20px Helvetica, sans-serif;
17 |       color: #333;
18 |     }
19 | 
20 |     article {
21 |       display: block;
22 |       text-align: left;
23 |       width: 750px;
24 |       margin: 0 auto;
25 |     }
26 | 
27 |     a {
28 |       color: #dc8100;
29 |       text-decoration: none;
30 |     }
31 | 
32 |     a:hover {
33 |       color: #333;
34 |       text-decoration: none;
35 |     }
36 |   </style>
37 | </head>
38 | <body>
39 | 
40 | <article>
41 |   <h1>You have started Eclipse Ditto</h1>
42 |   <div>
43 |     <p>Thank you for trying out Eclipse Ditto!</p>
44 |     <p>In order to get started quickly, you can now have a look at the OpenAPI documentation for
45 |     <ul>
46 |       <li><a href="/apidoc/1">API version 1</a></li>
47 |       <li><a href="/apidoc/2">API version 2</a></li>
48 |     </ul>
49 |     <p>Try out the HTTP APIs by using username "ditto" and password "ditto" when asked for by your browser.</p>
50 |     <p>We'll add more documentation and examples soon.</p>
51 |     <p>&mdash; the Ditto team</p>
52 |   </div>
53 | </article>
54 | 
55 | </body>
56 | </html>
57 | 
58 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/nginx-config/nginx-cors.conf:
--------------------------------------------------------------------------------
 1 | #
 2 | # CORS header support
 3 | #
 4 | # As of Nginx 1.7.5, add_header supports an "always" parameter which
 5 | # allows CORS to work if the backend returns 4xx or 5xx status code.
 6 | #
 7 | # For more information on CORS, please see: http://enable-cors.org/
 8 | # From this Gist: https://gist.github.com/Stanback/7145487
 9 | # And this: https://gist.github.com/pauloricardomg/7084524
10 | #
11 | 
12 | set $cors '1';
13 | 
14 | # OPTIONS indicates a CORS pre-flight request
15 | if ($request_method = 'OPTIONS') {
16 |   set $cors "${cors}o";
17 | }
18 | 
19 | if ($cors = '1') {
20 |   add_header 'Access-Control-Allow-Origin' '*' always;
21 |   add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
22 |   add_header 'Access-Control-Allow-Credentials' 'true' always;
23 |   add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,Content-Length,DNT,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
24 | }
25 | 
26 | # OPTIONS (pre-flight) request from allowed CORS domain. return response directly
27 | if ($cors = '1o') {
28 |   # Tell client that this pre-flight info is valid for 20 days
29 |   add_header 'Access-Control-Max-Age' 1728000;
30 |   add_header 'Access-Control-Allow-Origin' '*' always;
31 |   add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
32 |   add_header 'Access-Control-Allow-Credentials' 'true' always;
33 |   add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,Content-Length,DNT,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
34 |   add_header 'Content-Type' 'text/plain charset=UTF-8';
35 |   add_header 'Content-Length' 0;
36 |   return 200;
37 | }
38 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/nginx-config/nginx.htpasswd:
--------------------------------------------------------------------------------
1 | # this file contains sample users and their hashed password
2 | ditto:A6BgmB8IEtPTs
3 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/requirements.yaml:
--------------------------------------------------------------------------------
1 | dependencies:
2 |   - name: mongodb
3 |     repository: https://kubernetes-charts.storage.googleapis.com
4 |     version: 7.4.4
5 |     condition: mongodb.enabled
6 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/NOTES.txt:
--------------------------------------------------------------------------------
 1 | Eclipse Ditto installed!
 2 | 
 3 | Access ditto in your browser (http://localhost:8080) by running:
 4 | 
 5 |     kubectl --namespace {{ .Release.Namespace }} port-forward svc/{{ include "ditto-digital-twins.fullname" . }}-nginx 8080:8080
 6 | 
 7 | The /status resource can be accessed by:
 8 | 
 9 |     export STATUS_PWD=$(kubectl --namespace {{ .Release.Namespace }} get secret {{ include "ditto-digital-twins.fullname" . }}-gateway-secret -o jsonpath="{.data.status-password}" | base64 --decode)
10 |     curl -i -X GET "http://devops:${STATUS_PWD}@localhost:8080/status"
11 | 
12 | The /devops resource can be accessed by:
13 | 
14 |     export DEVOPS_PWD=$(kubectl --namespace {{ .Release.Namespace }} get secret {{ include "ditto-digital-twins.fullname" . }}-gateway-secret -o jsonpath="{.data.devops-password}" | base64 --decode)
15 |     curl -i -X GET "http://devops:${DEVOPS_PWD}@localhost:8080/devops"
16 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/concierge-networkpolicy.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.concierge.networkPolicy.enabled }}
 2 | kind: NetworkPolicy
 3 | apiVersion: networking.k8s.io/v1
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-concierge
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-concierge
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | spec:
10 |   podSelector:
11 |     matchLabels:
12 |       app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-concierge
13 |       app.kubernetes.io/instance: {{ .Release.Name }}
14 |   policyTypes:
15 |   - Ingress
16 |   - Egress
17 |   ingress:
18 |   # Allow inner cluster communication
19 |   - from:
20 |     - podSelector:
21 |         matchLabels:
22 |           actorSystemName: {{ .Values.akka.actorSystemName }}
23 |     ports:
24 |     - protocol: TCP
25 |       port: {{ .Values.akka.remoting.port }}
26 |     - protocol: TCP
27 |       port: {{ .Values.akka.mgmthttp.port }}
28 | # Open all egress
29 |   egress:
30 |   - {}
31 | {{- end }}
32 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/concierge-pdb.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.concierge.podDisruptionBudget.enabled (gt .Values.concierge.replicaCount 1.0) -}}
 2 | apiVersion: policy/v1beta1
 3 | kind: PodDisruptionBudget
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-concierge
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-concierge
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | spec:
10 |   selector:
11 |     matchLabels:
12 |       app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-concierge
13 |       app.kubernetes.io/instance: {{ .Release.Name }}
14 |   minAvailable: {{ .Values.concierge.podDisruptionBudget.minAvailable }}
15 | {{- end }}
16 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/connectivity-networkpolicy.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.connectivity.networkPolicy.enabled }}
 2 | kind: NetworkPolicy
 3 | apiVersion: networking.k8s.io/v1
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-connectivity
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-connectivity
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | spec:
10 |   podSelector:
11 |     matchLabels:
12 |       app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-connectivity
13 |       app.kubernetes.io/instance: {{ .Release.Name }}
14 |   policyTypes:
15 |   - Ingress
16 |   - Egress
17 |   ingress:
18 |   # Allow inner cluster communication
19 |   - from:
20 |     - podSelector:
21 |         matchLabels:
22 |           actorSystemName: {{ .Values.akka.actorSystemName }}
23 |     ports:
24 |     - protocol: TCP
25 |       port: {{ .Values.akka.remoting.port }}
26 |     - protocol: TCP
27 |       port: {{ .Values.akka.mgmthttp.port }}
28 |   # Open all egress
29 |   egress:
30 |   - {}
31 | {{- end }}
32 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/connectivity-pdb.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.connectivity.podDisruptionBudget.enabled (gt .Values.connectivity.replicaCount 1.0) -}}
 2 | apiVersion: policy/v1beta1
 3 | kind: PodDisruptionBudget
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-connectivity
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-connectivity
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | spec:
10 |   selector:
11 |     matchLabels:
12 |       app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-connectivity
13 |       app.kubernetes.io/instance: {{ .Release.Name }}
14 |   minAvailable: {{ .Values.connectivity.podDisruptionBudget.minAvailable }}
15 | {{- end }}
16 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/gateway-networkpolicy.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.gateway.networkPolicy.enabled }}
 2 | kind: NetworkPolicy
 3 | apiVersion: networking.k8s.io/v1
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-gateway
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-gateway
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | spec:
10 |   podSelector:
11 |     matchLabels:
12 |       app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-gateway
13 |       app.kubernetes.io/instance: {{ .Release.Name }}
14 |   policyTypes:
15 |   - Ingress
16 |   - Egress
17 |   ingress:
18 |   # Allow access from Nginx
19 |   - from:
20 |     - podSelector:
21 |         matchLabels:
22 |           app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-nginx
23 |           app.kubernetes.io/instance: {{ .Release.Name }}
24 |     ports:
25 |     - protocol: TCP
26 |       port: http
27 |   # Allow inner cluster communication
28 |   - from:
29 |     - podSelector:
30 |         matchLabels:
31 |           actorSystemName: {{ .Values.akka.actorSystemName }}
32 |     ports:
33 |     - protocol: TCP
34 |       port: {{ .Values.akka.remoting.port }}
35 |     - protocol: TCP
36 |       port: {{ .Values.akka.mgmthttp.port }}
37 |   # Open all egress
38 |   egress:
39 |   - {}
40 | {{- end }}
41 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/gateway-pdb.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.gateway.podDisruptionBudget.enabled (gt .Values.gateway.replicaCount 1.0) -}}
 2 | apiVersion: policy/v1beta1
 3 | kind: PodDisruptionBudget
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-gateway
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-gateway
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | spec:
10 |   selector:
11 |     matchLabels:
12 |       app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-gateway
13 |       app.kubernetes.io/instance: {{ .Release.Name }}
14 |   minAvailable: {{ .Values.gateway.podDisruptionBudget.minAvailable }}
15 | {{- end }}
16 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/gateway-secret.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Secret
 3 | metadata:
 4 |   name: {{ include "ditto-digital-twins.fullname" . }}-gateway-secret
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-gateway-secret
 7 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 8 | type: Opaque
 9 | data:
10 |   {{- if .Values.gateway.devopsPassword }}
11 |   devops-password: {{ .Values.gateway.devopsPassword | b64enc | quote }}
12 |   {{- else }}
13 |   devops-password: {{ randAlphaNum 12 | b64enc | quote }}
14 |   {{- end }}
15 |   {{- if .Values.gateway.statusPassword }}
16 |   status-password: {{ .Values.gateway.statusPassword | b64enc | quote }}
17 |   {{- else }}
18 |   status-password: {{ randAlphaNum 12 | b64enc | quote }}
19 |   {{- end }}
20 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/gateway-service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.gateway.enabled -}}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-gateway
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-gateway
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 |   {{- with .Values.gateway.service.annotations }}
10 |   annotations:
11 |     {{- toYaml . | nindent 4 }}
12 |   {{- end }}
13 | spec:
14 |   ports:
15 |     - port: {{ .Values.gateway.service.port }}
16 |       targetPort: http
17 |       protocol: TCP
18 |       name: http
19 |   selector:
20 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-gateway
21 |     app.kubernetes.io/instance: {{ .Release.Name }}
22 | {{- end }}
23 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/mongodb-secret.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Secret
 3 | metadata:
 4 |   name: {{ include "ditto-digital-twins.fullname" . }}-mongodb-secret
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-mongodb-secret
 7 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 8 | type: Opaque
 9 | data:
10 |   concierge-uri: {{ .Values.dbconfig.concierge.uri | b64enc | quote}}
11 |   connectivity-uri: {{ .Values.dbconfig.connectivity.uri  | b64enc | quote}}
12 |   things-uri: {{ .Values.dbconfig.things.uri  | b64enc | quote}}
13 |   searchDB-uri: {{ .Values.dbconfig.searchDB.uri  | b64enc | quote}}
14 |   policies-uri: {{ .Values.dbconfig.policies.uri  | b64enc | quote}}
15 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/nginx-config.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.nginx.enabled -}}
 2 | {{- $releaseName := .Release.Name -}}
 3 | {{- $name := include "ditto-digital-twins.name" . -}}
 4 | {{- $labels := include "ditto-digital-twins.labels" . -}}
 5 | {{ $root := . }}
 6 | {{ range $path, $bytes := .Files.Glob "nginx-config/**" }}
 7 | apiVersion: v1
 8 | kind: ConfigMap
 9 | metadata:
10 |   name: {{ $releaseName }}-{{ $path | replace "/" "-" | replace "." "-" }}
11 |   labels:
12 |     app.kubernetes.io/name: {{ $name }}-nginx-config
13 | {{ $labels | indent 4 }}
14 | data:
15 |   {{ $path | replace "nginx-config/" ""}}: |-
16 | {{ $root.Files.Get $path | indent 4 }}
17 | ---
18 | {{- end -}}
19 | {{- end }}
20 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/nginx-ingress.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.ingress.enabled -}}
 2 | {{- $fullName := include "ditto-digital-twins.fullname" . -}}
 3 | {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
 4 | apiVersion: networking.k8s.io/v1beta1
 5 | {{- else -}}
 6 | apiVersion: extensions/v1beta1
 7 | {{- end }}
 8 | kind: Ingress
 9 | metadata:
10 |   name: {{ $fullName }}
11 |   labels:
12 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-nginx
13 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
14 |   {{- with .Values.ingress.annotations }}
15 |   annotations:
16 |     {{- toYaml . | nindent 4 }}
17 |   {{- end }}
18 | spec:
19 | {{- if .Values.ingress.tls }}
20 |   tls:
21 |   {{- range .Values.ingress.tls }}
22 |     - hosts:
23 |       {{- range .hosts }}
24 |         - {{ . | quote }}
25 |       {{- end }}
26 |       secretName: {{ .secretName }}
27 |   {{- end }}
28 | {{- end }}
29 |   rules:
30 |   {{- range .Values.ingress.hosts }}
31 |     - host: {{ .host | quote }}
32 |       http:
33 |         paths:
34 |         {{- range .paths }}
35 |           - path: {{ . }}
36 |             backend:
37 |               serviceName: {{ $fullName }}-nginx
38 |               servicePort: http
39 |         {{- end }}
40 |   {{- end }}
41 | {{- end }}
42 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/nginx-service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.nginx.enabled -}}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-nginx
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-nginx
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 |   {{- with .Values.nginx.annotations }}
10 |   annotations:
11 |     {{- toYaml . | nindent 4 }}
12 |   {{- end }}
13 | spec:
14 |   type: {{ .Values.nginx.service.type }}
15 |   ports:
16 |     - port: {{ .Values.nginx.service.port }}
17 |       targetPort: http
18 |       protocol: TCP
19 |       name: http
20 |   selector:
21 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-nginx
22 |     app.kubernetes.io/instance: {{ .Release.Name }}
23 | {{- end }}
24 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/policies-networkpolicy.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.policies.networkPolicy.enabled }}
 2 | kind: NetworkPolicy
 3 | apiVersion: networking.k8s.io/v1
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-policies
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-policies
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | spec:
10 |   podSelector:
11 |     matchLabels:
12 |       app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-policies
13 |       app.kubernetes.io/instance: {{ .Release.Name }}
14 |   policyTypes:
15 |   - Ingress
16 |   - Egress
17 |   ingress:
18 |   # Allow inner cluster communication
19 |   - from:
20 |     - podSelector:
21 |         matchLabels:
22 |           actorSystemName: {{ .Values.akka.actorSystemName }}
23 |     ports:
24 |     - protocol: TCP
25 |       port: {{ .Values.akka.remoting.port }}
26 |     - protocol: TCP
27 |       port: {{ .Values.akka.mgmthttp.port }}
28 |   # Open all egress
29 |   egress:
30 |   - {}
31 | {{- end }}
32 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/policies-pdb.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.policies.podDisruptionBudget.enabled (gt .Values.policies.replicaCount 1.0) -}}
 2 | apiVersion: policy/v1beta1
 3 | kind: PodDisruptionBudget
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-policies
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-policies
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | spec:
10 |   selector:
11 |     matchLabels:
12 |       app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-policies
13 |       app.kubernetes.io/instance: {{ .Release.Name }}
14 |   minAvailable: {{ .Values.policies.podDisruptionBudget.minAvailable }}
15 | {{- end }}
16 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled -}}
 2 | kind: Role
 3 | apiVersion: rbac.authorization.k8s.io/v1
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | rules:
10 | - apiGroups: [""]
11 |   resources: ["pods"]
12 |   verbs: ["get", "watch", "list"]
13 | {{- end -}}
14 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/rolebinding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled -}}
 2 | kind: RoleBinding
 3 | apiVersion: rbac.authorization.k8s.io/v1
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | roleRef:
10 |   kind: Role
11 |   name: {{ include "ditto-digital-twins.fullname" . }}
12 |   apiGroup: rbac.authorization.k8s.io
13 | subjects:
14 | - kind: ServiceAccount
15 |   name: {{ template "ditto-digital-twins.serviceAccountName" . }}
16 | {{- end -}}
17 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.serviceAccount.create -}}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   name: {{ template "ditto-digital-twins.serviceAccountName" . }}
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | {{- end -}}
10 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/swaggerui-config.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.swaggerui.enabled -}}
 2 | apiVersion: v1
 3 | kind: ConfigMap
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-swaggerui
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-swaggerui
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | data:
10 | {{ (.Files.Glob "openapi/*").AsConfig | indent 2 }}
11 | {{- end }}
12 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/swaggerui-networkpolicy.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.swaggerui.networkPolicy.enabled }}
 2 | kind: NetworkPolicy
 3 | apiVersion: networking.k8s.io/v1
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-swaggerui
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-swaggerui
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | spec:
10 |   podSelector:
11 |     matchLabels:
12 |       app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-swaggerui
13 |       app.kubernetes.io/instance: {{ .Release.Name }}
14 |   policyTypes:
15 |   - Ingress
16 |   - Egress
17 |   ingress:
18 |   - from:
19 |     - podSelector:
20 |         matchLabels:
21 |           app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-nginx
22 |           app.kubernetes.io/instance: {{ .Release.Name }}
23 |     ports:
24 |     - protocol: TCP
25 |       port: 8080
26 | {{- end }}
27 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/swaggerui-pdb.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.swaggerui.podDisruptionBudget.enabled (gt .Values.swaggerui.replicaCount 1.0) -}}
 2 | apiVersion: policy/v1beta1
 3 | kind: PodDisruptionBudget
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-swaggerui
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-swaggerui
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | spec:
10 |   selector:
11 |     matchLabels:
12 |       app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-swaggerui
13 |       app.kubernetes.io/instance: {{ .Release.Name }}
14 |   minAvailable: {{ .Values.swaggerui.podDisruptionBudget.minAvailable }}
15 | {{- end }}
16 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/swaggerui-service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.swaggerui.enabled -}}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-swaggerui
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-swaggerui
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 |   {{- with .Values.swaggerui.annotations }}
10 |   annotations:
11 |     {{- toYaml . | nindent 4 }}
12 |   {{- end }}
13 | spec:
14 |   ports:
15 |     - port: {{ .Values.swaggerui.service.port }}
16 |       targetPort: http
17 |       protocol: TCP
18 |       name: http
19 |   selector:
20 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-swaggerui
21 |     app.kubernetes.io/instance: {{ .Release.Name }}
22 | {{- end }}
23 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/things-networkpolicy.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.things.networkPolicy.enabled }}
 2 | kind: NetworkPolicy
 3 | apiVersion: networking.k8s.io/v1
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-things
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-things
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | spec:
10 |   podSelector:
11 |     matchLabels:
12 |       app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-things
13 |       app.kubernetes.io/instance: {{ .Release.Name }}
14 |   policyTypes:
15 |   - Ingress
16 |   - Egress
17 |   ingress:
18 |   # Allow access from concierge
19 |   - from:
20 |     - podSelector:
21 |         matchLabels:
22 |           app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-concierge
23 |           app.kubernetes.io/instance: {{ .Release.Name }}
24 |     ports:
25 |     - protocol: TCP
26 |       port: http
27 |   # Allow inner cluster communication
28 |   - from:
29 |     - podSelector:
30 |         matchLabels:
31 |           actorSystemName: {{ .Values.akka.actorSystemName }}
32 |     ports:
33 |     - protocol: TCP
34 |       port: {{ .Values.akka.remoting.port }}
35 |     - protocol: TCP
36 |       port: {{ .Values.akka.mgmthttp.port }}
37 |   # Open all egress
38 |   egress:
39 |   - {}
40 | {{- end }}
41 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/things-pdb.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.things.podDisruptionBudget.enabled (gt .Values.things.replicaCount 1.0) -}}
 2 | apiVersion: policy/v1beta1
 3 | kind: PodDisruptionBudget
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-things
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-things
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | spec:
10 |   selector:
11 |     matchLabels:
12 |       app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-things
13 |       app.kubernetes.io/instance: {{ .Release.Name }}
14 |   minAvailable: {{ .Values.things.podDisruptionBudget.minAvailable }}
15 | {{- end }}
16 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/thingssearch-networkpolicy.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.thingsSearch.networkPolicy.enabled }}
 2 | kind: NetworkPolicy
 3 | apiVersion: networking.k8s.io/v1
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-thingssearch
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-thingssearch
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | spec:
10 |   podSelector:
11 |     matchLabels:
12 |       app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-thingssearch
13 |       app.kubernetes.io/instance: {{ .Release.Name }}
14 |   policyTypes:
15 |   - Ingress
16 |   - Egress
17 |   ingress:
18 |   # Allow inner cluster communication
19 |   - from:
20 |     - podSelector:
21 |         matchLabels:
22 |           actorSystemName: {{ .Values.akka.actorSystemName }}
23 |     ports:
24 |     - protocol: TCP
25 |       port: {{ .Values.akka.remoting.port }}
26 |     - protocol: TCP
27 |       port: {{ .Values.akka.mgmthttp.port }}
28 |   # Open all egress
29 |   egress:
30 |   - {}
31 | {{- end }}
32 | 


--------------------------------------------------------------------------------
/charts/ditto-digital-twins/templates/thingssearch-pdb.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.things.podDisruptionBudget.enabled (gt .Values.things.replicaCount 1.0) -}}
 2 | apiVersion: policy/v1beta1
 3 | kind: PodDisruptionBudget
 4 | metadata:
 5 |   name: {{ include "ditto-digital-twins.fullname" . }}-thingssearch
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-thingssearch
 8 | {{ include "ditto-digital-twins.labels" . | indent 4 }}
 9 | spec:
10 |   selector:
11 |     matchLabels:
12 |       app.kubernetes.io/name: {{ include "ditto-digital-twins.name" . }}-thingssearch
13 |       app.kubernetes.io/instance: {{ .Release.Name }}
14 |   minAvailable: {{ .Values.things.podDisruptionBudget.minAvailable }}
15 | {{- end }}
16 | 


--------------------------------------------------------------------------------
/charts/enmasse-crd/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 | 


--------------------------------------------------------------------------------
/charts/enmasse-crd/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: "0.30.1"
 3 | description: A Helm chart for enmasse CRD's
 4 | name: enmasse-crd
 5 | version: 0.1.0
 6 | home: https://enmasse.io/
 7 | sources:
 8 | - https://github.com/EnMasseProject/enmasse
 9 | - https://github.com/kiwigrid/helm-charts/tree/master/charts/enmasse-crd
10 | maintainers:
11 | - name: rpahli
12 |   email: rico.pahlisch@kiwigrid.com
13 | 


--------------------------------------------------------------------------------
/charts/enmasse-crd/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Enmasse CRD's successful installed


--------------------------------------------------------------------------------
/charts/enmasse-crd/templates/consoleservices.crd.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apiextensions.k8s.io/v1beta1
 2 | kind: CustomResourceDefinition
 3 | metadata:
 4 |   name: consoleservices.admin.enmasse.io
 5 |   labels:
 6 | {{ include "enmasse-crd.labels" . | indent 4 }}
 7 | spec:
 8 |   group: admin.enmasse.io
 9 |   version: v1beta1
10 |   scope: Namespaced
11 |   names:
12 |     kind: ConsoleService
13 |     listKind: ConsoleServiceList
14 |     singular: consoleservice
15 |     plural: consoleservices
16 |   validation:
17 |     openAPIV3Schema:
18 |       properties:
19 |         spec:
20 |           type: object
21 |           properties:
22 |             discoveryMetadataURL:
23 |               type: string
24 |             certificateSecret:
25 |               type: object
26 |               properties:
27 |                 name:
28 |                   type: string
29 |                 namespace:
30 |                   type: string
31 |             oauthClientSecret:
32 |               type: object
33 |               properties:
34 |                 name:
35 |                   type: string
36 |                 namespace:
37 |                   type: string
38 |             ssoCookieSecret:
39 |               type: object
40 |               properties:
41 |                 name:
42 |                   type: string
43 |                 namespace:
44 |                   type: string
45 |             ssoCookieDomain:
46 |               type: string
47 |             scope:
48 |               type: string
49 |             host:
50 |               type: string
51 |         status:
52 |           type: object
53 |           properties:
54 |             host:
55 |               type: string
56 |             port:
57 |               type: integer
58 |             caCertSecret:
59 |               type: object
60 |               properties:
61 |                 name:
62 |                   type: string
63 | 
64 | 


--------------------------------------------------------------------------------
/charts/enmasse-crd/templates/iotconfigs.crd.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apiextensions.k8s.io/v1beta1
 2 | kind: CustomResourceDefinition
 3 | metadata:
 4 |   name: iotconfigs.iot.enmasse.io
 5 |   labels:
 6 | {{ include "enmasse-crd.labels" . | indent 4 }}
 7 | spec:
 8 |   group: iot.enmasse.io
 9 |   version: v1alpha1
10 |   scope: Namespaced
11 |   names:
12 |     kind: IoTConfig
13 |     plural: iotconfigs
14 |     singular: iotconfig
15 |     shortNames:
16 |     - icfg
17 |   additionalPrinterColumns:
18 |   - name: Phase
19 |     type: string
20 |     description: Phase of the IoT config
21 |     JSONPath: .status.phase
22 |   subresources:
23 |     status: {}
24 | 


--------------------------------------------------------------------------------
/charts/enmasse-crd/templates/iotprojects.crd.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apiextensions.k8s.io/v1beta1
 2 | kind: CustomResourceDefinition
 3 | metadata:
 4 |   name: iotprojects.iot.enmasse.io
 5 |   labels:
 6 | {{ include "enmasse-crd.labels" . | indent 4 }}
 7 |     enmasse-component: iot
 8 | spec:
 9 |   group: iot.enmasse.io
10 |   version: v1alpha1
11 |   scope: Namespaced
12 |   names:
13 |     kind: IoTProject
14 |     plural: iotprojects
15 |     singular: iotproject
16 |     shortNames:
17 |     - itp
18 |   additionalPrinterColumns:
19 |   - name: IoT tenant
20 |     type: string
21 |     description: The name of the IoT tenant
22 |     JSONPath: .status.tenantName
23 |   - name: Downstream Host
24 |     type: string
25 |     description: The endpoint host name
26 |     JSONPath: .status.downstreamEndpoint.host
27 |   - name: Downstream Port
28 |     type: integer
29 |     description: The endpoint port number
30 |     JSONPath: .status.downstreamEndpoint.port
31 |   - name: TLS
32 |     type: boolean
33 |     description: If TLS is enabled
34 |     JSONPath: .status.downstreamEndpoint.tls
35 |   - name: Phase
36 |     type: string
37 |     description: Phase of the IoT project
38 |     JSONPath: .status.phase
39 |   subresources:
40 |     status: {}
41 | 


--------------------------------------------------------------------------------
/charts/enmasse-crd/values.yaml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kiwigrid/helm-charts/01c942ae9f9d1db6722099d655566b7bc4530fa6/charts/enmasse-crd/values.yaml


--------------------------------------------------------------------------------
/charts/enmasse/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 | 


--------------------------------------------------------------------------------
/charts/enmasse/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: "0.30.1"
 3 | description: A Helm chart for enmasse
 4 | name: enmasse
 5 | version: 0.1.0
 6 | home: https://enmasse.io/
 7 | sources:
 8 | - https://github.com/EnMasseProject/enmasse
 9 | - https://github.com/kiwigrid/helm-charts/tree/master/charts/enmasse
10 | maintainers:
11 | - name: rpahli
12 |   email: rico.pahlisch@kiwigrid.com
13 | 


--------------------------------------------------------------------------------
/charts/enmasse/ci/test-values.yaml:
--------------------------------------------------------------------------------
1 | enmasse-crd:
2 |   enabled: true
3 | 


--------------------------------------------------------------------------------
/charts/enmasse/requirements.yaml:
--------------------------------------------------------------------------------
1 | dependencies:
2 | - name: enmasse-crd
3 |   version: 0.1.0
4 |   repository: https://kiwigrid.github.io/
5 |   condition: enmasse-crd.enabled


--------------------------------------------------------------------------------
/charts/enmasse/templates/NOTES.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kiwigrid/helm-charts/01c942ae9f9d1db6722099d655566b7bc4530fa6/charts/enmasse/templates/NOTES.txt


--------------------------------------------------------------------------------
/charts/enmasse/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "enmasse.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 7 | {{- end -}}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "enmasse.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "enmasse.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 | 
34 | {{/*
35 | Common labels
36 | */}}
37 | {{- define "enmasse.labels" -}}
38 | app.kubernetes.io/name: {{ include "enmasse.name" . }}
39 | helm.sh/chart: {{ include "enmasse.chart" . }}
40 | app.kubernetes.io/instance: {{ .Release.Name }}
41 | {{- if .Chart.AppVersion }}
42 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
43 | {{- end }}
44 | app.kubernetes.io/managed-by: {{ .Release.Service }}
45 | {{- end -}}
46 | 
47 | {{/*
48 | Create the name of the service account to use
49 | */}}
50 | {{- define "enmasse.serviceAccountName" -}}
51 | {{- if .Values.serviceAccount.create -}}
52 |     {{ default (include "enmasse.fullname" .) .Values.serviceAccount.name }}
53 | {{- else -}}
54 |     {{ default "default" .Values.serviceAccount.name }}
55 | {{- end -}}
56 | {{- end -}}
57 | 


--------------------------------------------------------------------------------
/charts/enmasse/templates/api-server-cert-secret.yaml:
--------------------------------------------------------------------------------
 1 | {{- $cn := printf "%s.%s.svc.cluster.local" ( include "enmasse.fullname" . ) .Release.Namespace }}
 2 | {{- $ca := genCA "enmasse" 3650 -}}
 3 | {{- $cert := genSignedCert $cn nil nil 3650 $ca }}
 4 | kind: Secret
 5 | apiVersion: v1
 6 | metadata:
 7 |   name: {{ include "enmasse.fullname" . }}-api-server-cert
 8 |   labels:
 9 | {{ include "enmasse.labels" . | indent 4 }}
10 | type: kubernetes.io/tls
11 | data:
12 |   tls.crt: {{ b64enc $cert.Cert }}
13 |   tls.key: {{ b64enc $cert.Key }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/api-service-v1alpha1-enmasse-io.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apiregistration.k8s.io/v1beta1
 2 | kind: APIService
 3 | metadata:
 4 |   name: v1alpha1.enmasse.io
 5 |   labels:
 6 | {{ include "enmasse.labels" . | indent 4 }}
 7 |   name: v1alpha1.enmasse.io
 8 | spec:
 9 |   group: enmasse.io
10 |   groupPriorityMinimum: 1000
11 |   insecureSkipTLSVerify: true
12 |   service:
13 |     name: {{ include "enmasse.fullname" . }}-api-server
14 |     namespace: {{.Release.Namespace}}
15 |   version: v1alpha1
16 |   versionPriority: 15
17 | 


--------------------------------------------------------------------------------
/charts/enmasse/templates/api-service-v1alpha1-user-enmasse-io.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apiregistration.k8s.io/v1beta1
 2 | kind: APIService
 3 | metadata:
 4 |   labels:
 5 | {{ include "enmasse.labels" . | indent 4 }}
 6 |   name: v1alpha1.user.enmasse.io
 7 | spec:
 8 |   group: user.enmasse.io
 9 |   groupPriorityMinimum: 1000
10 |   insecureSkipTLSVerify: true
11 |   service:
12 |     name: {{ include "enmasse.fullname" . }}-api-server
13 |     namespace: {{.Release.Namespace}}
14 |   version: v1alpha1
15 |   versionPriority: 15
16 | 


--------------------------------------------------------------------------------
/charts/enmasse/templates/api-service-v1beta1-enmasse-io.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apiregistration.k8s.io/v1beta1
 2 | kind: APIService
 3 | metadata:
 4 |   labels:
 5 | {{ include "enmasse.labels" . | indent 4 }}
 6 |   name: v1beta1.enmasse.io
 7 | spec:
 8 |   group: enmasse.io
 9 |   groupPriorityMinimum: 1000
10 |   insecureSkipTLSVerify: true
11 |   service:
12 |     name: {{ include "enmasse.fullname" . }}-api-server
13 |     namespace: {{.Release.Namespace}}
14 |   version: v1beta1
15 |   versionPriority: 15
16 | 


--------------------------------------------------------------------------------
/charts/enmasse/templates/api-service-v1beta1-user-enmasse-io.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apiregistration.k8s.io/v1beta1
 2 | kind: APIService
 3 | metadata:
 4 |   labels:
 5 | {{ include "enmasse.labels" . | indent 4 }}
 6 |   name: v1beta1.user.enmasse.io
 7 | spec:
 8 |   group: user.enmasse.io
 9 |   groupPriorityMinimum: 1000
10 |   insecureSkipTLSVerify: true
11 |   service:
12 |     name: {{ include "enmasse.fullname" . }}-api-server
13 |     namespace: {{.Release.Namespace}}
14 |   version: v1beta1
15 |   versionPriority: 15
16 | 


--------------------------------------------------------------------------------
/charts/enmasse/templates/cluster-role-api-server.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRole
 4 | metadata:
 5 |   name: {{ include "enmasse.fullname" . }}-api-server
 6 |   labels:
 7 | {{ include "enmasse.labels" . | indent 4 }}
 8 | rules:
 9 |   - apiGroups: [ "authentication.k8s.io" ]
10 |     resources: [ "tokenreviews" ]
11 |     verbs: [ "create" ]
12 |   - apiGroups: [ "authorization.k8s.io" ]
13 |     resources: [ "subjectaccessreviews" ]
14 |     verbs: [ "create" ]
15 |   - apiGroups: [ "" ]
16 |     resources: [ "configmaps" ]
17 |     resourceNames: [ "extension-apiserver-authentication" ]
18 |     verbs: [ "get" ]
19 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/cluster-role-binding-api-server.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRoleBinding
 4 | metadata:
 5 |   name: {{ include "enmasse.fullname" . }}-api-server
 6 |   labels:
 7 | {{ include "enmasse.labels" . | indent 4 }}
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: {{ include "enmasse.fullname" . }}-api-server
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: {{ include "enmasse.fullname" . }}-api-server
15 |   namespace: {{.Release.Namespace}}
16 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/cluster-role-binding-enmasse-operator.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRoleBinding
 4 | metadata:
 5 |   name: {{ include "enmasse.fullname" . }}-operator
 6 |   labels:
 7 | {{ include "enmasse.labels" . | indent 4 }}
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: {{ include "enmasse.fullname" . }}-operator
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: {{ include "enmasse.fullname" . }}-operator
15 |   namespace: {{.Release.Namespace}}
16 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/cluster-role-binding-standard-authservice.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRoleBinding
 4 | metadata:
 5 |   name: {{ include "enmasse.fullname" . }}-standard-authservice
 6 |   labels:
 7 | {{ include "enmasse.labels" . | indent 4 }}
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: {{ include "enmasse.fullname" . }}-standard-authservice
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: {{ include "enmasse.fullname" . }}-standard-authservice
15 |   namespace: {{.Release.Namespace}}
16 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/cluster-role-enmasse-operator.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRole
 4 | metadata:
 5 |   name: {{ include "enmasse.fullname" . }}-operator
 6 |   labels:
 7 | {{ include "enmasse.labels" . | indent 4 }}
 8 | rules:
 9 |   - apiGroups: [ "oauth.openshift.io" ]
10 |     resources: [ "oauthclients" ]
11 |     verbs: [ "create", "get", "update", "list", "watch" ]
12 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/cluster-role-standard-authservice.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRole
 4 | metadata:
 5 |   name: {{ include "enmasse.fullname" . }}-standard-authservice
 6 |   labels:
 7 | {{ include "enmasse.labels" . | indent 4 }}
 8 | rules:
 9 |   - apiGroups: [ "authentication.k8s.io" ]
10 |     resources: [ "tokenreviews" ]
11 |     verbs: [ "create" ]
12 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/role-address-space-admin.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: Role
 4 | metadata:
 5 |   name: {{ include "enmasse.fullname" . }}-address-space-admin
 6 |   labels:
 7 | {{ include "enmasse.labels" . | indent 4 }}
 8 | rules:
 9 |   - apiGroups: [ "admin.enmasse.io" ]
10 |     resources: [ "addressplans", "addressspaceplans", "brokeredinfraconfigs", "standardinfraconfigs", "authenticationservices", "consoleservices"]
11 |     verbs: [ "get", "list", "watch" ]
12 |   - apiGroups: [ "" ]
13 |     resources: [ "pods", "secrets" ]
14 |     verbs: [ "get", "list", "watch" ]
15 |   - apiGroups: [ "" ]
16 |     resources: [ "configmaps", "configmaps/finalizers" ]
17 |     verbs: [ "create", "update", "patch", "get", "list", "watch", "delete" ]
18 |   - apiGroups: [ "" ]
19 |     resources: [ "events" ]
20 |     verbs: [ "create", "update", "patch", "get", "list" ]
21 |   - apiGroups: [ "" ]
22 |     resources: [ "persistentvolumeclaims", "services" ]
23 |     verbs: [ "create", "update", "patch", "get", "list", "delete" ]
24 |   - apiGroups: [ "apps" ]
25 |     resources: [ "statefulsets", "deployments" ]
26 |     verbs: [ "create", "update", "patch", "get", "list", "delete" ]
27 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/role-address-space-controller.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: Role
 4 | metadata:
 5 |   name: {{ include "enmasse.fullname" . }}-address-space-controller
 6 |   labels:
 7 | {{ include "enmasse.labels" . | indent 4 }}
 8 | rules:
 9 |   - apiGroups: [ "admin.enmasse.io" ]
10 |     resources: [ "addressplans", "addressspaceplans", "brokeredinfraconfigs", "standardinfraconfigs", "authenticationservices", "consoleservices"]
11 |     verbs: [ "get", "list", "watch" ]
12 |   - apiGroups: [ "" ]
13 |     resources: [ "pods" ]
14 |     verbs: [ "get", "list", "patch", "update" ]
15 |   - apiGroups: [ "" ]
16 |     resources: [ "configmaps", "configmaps/finalizers" ]
17 |     verbs: [ "create", "update", "patch", "get", "list", "watch", "delete" ]
18 |   - apiGroups: [ "" ]
19 |     resources: [ "events" ]
20 |     verbs: [ "create", "update", "patch", "get", "list" ]
21 |   - apiGroups: [ "" ]
22 |     resources: [ "services", "secrets", "persistentvolumeclaims" ]
23 |     verbs: [ "create", "update", "patch", "get", "list", "delete" ]
24 |   - apiGroups: [ "networking.k8s.io", "extensions" ]
25 |     resources: [ "networkpolicies" ]
26 |     verbs: [ "create", "update", "patch", "get", "list", "delete" ]
27 |   - apiGroups: [ "route.openshift.io", "" ]
28 |     resources: [ "routes", "routes/custom-host", "routes/status" ]
29 |     verbs: [ "create", "update", "patch", "get", "list", "delete" ]
30 |   - apiGroups: [ "apps", "extensions" ]
31 |     resources: [ "statefulsets", "deployments", "replicasets" ]
32 |     verbs: [ "create", "update", "patch", "get", "list", "delete" ]
33 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/role-api-server.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: Role
 4 | metadata:
 5 |   name: {{ include "enmasse.fullname" . }}-api-server
 6 |   labels:
 7 | {{ include "enmasse.labels" . | indent 4 }}
 8 | rules:
 9 |   - apiGroups: [ "" ]
10 |     resources: [ "services", "secrets" ]
11 |     verbs: [ "get", "list", "watch" ]
12 |   - apiGroups: [ "" ]
13 |     resources: [ "configmaps", "configmaps/finalizers" ]
14 |     verbs: [ "create", "update", "patch", "get", "list", "watch", "delete" ]
15 |   - apiGroups: [ "admin.enmasse.io" ]
16 |     resources: [ "addressspaceplans", "addressplans", "standardinfraconfigs", "brokeredinfraconfigs", "authenticationservices", "consoleservices"]
17 |     verbs: [ "get", "list", "watch" ]
18 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/role-binding-address-space-admin.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: RoleBinding
 4 | metadata:
 5 |   name: {{ include "enmasse.fullname" . }}-address-space-admin
 6 |   labels:
 7 | {{ include "enmasse.labels" . | indent 4 }}
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: Role
11 |   name: {{ include "enmasse.fullname" . }}-address-space-admin
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: address-space-admin
15 |   namespace: {{.Release.Namespace}}
16 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/role-binding-address-space-controller.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: RoleBinding
 4 | metadata:
 5 |   name: {{ include "enmasse.fullname" . }}-address-space-controller
 6 |   labels:
 7 | {{ include "enmasse.labels" . | indent 4 }}
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: Role
11 |   name: {{ include "enmasse.fullname" . }}-address-space-controller
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: {{ include "enmasse.fullname" . }}-address-space-controller
15 |   namespace: {{.Release.Namespace}}
16 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/role-binding-api-server.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: RoleBinding
 4 | metadata:
 5 |   name: {{ include "enmasse.fullname" . }}-api-server
 6 |   labels:
 7 | {{ include "enmasse.labels" . | indent 4 }}
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: Role
11 |   name: {{ include "enmasse.fullname" . }}-api-server
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: {{ include "enmasse.fullname" . }}-api-server
15 |   namespace: {{.Release.Namespace}}
16 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/role-binding-enmasse-operator.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: RoleBinding
 4 | metadata:
 5 |   name: {{ include "enmasse.fullname" . }}-operator
 6 |   labels:
 7 | {{ include "enmasse.labels" . | indent 4 }}
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: Role
11 |   name: {{ include "enmasse.fullname" . }}-operator
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: {{ include "enmasse.fullname" . }}-operator
15 |   namespace: {{.Release.Namespace}}
16 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/role-enmasse-operator.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: Role
 4 | metadata:
 5 |   name: {{ include "enmasse.fullname" . }}-operator
 6 |   labels:
 7 | {{ include "enmasse.labels" . | indent 4 }}
 8 | rules:
 9 |   - apiGroups: [ "apps" ]
10 |     resources: [ "deployments" ]
11 |     verbs: [ "get", "list", "watch", "update", "create", "patch", "delete" ]
12 |   - apiGroups: [ "" ]
13 |     resources: [ "configmaps", "secrets", "persistentvolumeclaims", "services" ]
14 |     verbs: [ "get", "list", "watch", "update", "create", "patch", "delete" ]
15 |   - apiGroups: [ "", "route.openshift.io" ]
16 |     resources: [ "routes", "routes/custom-host", "routes/status"]
17 |     verbs: [ "create", "update", "patch", "get", "list", "watch", "delete" ]
18 |   - apiGroups: [ "apps.openshift.io" ]
19 |     resources: [ "deploymentconfigs"]
20 |     verbs: [  "get", "list", "watch" ]
21 |   - apiGroups: [ "admin.enmasse.io" ]
22 |     resources: [ "authenticationservices", "authenticationservices/finalizers", "consoleservices", "consoleservices/finalizers" ]
23 |     verbs: [ "get", "list", "watch", "update", "create", "patch" ]
24 |   - apiGroups: [ "iot.enmasse.io" ]
25 |     resources: [ "iotconfigs", "iotconfigs/finalizers", "iotconfigs/status" ]
26 |     verbs: [ "get", "list", "watch", "update", "create", "patch" ]
27 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/service-account-address-space-admin.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.rbac.enabled }}
2 | apiVersion: v1
3 | kind: ServiceAccount
4 | metadata:
5 |   name: address-space-admin
6 |   labels:
7 | {{ include "enmasse.labels" . | indent 4 }}
8 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/service-account-address-space-controller.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.rbac.enabled }}
2 | apiVersion: v1
3 | kind: ServiceAccount
4 | metadata:
5 |   name: {{ include "enmasse.fullname" . }}-address-space-controller
6 |   labels:
7 | {{ include "enmasse.labels" . | indent 4 }}
8 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/service-account-api-server.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.rbac.enabled }}
2 | apiVersion: v1
3 | kind: ServiceAccount
4 | metadata:
5 |   name: {{ include "enmasse.fullname" . }}-api-server
6 |   labels:
7 | {{ include "enmasse.labels" . | indent 4 }}
8 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/service-account-enmasse-operator.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.rbac.enabled }}
2 | apiVersion: v1
3 | kind: ServiceAccount
4 | metadata:
5 |   name: {{ include "enmasse.fullname" . }}-operator
6 |   labels:
7 | {{ include "enmasse.labels" . | indent 4 }}
8 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/service-account-standard-authservice.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.rbac.enabled }}
2 | apiVersion: v1
3 | kind: ServiceAccount
4 | metadata:
5 |   name: {{ include "enmasse.fullname" . }}-standard-authservice
6 |   labels:
7 | {{ include "enmasse.labels" . | indent 4 }}
8 | {{- end }}


--------------------------------------------------------------------------------
/charts/enmasse/templates/service-address-space-controller.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: {{ include "enmasse.fullname" . }}-address-space-controller
 5 |   labels:
 6 | {{ include "enmasse.labels" . | indent 4 }}
 7 | {{- with .Values.addressSpaceController.service.annotations }}
 8 |   annotations:
 9 | {{ toYaml . | indent 4 }}
10 | {{- end }}
11 | spec:
12 |   ports:
13 |   - name: health
14 |     port: 8080
15 |     protocol: TCP
16 |     targetPort: http
17 |   selector:
18 |     app.kubernetes.io/name: {{ include "enmasse.fullname" . }}-address-space-controller
19 |     app.kubernetes.io/instance: {{ .Release.Name }}
20 |   type: ClusterIP
21 | 


--------------------------------------------------------------------------------
/charts/enmasse/templates/service-api-server.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: {{ include "enmasse.fullname" . }}-api-server
 5 |   labels:
 6 | {{ include "enmasse.labels" . | indent 4 }}
 7 |   annotations:
 8 |     service.alpha.openshift.io/serving-cert-secret-name: {{ include "enmasse.fullname" . }}-api-server-cert
 9 |     {{- with .Values.apiServer.service.annotations }}
10 |     {{ toYaml .Values.apiServer.service.annotations | nindent 4 }}
11 |     {{- end }}
12 | spec:
13 |   ports:
14 |   - name: https
15 |     port: 443
16 |     protocol: TCP
17 |     targetPort: https
18 |   - name: health
19 |     port: 8080
20 |     protocol: TCP
21 |     targetPort: http
22 |   selector:
23 |     app.kubernetes.io/name: {{ include "enmasse.fullname" . }}-api-server
24 |     app.kubernetes.io/instance: {{ .Release.Name }}
25 |   type: ClusterIP
26 | 


--------------------------------------------------------------------------------
/charts/error-pages/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 | 


--------------------------------------------------------------------------------
/charts/error-pages/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: "1.0"
 3 | description: A Helm chart for Kubernetes error pages for traefik
 4 | name: error-pages
 5 | version: 1.0.0
 6 | home: https://github.com/kiwigrid/helm-charts
 7 | sources:
 8 | - https://github.com/kiwigrid/helm-charts
 9 | maintainers:
10 | - name: rpahli
11 |   email: rico.pahlisch@kiwigrid.com
12 | 


--------------------------------------------------------------------------------
/charts/error-pages/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Your error page service is up and running


--------------------------------------------------------------------------------
/charts/error-pages/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "error-pages.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 7 | {{- end -}}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "error-pages.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "error-pages.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 | 


--------------------------------------------------------------------------------
/charts/error-pages/templates/deployment.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apps/v1
 2 | kind: Deployment
 3 | metadata:
 4 |   name: {{ include "error-pages.fullname" . }}
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "error-pages.name" . }}
 7 |     helm.sh/chart: {{ include "error-pages.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | spec:
11 |   replicas: {{ .Values.replicaCount }}
12 |   selector:
13 |     matchLabels:
14 |       app.kubernetes.io/name: {{ include "error-pages.name" . }}
15 |       app.kubernetes.io/instance: {{ .Release.Name }}
16 |   template:
17 |     metadata:
18 |       labels:
19 |         app.kubernetes.io/name: {{ include "error-pages.name" . }}
20 |         app.kubernetes.io/instance: {{ .Release.Name }}
21 |     spec:
22 |       containers:
23 |         - name: {{ .Chart.Name }}
24 |           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
25 |           imagePullPolicy: {{ .Values.image.pullPolicy }}
26 |           ports:
27 |             - name: http
28 |               containerPort: 80
29 |               protocol: TCP
30 |           resources:
31 |             {{- toYaml .Values.resources | nindent 12 }}
32 |       {{- with .Values.nodeSelector }}
33 |       nodeSelector:
34 |         {{- toYaml . | nindent 8 }}
35 |       {{- end }}
36 |     {{- with .Values.affinity }}
37 |       affinity:
38 |         {{- toYaml . | nindent 8 }}
39 |     {{- end }}
40 |     {{- with .Values.tolerations }}
41 |       tolerations:
42 |         {{- toYaml . | nindent 8 }}
43 |     {{- end }}
44 | 


--------------------------------------------------------------------------------
/charts/error-pages/templates/ingress.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.ingress.enabled -}}
 2 | {{- $fullName := include "error-pages.fullname" . -}}
 3 | apiVersion: networking.k8s.io/v1
 4 | kind: Ingress
 5 | metadata:
 6 |   name: {{ $fullName }}
 7 |   labels:
 8 |     app.kubernetes.io/name: {{ include "error-pages.name" . }}
 9 |     helm.sh/chart: {{ include "error-pages.chart" . }}
10 |     app.kubernetes.io/instance: {{ .Release.Name }}
11 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
12 |   annotations:
13 |     traefik.ingress.kubernetes.io/error-pages: |-
14 |       foo:
15 |         status:
16 |         - "404"
17 |         - "503"
18 |         backend: global-default-backend
19 |         query: "/{status}.html"
20 |   {{- with .Values.ingress.annotations }}
21 |     {{- toYaml . | nindent 4 }}
22 |   {{- end }}
23 | spec:
24 |   backend:
25 |     serviceName: {{ $fullName }}
26 |     servicePort: http
27 | {{- end }}
28 | 


--------------------------------------------------------------------------------
/charts/error-pages/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: {{ include "error-pages.fullname" . }}
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "error-pages.name" . }}
 7 |     helm.sh/chart: {{ include "error-pages.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | spec:
11 |   type: {{ .Values.service.type }}
12 |   ports:
13 |     - port: {{ .Values.service.port }}
14 |       targetPort: http
15 |       protocol: TCP
16 |       name: http
17 |   selector:
18 |     app.kubernetes.io/name: {{ include "error-pages.name" . }}
19 |     app.kubernetes.io/instance: {{ .Release.Name }}
20 | 


--------------------------------------------------------------------------------
/charts/error-pages/values.yaml:
--------------------------------------------------------------------------------
 1 | # Default values for error-pages.
 2 | # This is a YAML-formatted file.
 3 | # Declare variables to be passed into your templates.
 4 | 
 5 | replicaCount: 1
 6 | 
 7 | image:
 8 |   repository: guillaumebriday/traefik-custom-error-pages
 9 |   tag: latest
10 |   pullPolicy: IfNotPresent
11 | 
12 | nameOverride: ""
13 | fullnameOverride: ""
14 | 
15 | service:
16 |   type: ClusterIP
17 |   port: 80
18 | 
19 | ingress:
20 |   enabled: false
21 |   annotations: {}
22 | 
23 | resources: {}
24 |   # We usually recommend not to specify default resources and to leave this as a conscious
25 |   # choice for the user. This also increases chances charts run on environments with little
26 |   # resources, such as Minikube. If you do want to specify resources, uncomment the following
27 |   # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
28 |   # limits:
29 |   #   cpu: 100m
30 |   #   memory: 128Mi
31 |   # requests:
32 |   #   cpu: 100m
33 |   #   memory: 128Mi
34 | 
35 | nodeSelector: {}
36 | 
37 | tolerations: []
38 | 
39 | affinity: {}
40 | 


--------------------------------------------------------------------------------
/charts/fluentd-elasticsearch/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: fluentd-elasticsearch
 3 | version: 9.6.2
 4 | appVersion: 3.0.4
 5 | home: https://www.fluentd.org/
 6 | description: A Fluentd Helm chart for Kubernetes with Elasticsearch output
 7 | icon: https://raw.githubusercontent.com/fluent/fluentd-docs/master/public/logo/Fluentd_square.png
 8 | keywords:
 9 | - fluentd
10 | - elasticsearch
11 | - multiline
12 | - detect-exceptions
13 | - logging
14 | sources:
15 | - https://github.com/kiwigrid/helm-charts/tree/master/charts/fluentd-elasticsearch
16 | - https://github.com/fluent/fluentd-kubernetes-daemonset
17 | - https://github.com/GoogleCloudPlatform/fluent-plugin-detect-exceptions
18 | - https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/fluentd-elasticsearch/fluentd-es-image
19 | engine: gotpl
20 | deprecated: true
21 | 


--------------------------------------------------------------------------------
/charts/fluentd-elasticsearch/OWNERS:
--------------------------------------------------------------------------------
1 | approvers:
2 | - axdotl
3 | - monotek
4 | reviewers:
5 | - axdotl
6 | - monotek
7 | 


--------------------------------------------------------------------------------
/charts/fluentd-elasticsearch/templates/clusterrole.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.create -}}
 2 | {{- $striped_version := (split "-" .Capabilities.KubeVersion.GitVersion)._0 -}}
 3 | kind: ClusterRole
 4 | apiVersion: rbac.authorization.k8s.io/v1
 5 | metadata:
 6 |   name: {{ include "fluentd-elasticsearch.fullname" . }}
 7 |   labels:
 8 | {{ include "fluentd-elasticsearch.labels" . | indent 4 }}
 9 |     {{- if semverCompare "< 1.6" $striped_version }}
10 |     kubernetes.io/cluster-service: "true"
11 |     {{- end }}
12 |     addonmanager.kubernetes.io/mode: Reconcile
13 | rules:
14 | - apiGroups:
15 |   - ""
16 |   resources:
17 |   - "namespaces"
18 |   - "pods"
19 |   verbs:
20 |   - "get"
21 |   - "watch"
22 |   - "list"
23 | {{- end -}}
24 | 


--------------------------------------------------------------------------------
/charts/fluentd-elasticsearch/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.create -}}
 2 | {{- $striped_version := (split "-" .Capabilities.KubeVersion.GitVersion)._0 -}}
 3 | kind: ClusterRoleBinding
 4 | apiVersion: rbac.authorization.k8s.io/v1
 5 | metadata:
 6 |   name: {{ include "fluentd-elasticsearch.fullname" . }}
 7 |   labels:
 8 | {{ include "fluentd-elasticsearch.labels" . | indent 4 }}
 9 |     {{- if semverCompare "< 1.6" $striped_version }}
10 |     kubernetes.io/cluster-service: "true"
11 |     {{- end }}
12 |     addonmanager.kubernetes.io/mode: Reconcile
13 | subjects:
14 | - kind: ServiceAccount
15 |   name: {{ if .Values.serviceAccount.name }}{{ .Values.serviceAccount.name }}{{ else }}{{ include "fluentd-elasticsearch.fullname" . }}{{ end }}
16 |   namespace: {{ .Release.Namespace }}
17 | roleRef:
18 |   kind: ClusterRole
19 |   name: {{ include "fluentd-elasticsearch.fullname" . }}
20 |   apiGroup: rbac.authorization.k8s.io
21 | {{- end -}}
22 | 


--------------------------------------------------------------------------------
/charts/fluentd-elasticsearch/templates/metrics-service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if or (.Values.serviceMonitor.enabled) (.Values.serviceMetric.enabled) }}
 2 | {{- $striped_version := (split "-" .Capabilities.KubeVersion.GitVersion)._0 -}}
 3 | ---
 4 | apiVersion: v1
 5 | kind: Service
 6 | metadata:
 7 |   name: {{ include "fluentd-elasticsearch.fullname" $ }}-metrics
 8 |   labels:
 9 | {{ include "fluentd-elasticsearch.labels" . | indent 4 }}
10 |     {{- if semverCompare "< 1.6" $striped_version }}
11 |     kubernetes.io/cluster-service: "true"
12 |     {{- end }}
13 |     addonmanager.kubernetes.io/mode: Reconcile
14 | spec:
15 |   type: {{ .Values.serviceMonitor.type }}
16 |   ports:
17 |     - name: metrics
18 |       port: {{ .Values.serviceMonitor.port }}
19 |       targetPort: {{ .Values.serviceMonitor.port }}
20 |   selector:
21 |     app.kubernetes.io/name: {{ include "fluentd-elasticsearch.name" . }}
22 |     app.kubernetes.io/instance: {{ .Release.Name }}
23 | {{- end }}
24 | 


--------------------------------------------------------------------------------
/charts/fluentd-elasticsearch/templates/pod-security-policy.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.podSecurityPolicy.enabled }}
 2 | {{- $striped_version := (split "-" .Capabilities.KubeVersion.GitVersion)._0 -}}
 3 | {{- if semverCompare "> 1.15" $striped_version -}}
 4 | apiVersion: policy/v1beta1
 5 | {{- else -}}
 6 | apiVersion: extensions/v1beta1
 7 | {{- end }}
 8 | kind: PodSecurityPolicy
 9 | metadata:
10 |   name: {{ template "fluentd-elasticsearch.fullname" . }}
11 |   labels:
12 | {{ include "fluentd-elasticsearch.labels" . | indent 4 }}
13 |     {{- if semverCompare "< 1.6" $striped_version }}
14 |     kubernetes.io/cluster-service: "true"
15 |     {{- end }}
16 |     addonmanager.kubernetes.io/mode: Reconcile
17 |   annotations:
18 | {{- if .Values.podSecurityPolicy.annotations }}
19 | {{ toYaml .Values.podSecurityPolicy.annotations | indent 4 }}
20 | {{- end }}
21 | spec:
22 |   privileged: false
23 |   allowPrivilegeEscalation: true
24 |   volumes:
25 |     - 'configMap'
26 |     - 'emptyDir'
27 |     - 'hostPath'
28 |     - 'secret'
29 |   allowedHostPaths:
30 |     - pathPrefix: {{ .Values.hostLogDir.varLog}}
31 |       readOnly: false
32 |     - pathPrefix: {{ .Values.hostLogDir.dockerContainers}}
33 |       readOnly: true
34 |     - pathPrefix: {{ .Values.hostLogDir.libSystemdDir}}
35 |       readOnly: true
36 |   hostNetwork: false
37 |   hostPID: false
38 |   hostIPC: false
39 |   runAsUser:
40 |     rule: 'RunAsAny'
41 |   runAsGroup:
42 |     rule: 'RunAsAny'
43 |   seLinux:
44 |     rule: 'RunAsAny'
45 |   supplementalGroups:
46 |     rule: 'RunAsAny'
47 |   fsGroup:
48 |     rule: 'MustRunAs'
49 |     ranges:
50 |       - min: 1
51 |         max: 65535
52 |   readOnlyRootFilesystem: false
53 |   hostPorts:
54 |     - min: 1
55 |       max: 65535
56 | {{- end }}
57 | 


--------------------------------------------------------------------------------
/charts/fluentd-elasticsearch/templates/role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.podSecurityPolicy.enabled }}
 2 | {{- $striped_version := (split "-" .Capabilities.KubeVersion.GitVersion)._0 -}}
 3 | apiVersion: rbac.authorization.k8s.io/v1
 4 | kind: Role
 5 | metadata:
 6 |   name: {{ template "fluentd-elasticsearch.fullname" . }}
 7 |   labels:
 8 | {{ include "fluentd-elasticsearch.labels" . | indent 4 }}
 9 |     {{- if semverCompare "< 1.6" $striped_version }}
10 |     kubernetes.io/cluster-service: "true"
11 |     {{- end }}
12 |     addonmanager.kubernetes.io/mode: Reconcile
13 | rules:
14 | {{- if semverCompare "> 1.15" $striped_version }}
15 | - apiGroups: ['policy']
16 | {{- else }}
17 | - apiGroups: ['extensions']
18 | {{- end }}
19 |   resources: ['podsecuritypolicies']
20 |   verbs:     ['use']
21 |   resourceNames:
22 |   - {{ template "fluentd-elasticsearch.fullname" . }}
23 | {{- end }}
24 | 


--------------------------------------------------------------------------------
/charts/fluentd-elasticsearch/templates/rolebinding.yaml:
--------------------------------------------------------------------------------
 1 | 
 2 | {{- if .Values.podSecurityPolicy.enabled }}
 3 | {{- $striped_version := (split "-" .Capabilities.KubeVersion.GitVersion)._0 -}}
 4 | apiVersion: rbac.authorization.k8s.io/v1
 5 | kind: RoleBinding
 6 | metadata:
 7 |   name: {{ template "fluentd-elasticsearch.fullname" . }}
 8 |   labels:
 9 | {{ include "fluentd-elasticsearch.labels" . | indent 4 }}
10 |     {{- if semverCompare "< 1.6" $striped_version }}
11 |     kubernetes.io/cluster-service: "true"
12 |     {{- end }}
13 |     addonmanager.kubernetes.io/mode: Reconcile
14 | roleRef:
15 |   kind: Role
16 |   name: {{ template "fluentd-elasticsearch.fullname" . }}
17 |   apiGroup: rbac.authorization.k8s.io
18 | subjects:
19 | - kind: ServiceAccount
20 |   name: {{ template "fluentd-elasticsearch.fullname" . }}
21 |   namespace: {{ .Release.Namespace }}
22 | {{- end }}
23 | 


--------------------------------------------------------------------------------
/charts/fluentd-elasticsearch/templates/service-account.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.serviceAccount.create -}}
 2 | {{- $striped_version := (split "-" .Capabilities.KubeVersion.GitVersion)._0 -}}
 3 | apiVersion: v1
 4 | kind: ServiceAccount
 5 | metadata:
 6 |   name: {{ if .Values.serviceAccount.name }}{{ .Values.serviceAccount.name }}{{ else }}{{ include "fluentd-elasticsearch.fullname" . }}{{ end }}
 7 |   labels:
 8 |     app.kubernetes.io/name: {{ include "fluentd-elasticsearch.name" . }}
 9 |     helm.sh/chart: {{ include "fluentd-elasticsearch.chart" . }}
10 |     app.kubernetes.io/instance: {{ .Release.Name }}
11 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
12 |     {{- if semverCompare "< 1.6" $striped_version }}
13 |     kubernetes.io/cluster-service: "true"
14 |     {{- end }}
15 |     addonmanager.kubernetes.io/mode: Reconcile
16 |   annotations:
17 | {{- if .Values.serviceAccount.annotations }}
18 | {{ toYaml .Values.serviceAccount.annotations | indent 4 }}
19 | {{- end }}
20 | {{- end -}}
21 | 


--------------------------------------------------------------------------------
/charts/fluentd-elasticsearch/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.service }}
 2 | {{- range $port := .Values.service.ports  }}
 3 | {{- $service_type := $port.type | default "ClusterIP" }}
 4 | {{- $striped_version := (split "-" $.Capabilities.KubeVersion.GitVersion)._0 -}}
 5 | ---
 6 | apiVersion: v1
 7 | kind: Service
 8 | metadata:
 9 |   name: {{ include "fluentd-elasticsearch.fullname" $ | trunc 50 }}-{{ $port.name | trunc 12 }}
10 |   labels:
11 | {{ include "fluentd-elasticsearch.labels" $ | indent 4 }}
12 |     {{- if semverCompare "< 1.6" $striped_version }}
13 |     kubernetes.io/cluster-service: "true"
14 |     {{- end }}
15 |     addonmanager.kubernetes.io/mode: Reconcile
16 | spec:
17 |   type: {{ $service_type }}
18 |   ports:
19 |     - name: {{ $port.name }}
20 |       port: {{ $port.port }}
21 |       targetPort: {{ $port.port }}
22 |       {{- if and ($port.nodePort) (eq $service_type "NodePort") }}
23 |       nodePort: {{ $port.nodePort }}
24 |       {{- end }}
25 |       {{- if $port.protocol }}
26 |       protocol: {{ $port.protocol }}
27 |       {{- end }}
28 |   selector:
29 |     app.kubernetes.io/name: {{ include "fluentd-elasticsearch.name" $ }}
30 |     app.kubernetes.io/instance: {{ $.Release.Name }}
31 | {{- end }}
32 | {{- end }}
33 | 


--------------------------------------------------------------------------------
/charts/fluentd-elasticsearch/templates/servicemonitor.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.serviceMonitor.enabled }}
 2 | {{- $striped_version := (split "-" .Capabilities.KubeVersion.GitVersion)._0 -}}
 3 | apiVersion: monitoring.coreos.com/v1
 4 | kind: ServiceMonitor
 5 | metadata:
 6 |   name: {{ template "fluentd-elasticsearch.fullname" . }}
 7 |   labels:
 8 | {{ include "fluentd-elasticsearch.labels" . | indent 4 }}
 9 |     {{- if semverCompare "< 1.6" $striped_version }}
10 |     kubernetes.io/cluster-service: "true"
11 |     {{- end }}
12 |     addonmanager.kubernetes.io/mode: Reconcile
13 |     {{- if .Values.serviceMonitor.labels }}
14 |     {{- toYaml .Values.serviceMonitor.labels | nindent 4 }}
15 |     {{- end }}
16 | spec:
17 |   endpoints:
18 |   - interval: {{ .Values.serviceMonitor.interval }}
19 |     honorLabels: true
20 |     port: metrics
21 |     path: {{ .Values.serviceMonitor.path }}
22 |     {{- if .Values.serviceMonitor.metricRelabelings }}
23 |     metricRelabelings:
24 |     {{- toYaml .Values.serviceMonitor.metricRelabelings | nindent 4 }}
25 |     {{- end }}
26 |     {{- if .Values.serviceMonitor.relabelings }}
27 |     relabelings:
28 |     {{- toYaml .Values.serviceMonitor.relabelings | nindent 4 }}
29 |     {{- end }}
30 |   jobLabel: {{ .Values.serviceMonitor.jobLabel }}
31 |   selector:
32 |     matchLabels:
33 |       app.kubernetes.io/name: {{ template "fluentd-elasticsearch.name" . }}
34 |       app.kubernetes.io/instance: "{{ .Release.Name }}"
35 |   namespaceSelector:
36 |     matchNames:
37 |       - {{ .Release.Namespace }}
38 | {{- end }}
39 | 


--------------------------------------------------------------------------------
/charts/gcp-serviceaccount-controller/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: "0.3.0"
 3 | description: A Helm chart for a Kubernetes Controller to create secrets for GCP Service Accounts
 4 | name: gcp-serviceaccount-controller
 5 | version: 0.3.2
 6 | home: https://github.com/kiwigrid/gcp-serviceaccount-controller
 7 | sources:
 8 | - https://github.com/kiwigrid/gcp-serviceaccount-controller
 9 | maintainers:
10 | - name: rpahli
11 |   email: rico.pahlisch@kiwigrid.com
12 | 


--------------------------------------------------------------------------------
/charts/gcp-serviceaccount-controller/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | {{- if and (eq "" .Values.gcpCredentials) (not .Values.existingSecret)}}
2 | No Service Account key or existing secret defined for this release. Please provide either a base64 encoded service account key or an existing secret containing one.
3 | Bash:
4 |   $ gcloud iam service-accounts keys create ~/key.json --iam-account SA-NAME@PROJECT-ID.iam.gserviceaccount.com
5 |   $ base64 ~/key.json | tr -d '\n'
6 | {{- else}}
7 | {{ .Chart.Name }} successfully installed as {{ .Release.Name }} in {{ .Release.Namespace }}
8 | {{- end}}
9 | 


--------------------------------------------------------------------------------
/charts/gcp-serviceaccount-controller/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "gcp-serviceaccount-controller.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 7 | {{- end -}}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "gcp-serviceaccount-controller.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "gcp-serviceaccount-controller.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 | 


--------------------------------------------------------------------------------
/charts/gcp-serviceaccount-controller/templates/rbac_role.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: {{ include "gcp-serviceaccount-controller.name" . }}
 6 |     helm.sh/chart: {{ include "gcp-serviceaccount-controller.chart" . }}
 7 |     app.kubernetes.io/instance: {{ .Release.Name }}
 8 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
 9 |   name: manager-role
10 | rules:
11 | - apiGroups:
12 |   - apps
13 |   resources:
14 |   - secrets
15 |   verbs:
16 |   - get
17 |   - list
18 |   - watch
19 |   - create
20 |   - update
21 |   - patch
22 |   - delete
23 | - apiGroups:
24 |   - gcp.kiwigrid.com
25 |   resources:
26 |   - gcpserviceaccounts
27 |   - gcpnamespacerestrictions
28 |   verbs:
29 |   - get
30 |   - list
31 |   - watch
32 |   - create
33 |   - update
34 |   - patch
35 |   - delete
36 | - apiGroups:
37 |   - admissionregistration.k8s.io
38 |   resources:
39 |   - mutatingwebhookconfigurations
40 |   - validatingwebhookconfigurations
41 |   verbs:
42 |   - get
43 |   - list
44 |   - watch
45 |   - create
46 |   - update
47 |   - patch
48 |   - delete
49 | - apiGroups:
50 |   - ""
51 |   resources:
52 |   - secrets
53 |   verbs:
54 |   - get
55 |   - list
56 |   - watch
57 |   - create
58 |   - update
59 |   - patch
60 |   - delete
61 | - apiGroups:
62 |   - ""
63 |   resources:
64 |   - services
65 |   verbs:
66 |   - get
67 |   - list
68 |   - watch
69 |   - create
70 |   - update
71 |   - patch
72 |   - delete
73 | 


--------------------------------------------------------------------------------
/charts/gcp-serviceaccount-controller/templates/rbac_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: manager-rolebinding
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "gcp-serviceaccount-controller.name" . }}
 7 |     helm.sh/chart: {{ include "gcp-serviceaccount-controller.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | roleRef:
11 |   apiGroup: rbac.authorization.k8s.io
12 |   kind: ClusterRole
13 |   name: manager-role
14 | subjects:
15 | - kind: ServiceAccount
16 |   name: default
17 |   namespace: {{ .Release.Namespace }}
18 | 


--------------------------------------------------------------------------------
/charts/gcp-serviceaccount-controller/templates/secret.yaml:
--------------------------------------------------------------------------------
 1 | {{- if not .Values.existingSecret }}
 2 | apiVersion: v1
 3 | kind: Secret
 4 | metadata:
 5 |   name: {{ include "gcp-serviceaccount-controller.fullname" . }}
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "gcp-serviceaccount-controller.name" . }}
 8 |     helm.sh/chart: {{ include "gcp-serviceaccount-controller.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}    
11 | data:
12 |   credentials.json: "{{ .Values.gcpCredentials }}"
13 | {{- end -}}


--------------------------------------------------------------------------------
/charts/gcp-serviceaccount-controller/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: {{ include "gcp-serviceaccount-controller.fullname" . }}
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "gcp-serviceaccount-controller.name" . }}
 7 |     helm.sh/chart: {{ include "gcp-serviceaccount-controller.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | spec:
11 |   type: {{ .Values.service.type }}
12 |   ports:
13 |   - port: {{ .Values.service.port }}
14 |     targetPort: http
15 |     protocol: TCP
16 |     name: http
17 |   selector:
18 |     app.kubernetes.io/name: {{ include "gcp-serviceaccount-controller.name" . }}
19 |     app.kubernetes.io/instance: {{ .Release.Name }}
20 | 


--------------------------------------------------------------------------------
/charts/gcp-serviceaccount-controller/values.yaml:
--------------------------------------------------------------------------------
 1 | image:
 2 |   repository: kiwigrid/gcp-serviceaccount-controller
 3 |   tag: 0.3.0
 4 |   pullPolicy: IfNotPresent
 5 | 
 6 | nameOverride: ""
 7 | fullnameOverride: ""
 8 | 
 9 | gcpCredentials: ""
10 | 
11 | # Use a pre-existing secret (ignores gcpCredentials)
12 | # existingSecret:
13 | # The key to use within the existing secret
14 | existingSecretKey: "credentials.json"
15 | 
16 | disableRestrictionCheck: false
17 | service:
18 |   type: ClusterIP
19 |   port: 80
20 | 
21 | resources: {}
22 | #  limits:
23 | #    cpu: 100m
24 | #    memory: 30Mi
25 | #  requests:
26 | #    cpu: 100m
27 | #    memory: 20Mi
28 | 
29 | nodeSelector: {}
30 | 
31 | tolerations: []
32 | 
33 | affinity: {}
34 | 


--------------------------------------------------------------------------------
/charts/grafana-dashboards/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *.orig
18 | *~
19 | # Various IDEs
20 | .project
21 | .idea/
22 | *.tmproj
23 | .vscode/
24 | 


--------------------------------------------------------------------------------
/charts/grafana-dashboards/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: grafana-dashboards
 3 | description: A Helm chart to import Grafana Dashboards
 4 | version: 0.2.0
 5 | icon: https://grafana.com/blog/assets/img/blog/timeshift/grafana_release_icon.png
 6 | home: https://github.com/kiwigrid/helm-charts
 7 | sources:
 8 |   - https://github.com/kiwigrid/helm-charts/tree/master/charts/grafana-dashboards
 9 | maintainers:
10 | - name: monotek
11 |   email: andre.bauer@kiwigrid.com
12 | 


--------------------------------------------------------------------------------
/charts/grafana-dashboards/README.md:
--------------------------------------------------------------------------------
 1 | # grafana-dashboards
 2 | 
 3 | This charts will convert all Grafana dashboards saved as json file in the dashboards directory to a Kubernetes configmap, which can be consumed AUTOMATICALLY by the Grafana dashboard import sidecar.
 4 | 
 5 | See: <https://github.com/helm/charts/tree/master/stable/grafana#sidecar-for-dashboards>
 6 | 
 7 | | Parameter                  | Description                                                          | Default |
 8 | |----------------------------|----------------------------------------------------------------------|---------|
 9 | | `labels.grafana_dashboard` | set grafana_dashboard label                                          | `"1"`   |
10 | | `importFromValue`          | import dashboard form value string instead from dashboards directory | `{}`    |
11 | 


--------------------------------------------------------------------------------
/charts/grafana-dashboards/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Following dahsboards will be imported to Grafana (if sidecar import enabled):
2 | 
3 | {{- $root := . }}
4 | {{ range $path, $bytes := .Files.Glob "dashboards/**.json" }}
5 | * {{ $path | replace "dashboards/" ""}}
6 | {{- end }}
7 | 


--------------------------------------------------------------------------------
/charts/grafana-dashboards/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "grafana-dashboards.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 7 | {{- end }}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "grafana-dashboards.fullname" -}}
15 | {{- if .Values.fullnameOverride }}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
17 | {{- else }}
18 | {{- $name := default .Chart.Name .Values.nameOverride }}
19 | {{- if contains $name .Release.Name }}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" }}
21 | {{- else }}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
23 | {{- end }}
24 | {{- end }}
25 | {{- end }}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "grafana-dashboards.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
32 | {{- end }}
33 | 
34 | {{/*
35 | Common labels
36 | */}}
37 | {{- define "grafana-dashboards.labels" -}}
38 | helm.sh/chart: {{ include "grafana-dashboards.chart" . }}
39 | {{ include "grafana-dashboards.selectorLabels" . }}
40 | {{- if .Chart.AppVersion }}
41 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
42 | {{- end }}
43 | app.kubernetes.io/managed-by: {{ .Release.Service }}
44 | {{- end }}
45 | 
46 | {{/*
47 | Selector labels
48 | */}}
49 | {{- define "grafana-dashboards.selectorLabels" -}}
50 | app.kubernetes.io/name: {{ include "grafana-dashboards.name" . }}
51 | app.kubernetes.io/instance: {{ .Release.Name }}
52 | {{- end }}
53 | 
54 | 


--------------------------------------------------------------------------------
/charts/grafana-dashboards/templates/configmap.yaml:
--------------------------------------------------------------------------------
 1 | {{ $root := . }}
 2 | {{ range $path, $_ :=  .Files.Glob  "dashboards/**.json" }}
 3 | {{- with $root }}
 4 | apiVersion: v1
 5 | kind: ConfigMap
 6 | metadata:
 7 |   name: {{ $path | replace "dashboards/" "" | replace ".json" "" }}
 8 |   labels:
 9 |     {{- include "grafana-dashboards.labels" . | nindent 4 }}
10 | {{ toYaml $.Values.labels | indent 4 }}
11 | data:
12 |   {{ $path | replace "dashboards/" ""}}: |-
13 | {{ .Files.Get $path | indent 4 }}
14 | ---
15 | {{- end -}}
16 | {{- end -}}
17 | {{- range $key, $value := .Values.importFromValue }}
18 | apiVersion: v1
19 | kind: ConfigMap
20 | metadata:
21 |   name: {{ $key }}
22 |   labels:
23 |     {{- include "grafana-dashboards.labels" $ | nindent 4 }}
24 | {{ toYaml $.Values.labels | indent 4 }}
25 | data:
26 |   {{ $key }}.json: |-
27 |     {{ $value }}
28 | ---
29 | {{- end }}
30 | 
31 | 


--------------------------------------------------------------------------------
/charts/grafana-dashboards/values.yaml:
--------------------------------------------------------------------------------
 1 | ## labels to be added to the config maps
 2 | labels:
 3 |   ## grafana_dashboard Enables dashboard import via Grafana sidecar
 4 |   ## ref: https://github.com/helm/charts/tree/master/stable/grafana#sidecar-for-dashboards
 5 |   grafana_dashboard: "1"
 6 | 
 7 | importFromValue:
 8 |   # dashboardName: |-
 9 |   #   {
10 |   #     dashboard json
11 |   #   }
12 | 


--------------------------------------------------------------------------------
/charts/graphite/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | 


--------------------------------------------------------------------------------
/charts/graphite/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v2
 2 | version: 2.0.0
 3 | appVersion: "1.1.10-3"
 4 | description: Graphite metrics server
 5 | name: graphite
 6 | home: https://graphiteapp.org/
 7 | keywords:
 8 | - metrics
 9 | sources:
10 | - https://github.com/graphite-project
11 | - https://github.com/graphite-project/docker-graphite-statsd
12 | maintainers:
13 | - name: fabian-schlegel
14 |   email: fabian.schlegel@kiwigrid.com
15 | - name: monotek
16 |   email: andre.bauer@kiwigrid.com
17 | icon: https://graphiteapp.org/img/graphite-logo_color.png
18 | 


--------------------------------------------------------------------------------
/charts/graphite/OWNERS:
--------------------------------------------------------------------------------
1 | approvers:
2 | - fabian-schlegel
3 | - monotek
4 | reviewers:
5 | - fabian-schlegel
6 | - monotek
7 | 


--------------------------------------------------------------------------------
/charts/graphite/templates/NOTES.txt:
--------------------------------------------------------------------------------
 1 | 1. Get the application URL by running these commands:
 2 | {{- if .Values.ingress.enabled }}
 3 | {{- range .Values.ingress.hosts }}
 4 |   http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }}
 5 | {{- end }}
 6 | {{- else if contains "NodePort" .Values.service.type }}
 7 |   export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "graphite.fullname" . }})
 8 |   export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
 9 |   echo http://$NODE_IP:$NODE_PORT
10 | {{- else if contains "LoadBalancer" .Values.service.type }}
11 |      NOTE: It may take a few minutes for the LoadBalancer IP to be available.
12 |            You can watch the status of by running 'kubectl get svc -w {{ template "graphite.fullname" . }}'
13 |   export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "graphite.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
14 |   echo http://$SERVICE_IP:{{ .Values.service.port }}
15 | {{- else if contains "ClusterIP" .Values.service.type }}
16 |   export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "graphite.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
17 |   echo "Visit http://127.0.0.1:8080 to use your application"
18 |   kubectl port-forward $POD_NAME 8080:80
19 | {{- end }}
20 | 


--------------------------------------------------------------------------------
/charts/graphite/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "graphite.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 7 | {{- end -}}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "graphite.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "graphite.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 | 
34 | {{/*
35 | Define the service Account name
36 | */}}
37 | {{- define "graphite.serviceAccount.name" -}}
38 | {{ default "graphite" .Values.serviceAccount.accountName }}
39 | {{- end -}}


--------------------------------------------------------------------------------
/charts/graphite/templates/configmap-statsd.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ConfigMap
 3 | metadata:
 4 |   name: {{ template "graphite.fullname" . }}-statsd-configmap
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "graphite.name" . }}
 7 |     helm.sh/chart: {{ include "graphite.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | data:
11 | {{- range $key, $value := .Values.statsdConfigMaps }}
12 |   {{ $key }}: |-
13 | {{ $value | indent 4 }}
14 | {{- end }}
15 | 


--------------------------------------------------------------------------------
/charts/graphite/templates/configmap.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ConfigMap
 3 | metadata:
 4 |   name: {{ template "graphite.fullname" . }}-configmap
 5 |   labels:
 6 |     app: {{ template "graphite.name" . }}
 7 |     chart: {{ template "graphite.chart" . }}
 8 |     release: {{ .Release.Name }}
 9 |     heritage: {{ .Release.Service }}
10 | data:
11 | {{- range $key, $value := .Values.configMaps }}
12 |   {{ $key }}: |-
13 | {{ $value | indent 4 }}
14 | {{- end }}
15 | 


--------------------------------------------------------------------------------
/charts/graphite/templates/ingress.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.ingress.enabled -}}
 2 | {{- $fullName := include "graphite.fullname" . -}}
 3 | {{- $ingressPath := .Values.ingress.path -}}
 4 | apiVersion: networking.k8s.io/v1
 5 | kind: Ingress
 6 | metadata:
 7 |   name: {{ $fullName }}
 8 |   labels:
 9 |     app.kubernetes.io/name: {{ include "graphite.name" . }}
10 |     helm.sh/chart: {{ include "graphite.chart" . }}
11 |     app.kubernetes.io/instance: {{ .Release.Name }}
12 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
13 | {{- with .Values.ingress.annotations }}
14 |   annotations:
15 | {{ toYaml . | indent 4 }}
16 | {{- end }}
17 | spec:
18 | {{- if .Values.ingress.tls }}
19 |   tls:
20 |   {{- range .Values.ingress.tls }}
21 |     - hosts:
22 |       {{- range .hosts }}
23 |         - {{ . }}
24 |       {{- end }}
25 |       secretName: {{ .secretName }}
26 |   {{- end }}
27 | {{- end }}
28 |   rules:
29 |   {{- range .Values.ingress.hosts }}
30 |     - host: {{ . }}
31 |       http:
32 |         paths:
33 |           - path: {{ $ingressPath }}
34 |             pathType: Prefix
35 |             backend:
36 |               service:
37 |                 name: {{ $fullName }}
38 |                 port:
39 |                   number: {{ $.Values.service.port }}
40 |   {{- end }}
41 | {{- end }}
42 | 


--------------------------------------------------------------------------------
/charts/graphite/templates/pvc.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.persistence.enabled -}}
 2 | {{- if not .Values.persistence.existingClaim -}}
 3 | kind: PersistentVolumeClaim
 4 | apiVersion: v1
 5 | metadata:
 6 |   name: {{ template "graphite.fullname" . }}-pvc
 7 |   labels:
 8 |     app.kubernetes.io/name: {{ include "graphite.name" . }}
 9 |     helm.sh/chart: {{ include "graphite.chart" . }}
10 |     app.kubernetes.io/instance: {{ .Release.Name }}
11 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
12 | spec:
13 |   accessModes:
14 |     - {{ .Values.persistence.accessMode | quote }}
15 |   resources:
16 |     requests:
17 |       storage: {{ .Values.persistence.size | quote }}
18 | {{- if .Values.persistence.storageClass }}
19 | {{- if (eq "-" .Values.persistence.storageClass) }}
20 |   storageClassName: ""
21 | {{- else }}
22 |   storageClassName: "{{ .Values.persistence.storageClass }}"
23 | {{- end }}
24 | {{- end }}
25 | {{- end }}
26 | {{- end -}}
27 | 


--------------------------------------------------------------------------------
/charts/graphite/templates/role.yaml:
--------------------------------------------------------------------------------
 1 | ---
 2 | {{- if .Values.rbac.create }}
 3 | kind: Role
 4 | apiVersion: rbac.authorization.k8s.io/v1
 5 | metadata:
 6 |   name: {{ include "graphite.serviceAccount.name" . }}-role
 7 |   namespace: {{ .Release.Namespace }}
 8 |   labels:
 9 |     app.kubernetes.io/name: {{ include "graphite.name" . }}
10 |     helm.sh/chart: {{ include "graphite.chart" . }}
11 |     app.kubernetes.io/instance: {{ .Release.Name }}
12 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
13 | rules:
14 |   {{- if .Values.psp.create }}
15 |   - apiGroups: ["extensions"]
16 |     resources: ["podsecuritypolicies"]
17 |     verbs: ["use"]
18 |     resourceNames:
19 |       - pks-privileged
20 |   {{- end }}
21 | {{- end }}


--------------------------------------------------------------------------------
/charts/graphite/templates/rolebinding.yaml:
--------------------------------------------------------------------------------
 1 | ---
 2 | {{- if .Values.rbac.create }}
 3 | kind: RoleBinding
 4 | apiVersion: rbac.authorization.k8s.io/v1
 5 | metadata:
 6 |   name: {{ include "graphite.serviceAccount.name" . }}-rb
 7 |   namespace: {{ .Release.Namespace }}
 8 |   labels:
 9 |     app.kubernetes.io/name: {{ include "graphite.name" . }}
10 |     helm.sh/chart: {{ include "graphite.chart" . }}
11 |     app.kubernetes.io/instance: {{ .Release.Name }}
12 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
13 | roleRef:
14 |   apiGroup: rbac.authorization.k8s.io
15 |   kind: Role
16 |   name: {{ default "graphite" .Values.serviceAccount.accountName }}-role
17 | subjects:
18 |   - kind: ServiceAccount
19 |     name: {{ default "graphite" .Values.serviceAccount.accountName }}
20 |     namespace: {{ .Release.Namespace }}
21 | {{- end }}


--------------------------------------------------------------------------------
/charts/graphite/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: {{ template "graphite.fullname" . }}
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "graphite.name" . }}
 7 |     helm.sh/chart: {{ include "graphite.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | {{- if .Values.service.labels }}
11 | {{ toYaml .Values.service.labels | indent 4 }}
12 | {{- end }}
13 | {{- with .Values.service.annotations }}
14 |   annotations:
15 | {{ toYaml . | indent 4 }}
16 | {{- end }}
17 | spec:
18 |   type: {{ .Values.service.type }}
19 |   ports:
20 |     - name: graphite-pickle
21 |       port: 2004
22 |       protocol: TCP
23 |     - name: graphite-plain
24 |       port: 2003
25 |       protocol: TCP
26 |     - name: graphite-udp
27 |       port: 2003
28 |       protocol: UDP
29 |     - name: graphite-gui
30 |       port: {{ .Values.service.port }}
31 |       protocol: TCP
32 |     - name: aggregate-plain
33 |       port: 2023
34 |       protocol: TCP
35 |     - name: aggregate-pickl
36 |       port: 2024
37 |       protocol: TCP
38 |     - name: statsd
39 |       port: 8125
40 |       protocol: {{ .Values.statsd.interface }}
41 |     - name: statsd-admin
42 |       port: 8126
43 |       protocol: TCP
44 |   selector:
45 |     app.kubernetes.io/name: {{ include "graphite.name" . }}
46 |     app.kubernetes.io/instance: {{ .Release.Name }}
47 | 


--------------------------------------------------------------------------------
/charts/graphite/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and (.Values.serviceAccount.enabled) (.Values.serviceAccount.create) }}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   name: {{ include "graphite.serviceAccount.name" . }}
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     app.kubernetes.io/name: {{ include "graphite.name" . }}
 9 |     helm.sh/chart: {{ include "graphite.chart" . }}
10 |     app.kubernetes.io/instance: {{ .Release.Name }}
11 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
12 | {{- end }}
13 | 


--------------------------------------------------------------------------------
/charts/hawkbit-update-server/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 | 


--------------------------------------------------------------------------------
/charts/hawkbit-update-server/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | version: 2.1.2
 3 | appVersion: "0.3.0M5-mysql"
 4 | description: A Helm chart for hawkbit update server
 5 | name: hawkbit-update-server
 6 | home: https://www.eclipse.org/hawkbit/
 7 | sources:
 8 | - https://github.com/eclipse/hawkbit
 9 | - https://github.com/kiwigrid/helm-charts/tree/master/charts/hawkbit-update-server
10 | icon: https://www.eclipse.org/hawkbit/images/hawkbit_icon.png
11 | deprecated: true
12 | 


--------------------------------------------------------------------------------
/charts/hawkbit-update-server/requirements.yaml:
--------------------------------------------------------------------------------
 1 | dependencies:
 2 |   - name: mysql
 3 |     version: 1.3.2
 4 |     repository: https://kubernetes-charts.storage.googleapis.com/
 5 |     condition: mysql.enabled
 6 |   - name: rabbitmq
 7 |     repository: https://kubernetes-charts.storage.googleapis.com/
 8 |     version: 6.7.4
 9 |     condition: rabbitmq.enabled
10 | 


--------------------------------------------------------------------------------
/charts/hawkbit-update-server/templates/NOTES.txt:
--------------------------------------------------------------------------------
 1 | 1. Get the application URL by running these commands:
 2 | {{- if .Values.ingress.enabled }}
 3 | {{- range $host := .Values.ingress.hosts }}
 4 |   {{- range .paths }}
 5 |   http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }}
 6 |   {{- end }}
 7 | {{- end }}
 8 | {{- else if contains "NodePort" .Values.service.type }}
 9 |   export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "hawkbit-update-server.fullname" . }})
10 |   export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
11 |   echo http://$NODE_IP:$NODE_PORT
12 | {{- else if contains "LoadBalancer" .Values.service.type }}
13 |      NOTE: It may take a few minutes for the LoadBalancer IP to be available.
14 |            You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "hawkbit-update-server.fullname" . }}'
15 |   export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "hawkbit-update-server.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
16 |   echo http://$SERVICE_IP:{{ .Values.service.port }}
17 | {{- else if contains "ClusterIP" .Values.service.type }}
18 |   export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "hawkbit-update-server.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
19 |   echo "Visit http://127.0.0.1:8080 to use your application"
20 |   kubectl port-forward $POD_NAME 8080:{{ .Values.service.port}}
21 | {{- end }}
22 | 


--------------------------------------------------------------------------------
/charts/hawkbit-update-server/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "hawkbit-update-server.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 7 | {{- end -}}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "hawkbit-update-server.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "hawkbit-update-server.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 | 
34 | {{/*
35 | Common labels
36 | */}}
37 | {{- define "hawkbit-update-server.labels" -}}
38 | app.kubernetes.io/name: {{ include "hawkbit-update-server.name" . }}
39 | helm.sh/chart: {{ include "hawkbit-update-server.chart" . }}
40 | app.kubernetes.io/instance: {{ .Release.Name }}
41 | {{- if .Chart.AppVersion }}
42 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
43 | {{- end }}
44 | app.kubernetes.io/managed-by: {{ .Release.Service }}
45 | {{- end -}}
46 | 


--------------------------------------------------------------------------------
/charts/hawkbit-update-server/templates/configmap.yaml:
--------------------------------------------------------------------------------
 1 | kind: ConfigMap
 2 | apiVersion: v1
 3 | metadata:
 4 |   name: {{ include "hawkbit-update-server.fullname" . }}
 5 |   labels:
 6 | {{ include "hawkbit-update-server.labels" . | indent 4 }}  
 7 | data:
 8 |   application.yaml: |-
 9 | {{ toYaml .Values.config.application | indent 4}}
10 | 


--------------------------------------------------------------------------------
/charts/hawkbit-update-server/templates/ingress.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.ingress.enabled -}}
 2 | {{- $fullName := include "hawkbit-update-server.fullname" . -}}
 3 | apiVersion: extensions/v1beta1
 4 | kind: Ingress
 5 | metadata:
 6 |   name: {{ $fullName }}
 7 |   labels:
 8 | {{ include "hawkbit-update-server.labels" . | indent 4 }}
 9 |   {{- with .Values.ingress.annotations }}
10 |   annotations:
11 |     {{- toYaml . | nindent 4 }}
12 |   {{- end }}
13 | spec:
14 | {{- if .Values.ingress.tls }}
15 |   tls:
16 |   {{- range .Values.ingress.tls }}
17 |     - hosts:
18 |       {{- range .hosts }}
19 |         - {{ . | quote }}
20 |       {{- end }}
21 |       secretName: {{ .secretName }}
22 |   {{- end }}
23 | {{- end }}
24 |   rules:
25 |   {{- range .Values.ingress.hosts }}
26 |     - host: {{ .host | quote }}
27 |       http:
28 |         paths:
29 |         {{- range .paths }}
30 |           - path: {{ . }}
31 |             backend:
32 |               serviceName: {{ $fullName }}
33 |               servicePort: http
34 |         {{- end }}
35 |   {{- end }}
36 | {{- end }}
37 | 


--------------------------------------------------------------------------------
/charts/hawkbit-update-server/templates/poddisruptionbudget.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.podDisruptionBudget.enabled (gt .Values.replicaCount 1.0) -}}
 2 | apiVersion: policy/v1beta1
 3 | kind: PodDisruptionBudget
 4 | metadata:
 5 |   name: {{ include "hawkbit-update-server.fullname" . }}
 6 |   labels:
 7 | {{ include "hawkbit-update-server.labels" . | indent 4 }}
 8 | spec:
 9 |   selector:
10 |     matchLabels:
11 |       app.kubernetes.io/name: {{ include "hawkbit-update-server.name" . }}
12 |       app.kubernetes.io/instance: {{ .Release.Name }}
13 |   minAvailable: {{ .Values.podDisruptionBudget.minAvailable }}
14 | {{- end }}
15 | 


--------------------------------------------------------------------------------
/charts/hawkbit-update-server/templates/secrets.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Secret
 3 | metadata:
 4 |   name: {{ template "hawkbit-update-server.fullname" . }}
 5 |   labels:
 6 | {{ include "hawkbit-update-server.labels" . | indent 4 }}  
 7 | type: Opaque
 8 | data:
 9 |   SPRING_APPLICATION_JSON: {{ .Values.config.secrets | toJson | b64enc }}
10 | ---
11 | apiVersion: v1
12 | kind: Secret
13 | metadata:
14 |   name: {{ template "hawkbit-update-server.fullname" . }}-rabbitmq-pass
15 |   labels:
16 |     app.kubernetes.io/name: {{ include "hawkbit-update-server.name" . }}
17 |     helm.sh/chart: {{ include "hawkbit-update-server.chart" . }}
18 |     app.kubernetes.io/instance: {{ .Release.Name }}
19 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
20 | type: Opaque
21 | data:
22 |   rabbitmq-pass: {{ .Values.env.springRabbitmqPassword | b64enc | quote }}
23 | 


--------------------------------------------------------------------------------
/charts/hawkbit-update-server/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: {{ include "hawkbit-update-server.fullname" . }}
 5 |   labels:
 6 | {{ include "hawkbit-update-server.labels" . | indent 4 }}
 7 |   {{- with .Values.service.annotations }}
 8 |   annotations:
 9 |     {{- toYaml . | nindent 4 }}
10 |   {{- end }}
11 | spec:
12 |   type: {{ .Values.service.type }}
13 |   ports:
14 |     - port: {{ .Values.service.port }}
15 |       targetPort: http
16 |       protocol: TCP
17 |       name: http
18 |   selector:
19 |     app.kubernetes.io/name: {{ include "hawkbit-update-server.name" . }}
20 |     app.kubernetes.io/instance: {{ .Release.Name }}
21 | 


--------------------------------------------------------------------------------
/charts/hawkbit-update-server/templates/tests/test-connection.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Pod
 3 | metadata:
 4 |   name: "{{ include "hawkbit-update-server.fullname" . }}-test-connection"
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "hawkbit-update-server.name" . }}
 7 |     helm.sh/chart: {{ include "hawkbit-update-server.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 |   annotations:
11 |     "helm.sh/hook": test-success
12 | spec:
13 |   containers:
14 |     - name: wget
15 |       image: busybox
16 |       command: ['wget']
17 |       args:  ['{{ include "hawkbit-update-server.fullname" . }}:{{ .Values.service.port }}']
18 |   restartPolicy: Never
19 | 


--------------------------------------------------------------------------------
/charts/influxdb-backup/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *.orig
18 | *~
19 | # Various IDEs
20 | .project
21 | .idea/
22 | *.tmproj
23 | .vscode/
24 | 


--------------------------------------------------------------------------------
/charts/influxdb-backup/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | version: 0.2.0
 3 | appVersion: 1.7.10
 4 | name: influxdb-backup
 5 | description: InfluxDB backup Helm chart for Kubernetes
 6 | home: https://www.influxdata.com
 7 | sources:
 8 |   - https://github.com/kiwigrid/helm-charts
 9 |   - https://github.com/influxdata/influxdb
10 | icon: https://upload.wikimedia.org/wikipedia/commons/thumb/c/c6/Influxdb_logo.svg/512px-Influxdb_logo.svg.png
11 | maintainers:
12 | - name: monotek
13 |   email: andre.bauer@kiwigrid.com
14 | 


--------------------------------------------------------------------------------
/charts/influxdb-backup/ci/test-values.yaml:
--------------------------------------------------------------------------------
1 | backup:
2 |   schedule: "* * * * *"
3 | 


--------------------------------------------------------------------------------
/charts/influxdb-backup/templates/NOTES.txt:
--------------------------------------------------------------------------------
 1 | {{- if not .Values.backup.restore.enabled }}
 2 | {{- if .Values.backup.instances}}
 3 | The following InfluxDB Backups are set up: 
 4 | {{ range $instances := .Values.backup.instances }}
 5 | - {{ $instances.host }}
 6 | {{- end }}
 7 | 
 8 | Cronjob will run at: {{ .Values.backup.schedule }}
 9 | 
10 | If you want to execute a backup run now use this command:
11 | 
12 | kubectl -n {{ .Release.Namespace }} create job --from=cronjobs/{{ .Release.Name }} influxdb-backup-$(date +%Y%m%d%H%M%S)
13 | 
14 | {{ else }}
15 | InfluxDB backup chart installed but no instances defined for backup!
16 | Without an configured instance housekeeping is still executet with the configured retention of {{ .Values.backup.retentionDays }} days !
17 | {{- end }}
18 | {{- end }}
19 | 
20 | {{- if .Values.backup.restore.enabled }}
21 | WARNING! RESTORE IS ENABLED! BACKUPS ARE THEREFORE DISABLED AT THE MOMENT!
22 | 
23 | The {{ .Values.backup.restore.db }} database will be restored or recreated from {{ .Values.backup.restore.directory }} on next cronjob run which is set to: {{ .Values.backup.schedule }}!
24 | You can execute the restore now by using the following command:
25 | 
26 | kubectl -n {{ .Release.Namespace }} create job --from=cronjobs/{{ .Release.Name }} influxdb-restore-$(date +%Y%m%d%H%M%S)
27 | 
28 | Please disable restore afterwards and redeploy this chart.
29 | 
30 | {{ end }}
31 | 


--------------------------------------------------------------------------------
/charts/influxdb-backup/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "influxdb-backup.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 7 | {{- end }}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "influxdb-backup.fullname" -}}
15 | {{- if .Values.fullnameOverride }}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
17 | {{- else }}
18 | {{- $name := default .Chart.Name .Values.nameOverride }}
19 | {{- if contains $name .Release.Name }}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" }}
21 | {{- else }}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
23 | {{- end }}
24 | {{- end }}
25 | {{- end }}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "influxdb-backup.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
32 | {{- end }}
33 | 
34 | {{/*
35 | Common labels
36 | */}}
37 | {{- define "influxdb-backup.labels" -}}
38 | helm.sh/chart: {{ include "influxdb-backup.chart" . }}
39 | {{ include "influxdb-backup.selectorLabels" . }}
40 | {{- if .Chart.AppVersion }}
41 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
42 | {{- end }}
43 | app.kubernetes.io/managed-by: {{ .Release.Service }}
44 | {{- end }}
45 | 
46 | {{/*
47 | Selector labels
48 | */}}
49 | {{- define "influxdb-backup.selectorLabels" -}}
50 | app.kubernetes.io/name: {{ include "influxdb-backup.name" . }}
51 | app.kubernetes.io/instance: {{ .Release.Name }}
52 | {{- end }}
53 | 


--------------------------------------------------------------------------------
/charts/influxdb-backup/templates/pvc.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
 2 | kind: PersistentVolumeClaim
 3 | apiVersion: v1
 4 | metadata:
 5 |   name: "{{ template "influxdb-backup.fullname" . }}"
 6 |   labels:
 7 |     {{- include "influxdb-backup.labels" . | nindent 4 }}
 8 | spec:
 9 |   accessModes:
10 |     - {{ .Values.persistence.accessMode | quote }}
11 |   resources:
12 |     requests:
13 |       storage: {{ .Values.persistence.size | quote }}
14 | {{- if .Values.persistence.storageClass }}
15 | {{- if (eq "-" .Values.persistence.storageClass) }}
16 |   storageClassName: ""
17 | {{- else }}
18 |   storageClassName: "{{ .Values.persistence.storageClass }}"
19 | {{- end }}
20 | {{- end }}
21 | {{- end }}
22 | 


--------------------------------------------------------------------------------
/charts/influxdb-backup/templates/secrets.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Secret
 3 | metadata:
 4 |   name: {{ include "influxdb-backup.fullname" . }}
 5 |   labels:
 6 |     {{- include "influxdb-backup.labels" . | nindent 4 }}
 7 | type: Opaque
 8 | data:
 9 |   {{ range $instances := .Values.backup.instances }}
10 |   {{- if (not $instances.existingSecret) }}
11 |   {{ $instances.name }}-admin-password: {{ $instances.pass | b64enc | quote }}
12 |   {{ end }}  
13 |   {{- end }}
14 |   {{- if and (.Values.backup.uploadProviders.google.enabled) (not .Values.backup.uploadProviders.google.existingSecret) -}}
15 |   {{ .Values.backup.uploadProviders.google.secretKey }}: {{ .Values.backup.uploadProviders.google.secret | b64enc | quote }}
16 |   {{- end }}
17 |   {{ if and (.Values.backup.uploadProviders.azure.enabled) (not .Values.backup.uploadProviders.azure.existingSecret) -}}
18 |   {{ .Values.backup.uploadProviders.azure.secretKey }}: {{ .Values.backup.uploadProviders.azure.secret | b64enc | quote }}
19 |   {{- end }}
20 |  


--------------------------------------------------------------------------------
/charts/ingress-annotator/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 | 


--------------------------------------------------------------------------------
/charts/ingress-annotator/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: "0.1.0"
 3 | description: A Helm chart for ingress annotator controller
 4 | name: ingress-annotator
 5 | version: 0.2.0
 6 | home: https://github.com/kiwigrid/ingress-annotator
 7 | sources:
 8 | - https://github.com/kiwigrid/ingress-annotator
 9 | maintainers:
10 | - name: rpahli
11 |   email: rico.pahlisch@kiwigrid.com
12 | 


--------------------------------------------------------------------------------
/charts/ingress-annotator/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | The ingress annotator is now running.
2 | 


--------------------------------------------------------------------------------
/charts/ingress-annotator/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "ingress-annotator.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 7 | {{- end -}}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "ingress-annotator.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "ingress-annotator.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 | 


--------------------------------------------------------------------------------
/charts/ingress-annotator/templates/configmap.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ConfigMap
 3 | metadata:
 4 |   name: {{ include "ingress-annotator.fullname" . }}
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "ingress-annotator.name" . }}
 7 |     helm.sh/chart: {{ include "ingress-annotator.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | data:
11 |   config.yaml: |-
12 |     annotations:
13 | {{- range $key, $val := .Values.config }}
14 |       {{ $key }}:
15 | {{ toYaml $val | indent 8 }}
16 | {{- end}}
17 | 


--------------------------------------------------------------------------------
/charts/ingress-annotator/templates/deployment.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apps/v1
 2 | kind: Deployment
 3 | metadata:
 4 |   name: {{ include "ingress-annotator.fullname" . }}
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "ingress-annotator.name" . }}
 7 |     helm.sh/chart: {{ include "ingress-annotator.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | spec:
11 |   replicas: 1
12 |   selector:
13 |     matchLabels:
14 |       app.kubernetes.io/name: {{ include "ingress-annotator.name" . }}
15 |       app.kubernetes.io/instance: {{ .Release.Name }}
16 |   template:
17 |     metadata:
18 |       labels:
19 |         app.kubernetes.io/name: {{ include "ingress-annotator.name" . }}
20 |         app.kubernetes.io/instance: {{ .Release.Name }}
21 |     spec:
22 |       serviceAccountName: {{ include "ingress-annotator.fullname" . }}
23 |       containers:
24 |         - name: {{ .Chart.Name }}
25 |           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
26 |           imagePullPolicy: {{ .Values.image.pullPolicy }}
27 |           env:
28 |           - name: CONFIG_PATH
29 |             value: /etc/config/config.yaml
30 |           volumeMounts:
31 |           - mountPath: /etc/config
32 |             name: config-volume
33 |           resources:
34 |             {{- toYaml .Values.resources | nindent 12 }}
35 |       {{- with .Values.nodeSelector }}
36 |       nodeSelector:
37 |         {{- toYaml . | nindent 8 }}
38 |       {{- end }}
39 |     {{- with .Values.affinity }}
40 |       affinity:
41 |         {{- toYaml . | nindent 8 }}
42 |     {{- end }}
43 |     {{- with .Values.tolerations }}
44 |       tolerations:
45 |         {{- toYaml . | nindent 8 }}
46 |     {{- end }}
47 |       volumes:
48 |       - configMap:
49 |           name: {{ include "ingress-annotator.fullname" . }}
50 |         name: config-volume


--------------------------------------------------------------------------------
/charts/ingress-annotator/templates/rbac_role.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   name: {{ include "ingress-annotator.fullname" . }}
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "ingress-annotator.name" . }}
 7 |     helm.sh/chart: {{ include "ingress-annotator.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | rules:
11 | - apiGroups:
12 |   - extensions
13 |   resources:
14 |   - ingresses
15 |   verbs:
16 |   - get
17 |   - list
18 |   - watch
19 |   - update
20 |   - patch
21 | 
22 | 


--------------------------------------------------------------------------------
/charts/ingress-annotator/templates/rbac_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: {{ include "ingress-annotator.fullname" . }}
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "ingress-annotator.name" . }}
 7 |     helm.sh/chart: {{ include "ingress-annotator.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | roleRef:
11 |   apiGroup: rbac.authorization.k8s.io
12 |   kind: ClusterRole
13 |   name: {{ include "ingress-annotator.fullname" . }}
14 | subjects:
15 | - kind: ServiceAccount
16 |   name: {{ include "ingress-annotator.fullname" . }}
17 |   namespace: {{ .Release.Namespace }}
18 | 


--------------------------------------------------------------------------------
/charts/ingress-annotator/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ServiceAccount
 3 | metadata:
 4 |   name: {{ include "ingress-annotator.fullname" . }}
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "ingress-annotator.name" . }}
 7 |     helm.sh/chart: {{ include "ingress-annotator.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | 


--------------------------------------------------------------------------------
/charts/ingress-annotator/values.yaml:
--------------------------------------------------------------------------------
 1 | # Default values for ingress-annotator.
 2 | # This is a YAML-formatted file.
 3 | # Declare variables to be passed into your templates.
 4 | 
 5 | image:
 6 |   repository: kiwigrid/ingress-annotator
 7 |   tag: latest
 8 |   pullPolicy: IfNotPresent
 9 | 
10 | nameOverride: ""
11 | fullnameOverride: ""
12 | 
13 | resources: {}
14 |   # We usually recommend not to specify default resources and to leave this as a conscious
15 |   # choice for the user. This also increases chances charts run on environments with little
16 |   # resources, such as Minikube. If you do want to specify resources, uncomment the following
17 |   # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
18 |   # limits:
19 |   #   cpu: 100m
20 |   #   memory: 128Mi
21 |   # requests:
22 |   #   cpu: 100m
23 |   #   memory: 128Mi
24 | 
25 | nodeSelector: {}
26 | 
27 | tolerations: []
28 | 
29 | affinity: {}
30 | 
31 | config: {}
32 |   # global: {}
33 |   # namespaced: {}
34 | 


--------------------------------------------------------------------------------
/charts/keycloak-controller/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 | 


--------------------------------------------------------------------------------
/charts/keycloak-controller/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: "2.0.0"
 3 | description: A Helm chart for a Kubernetes controller to manage Keycloak clients and realms.
 4 | name: keycloak-controller
 5 | version: 0.6.1
 6 | home: https://github.com/kiwigrid/keycloak-controller
 7 | sources:
 8 | - https://github.com/kiwigrid/keycloak-controller
 9 | - https://github.com/kiwigrid/helm-charts/tree/master/charts/keycloak-controller
10 | maintainers:
11 | - name: axdotl
12 |   email: axel.koehler@kiwigrid.com
13 | - name: sschnabe
14 |   email: stephan.schnabel@kiwigrid.com
15 | 


--------------------------------------------------------------------------------
/charts/keycloak-controller/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | keycloak-controller installed.
2 | 
3 | For usage instructions, visit: https://github.com/kiwigrid/keycloak-controller
4 | 


--------------------------------------------------------------------------------
/charts/keycloak-controller/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "keycloak-controller.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 7 | {{- end -}}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "keycloak-controller.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "keycloak-controller.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 | 
34 | {{/*
35 | Common labels
36 | */}}
37 | {{- define "keycloak-controller.labels" -}}
38 | helm.sh/chart: {{ include "keycloak-controller.chart" . }}
39 | app.kubernetes.io/name: {{ include "keycloak-controller.name" . }}
40 | app.kubernetes.io/instance: {{ .Release.Name }}
41 | {{- if .Chart.AppVersion }}
42 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
43 | {{- end }}
44 | app.kubernetes.io/managed-by: {{ .Release.Service }}
45 | {{- end -}}
46 | 


--------------------------------------------------------------------------------
/charts/keycloak-controller/templates/configmap.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ConfigMap
 3 | metadata:
 4 |   name: {{ include "keycloak-controller.fullname" . }}
 5 |   labels:
 6 | {{ include "keycloak-controller.labels" . | indent 4 }}
 7 | data:
 8 |   application-k8s.yaml: |-
 9 |     micronaut:
10 |       metrics:
11 |         export:
12 |           prometheus:
13 |             enabled: {{ .Values.prometheus.enabled }}
14 |             step: {{ .Values.prometheus.step }}
15 |             descriptions: {{ .Values.prometheus.descriptions }}
16 |     endpoints:
17 |       prometheus:
18 |         enabled: {{ .Values.prometheus.enabled }}
19 |     retry-rate: {{ .Values.retryRate }}
20 | 


--------------------------------------------------------------------------------
/charts/keycloak-controller/templates/rbac/role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled -}}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRole
 4 | metadata:
 5 |   name: {{ include "keycloak-controller.fullname" . }}
 6 |   labels:
 7 | {{ include "keycloak-controller.labels" . | indent 4 }}
 8 | rules:
 9 | - apiGroups:
10 |   - ""
11 |   resources:
12 |   - secrets
13 |   verbs:
14 |   - get
15 |   - create
16 | - apiGroups:
17 |   - k8s.kiwigrid.com
18 |   resources:
19 |   - keycloaks
20 |   - keycloakrealms
21 |   - keycloakclients
22 |   - keycloakclientscopes
23 |   verbs:
24 |   - get
25 |   - list
26 |   - watch
27 |   - update
28 | {{- end -}}
29 | 


--------------------------------------------------------------------------------
/charts/keycloak-controller/templates/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enabled -}}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRoleBinding
 4 | metadata:
 5 |   name: {{ include "keycloak-controller.fullname" . }}
 6 |   labels:
 7 | {{ include "keycloak-controller.labels" . | indent 4 }}
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: {{ include "keycloak-controller.fullname" . }}
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: {{ include "keycloak-controller.fullname" . }}
15 |   namespace: {{ .Release.Namespace }}
16 | {{- end -}}
17 | 


--------------------------------------------------------------------------------
/charts/keycloak-controller/templates/rbac/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.rbac.enabled -}}
2 | apiVersion: v1
3 | kind: ServiceAccount
4 | metadata:
5 |   name: {{ include "keycloak-controller.fullname" . }}
6 |   labels:
7 | {{ include "keycloak-controller.labels" . | indent 4 }}
8 | {{- end -}}
9 | 


--------------------------------------------------------------------------------
/charts/keycloak-controller/values.yaml:
--------------------------------------------------------------------------------
 1 | # Default values for keycloak-controller.
 2 | # This is a YAML-formatted file.
 3 | # Declare variables to be passed into your templates.
 4 | 
 5 | replicaCount: 1
 6 | 
 7 | image:
 8 |   repository: kiwigrid/keycloak-controller
 9 |   tag: 2.0.0
10 |   pullPolicy: IfNotPresent
11 | 
12 | nameOverride: ""
13 | fullnameOverride: ""
14 | 
15 | rbac:
16 |   enabled: true
17 | 
18 | ## retryRate for retrying failed resources
19 | retryRate: 60s
20 | 
21 | prometheus:
22 |   enabled: false
23 |   port: 8080
24 |   path: /endpoints/prometheus
25 |   step: PT5s
26 |   descriptions: false
27 | 
28 | readinessProbe:
29 |   timeoutSeconds: 1
30 |   initialDelaySeconds: 10
31 |   periodSeconds: 2
32 |   failureThreshold: 55
33 | livenessProbe:
34 |   timeoutSeconds: 1
35 |   initialDelaySeconds: 120
36 |   periodSeconds: 30
37 |   failureThreshold: 3
38 | 
39 | javaToolOptions: "-Xms48m -Xmx48m -XX:MetaspaceSize=56m -XX:MaxMetaspaceSize=56m -XX:ReservedCodeCacheSize=8m -XX:CompressedClassSpaceSize=12m -XX:MaxDirectMemorySize=1m"
40 | 
41 | gcpLogging: true
42 | 
43 | ## Controls whether watching only for events in its namespace
44 | namespaced: true
45 | 
46 | resources: {}
47 |   # We usually recommend not to specify default resources and to leave this as a conscious
48 |   # choice for the user. This also increases chances charts run on environments with little
49 |   # resources, such as Minikube. If you do want to specify resources, uncomment the following
50 |   # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
51 |   # limits:
52 |   #   cpu: 200m
53 |   #   memory: 256Mi
54 |   # requests:
55 |   #   cpu: 100m
56 |   #   memory: 192Mi
57 | 
58 | nodeSelector: {}
59 | 
60 | tolerations: []
61 | 
62 | affinity: {}
63 | 


--------------------------------------------------------------------------------
/charts/kubernetes-policy-controller/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | 


--------------------------------------------------------------------------------
/charts/kubernetes-policy-controller/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: "1.2"
 3 | description: A Helm chart for Kubernetes Policy Controller and the open policy agent to manage your cluster policies
 4 | name: kubernetes-policy-controller
 5 | version: 0.1.2
 6 | home: https://github.com/kiwigrid/helm-charts
 7 | icon: https://www.openpolicyagent.org/img/opa-logo.svg
 8 | sources:
 9 | - https://github.com/open-policy-agent/kubernetes-policy-controller
10 | - https://github.com/open-policy-agent/opa
11 | maintainers:
12 | - name: rpahli
13 |   email: rico.pahlisch@kiwigrid.com
14 | 


--------------------------------------------------------------------------------
/charts/kubernetes-policy-controller/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | successful setup opa in your cluster.
2 | Please see https://www.openpolicyagent.org/ for more infos an how to create policies inside your cluster.
3 | 
4 | 


--------------------------------------------------------------------------------
/charts/kubernetes-policy-controller/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "kubernetes-policy-controller.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 7 | {{- end -}}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "kubernetes-policy-controller.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "kubernetes-policy-controller.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 | 


--------------------------------------------------------------------------------
/charts/kubernetes-policy-controller/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
 1 | 
 2 | kind: ClusterRoleBinding
 3 | apiVersion: rbac.authorization.k8s.io/v1
 4 | metadata:
 5 |   name: {{ .Release.Name }}-opa-viewer
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "kubernetes-policy-controller.name" . }}
 8 |     helm.sh/chart: {{ include "kubernetes-policy-controller.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | roleRef:
12 |   kind: ClusterRole
13 |   name: view
14 |   apiGroup: rbac.authorization.k8s.io
15 | subjects:
16 | - kind: Group
17 |   name: system:serviceaccounts:{{ .Release.Namespace }}
18 |   apiGroup: rbac.authorization.k8s.io
19 | 


--------------------------------------------------------------------------------
/charts/kubernetes-policy-controller/templates/matches-configmap.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ConfigMap
 3 | metadata:
 4 |   name: {{ .Release.Name }}-kubernetes-matches
 5 |   namespace: {{ .Release.Namespace }}
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "kubernetes-policy-controller.name" . }}
 8 |     helm.sh/chart: {{ include "kubernetes-policy-controller.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | data:
12 |   matches.rego: |-
13 |     package k8s
14 |     import data.kubernetes
15 | 
16 |     matches[[kind, namespace, name, resource]] {
17 |       resource := kubernetes[kind][namespace][name].object
18 |     }
19 | 
20 |     matches[[kind, namespace, name, resource]] {
21 |         resource := kubernetes[kind][namespace][name]
22 |     }
23 | 


--------------------------------------------------------------------------------
/charts/kubernetes-policy-controller/templates/policymatches-configmap.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ConfigMap
 3 | metadata:
 4 |   name: {{ .Release.Name }}-kubernetes-policymatches
 5 |   namespace: {{ .Release.Namespace }}
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "kubernetes-policy-controller.name" . }}
 8 |     helm.sh/chart: {{ include "kubernetes-policy-controller.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | data:
12 |   matches.rego: |-
13 |     package k8s
14 |     import data.kubernetes.policies
15 | 
16 |     # Matches provides an abstraction to find policies that match the (name). 
17 |     policymatches[[name, policy]] {
18 |         policy := policies[name]
19 |     }
20 | 


--------------------------------------------------------------------------------
/charts/kubernetes-policy-controller/templates/role.yaml:
--------------------------------------------------------------------------------
 1 | kind: Role
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | metadata:
 4 |   namespace: {{ .Release.Namespace }}
 5 |   name: {{ .Release.Name }}-configmap-modifier
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "kubernetes-policy-controller.name" . }}
 8 |     helm.sh/chart: {{ include "kubernetes-policy-controller.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | rules:
12 | - apiGroups: [""]
13 |   resources: ["configmaps"]
14 |   verbs: ["update", "patch"]
15 | 


--------------------------------------------------------------------------------
/charts/kubernetes-policy-controller/templates/rolebinding.yaml:
--------------------------------------------------------------------------------
 1 | kind: RoleBinding
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | metadata:
 4 |   namespace: {{ .Release.Namespace }}
 5 |   name: {{ .Release.Name }}-configmap-modifier
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "kubernetes-policy-controller.name" . }}
 8 |     helm.sh/chart: {{ include "kubernetes-policy-controller.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | roleRef:
12 |   kind: Role
13 |   name: {{ .Release.Name }}-configmap-modifier
14 |   apiGroup: rbac.authorization.k8s.io
15 | subjects:
16 | - kind: Group
17 |   name: system:serviceaccounts:{{ .Release.Namespace }}
18 |   apiGroup: rbac.authorization.k8s.io
19 | 


--------------------------------------------------------------------------------
/charts/kubernetes-policy-controller/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: {{ include "kubernetes-policy-controller.fullname" . }}
 5 |   namespace: {{ .Release.Namespace }}
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "kubernetes-policy-controller.name" . }}
 8 |     helm.sh/chart: {{ include "kubernetes-policy-controller.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | spec:
12 |   type: {{ .Values.service.type }}
13 |   ports:  
14 |   - name: https
15 |     protocol: TCP
16 |     port: 443
17 |     targetPort: 443
18 |   selector:
19 |     app.kubernetes.io/name: {{ include "kubernetes-policy-controller.name" . }}
20 |     app.kubernetes.io/instance: {{ .Release.Name }}
21 | 


--------------------------------------------------------------------------------
/charts/kubernetes-policy-controller/values.yaml:
--------------------------------------------------------------------------------
 1 | # Default values for kubernetes-policy-controller.
 2 | # This is a YAML-formatted file.
 3 | # Declare variables to be passed into your templates.
 4 | 
 5 | replicaCount: 1
 6 | 
 7 | image:
 8 |   opa:
 9 |     repository: openpolicyagent/opa
10 |     tag: 0.10.1
11 |     pullPolicy: IfNotPresent
12 |   kubeMgmt:
13 |     repository: openpolicyagent/kube-mgmt
14 |     tag: 0.6
15 |     pullPolicy: IfNotPresent
16 |   kubernetesPolicyController:
17 |     repository: nikhilbh/kubernetes-policy-controller
18 |     tag: 1.2
19 |     pullPolicy: IfNotPresent
20 | 
21 | nameOverride: ""
22 | fullnameOverride: ""
23 | 
24 | service:
25 |   type: ClusterIP
26 |   port: 443
27 | 
28 | resources: {}
29 |   # We usually recommend not to specify default resources and to leave this as a conscious
30 |   # choice for the user. This also increases chances charts run on environments with little
31 |   # resources, such as Minikube. If you do want to specify resources, uncomment the following
32 |   # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
33 |   # limits:
34 |   #  cpu: 100m
35 |   #  memory: 128Mi
36 |   # requests:
37 |   #  cpu: 100m
38 |   #  memory: 128Mi
39 | 
40 | nodeSelector: {}
41 | 
42 | tolerations: []
43 | 
44 | affinity: {}
45 | 
46 | # To enforce mutating policies, change to MutatingWebhookConfiguration, ValidatingWebhookConfiguration
47 | admissionControllerKind: MutatingWebhookConfiguration
48 | admissionControllerFailurePolicy: Ignore
49 | 
50 | generateAdmissionControllerCerts: true
51 | admissionControllerCA: ""
52 | admissionControllerCert: ""
53 | admissionControllerKey: ""
54 | 
55 | admissionControllerRules:
56 |   - operations: ["CREATE", "UPDATE"]
57 |     apiGroups: ["*"]
58 |     apiVersions: ["*"]
59 |     resources: ["*"]
60 | 


--------------------------------------------------------------------------------
/charts/prometheus-pingdom-exporter/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 | 


--------------------------------------------------------------------------------
/charts/prometheus-pingdom-exporter/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: prometheus-pingdom-exporter
 3 | version: 2.2.1
 4 | appVersion: 20180821-1
 5 | home: https://github.com/giantswarm/prometheus-pingdom-exporter
 6 | description: DEPRECATED ! - A Helm chart for Prometheus Pingdom Exporter
 7 | keywords:
 8 | - prometheus
 9 | - pingdom
10 | sources:
11 | - https://github.com/giantswarm/prometheus-pingdom-exporter
12 | - https://github.com/camptocamp/prometheus-pingdom-exporter
13 | icon: https://raw.githubusercontent.com/cncf/artwork/master/prometheus/icon/color/prometheus-icon-color.svg
14 | deprecated: true
15 | 


--------------------------------------------------------------------------------
/charts/prometheus-pingdom-exporter/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | !! CHART HAS BEEN DEPRECATED AND MOVED TO https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-pingdom-exporter> !!
 2 | 
 3 | {{/* vim: set filetype=mustache: */}}
 4 | {{/*
 5 | Expand the name of the chart.
 6 | */}}
 7 | {{- define "prometheus-pingdom-exporter.name" -}}
 8 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 9 | {{- end -}}
10 | 
11 | {{/*
12 | Create a default fully qualified app name.
13 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
14 | If release name contains chart name it will be used as a full name.
15 | */}}
16 | {{- define "prometheus-pingdom-exporter.fullname" -}}
17 | {{- if .Values.fullnameOverride -}}
18 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
19 | {{- else -}}
20 | {{- $name := default .Chart.Name .Values.nameOverride -}}
21 | {{- if contains $name .Release.Name -}}
22 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
23 | {{- else -}}
24 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
25 | {{- end -}}
26 | {{- end -}}
27 | {{- end -}}
28 | 
29 | {{/*
30 | Create chart name and version as used by the chart label.
31 | */}}
32 | {{- define "prometheus-pingdom-exporter.chart" -}}
33 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
34 | {{- end -}}
35 | 


--------------------------------------------------------------------------------
/charts/prometheus-pingdom-exporter/templates/secret.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Secret
 3 | metadata:
 4 |   name: {{ include "prometheus-pingdom-exporter.name" . }}
 5 |   {{- if .Values.secret.annotations }}
 6 |   annotations:
 7 |     {{- toYaml .Values.secret.annotations | nindent 4 }}
 8 |   {{- end }}
 9 |   labels:
10 |     app.kubernetes.io/name: {{ include "prometheus-pingdom-exporter.name" . }}
11 |     helm.sh/chart: {{ include "prometheus-pingdom-exporter.name" . }}
12 |     app.kubernetes.io/instance: {{ .Release.Name }}
13 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
14 | type: Opaque
15 | data:
16 |   user: {{ .Values.pingdom.user | b64enc }}
17 |   password: {{ .Values.pingdom.password | b64enc }}
18 |   appId: {{ .Values.pingdom.appId | b64enc }}
19 |   accountEmail: {{ .Values.pingdom.accountEmail | b64enc }}
20 | 


--------------------------------------------------------------------------------
/charts/prometheus-pingdom-exporter/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: {{ include "prometheus-pingdom-exporter.fullname" . }}
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "prometheus-pingdom-exporter.name" . }}
 7 |     helm.sh/chart: {{ include "prometheus-pingdom-exporter.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | {{- if .Values.service.annotations }}
11 |   annotations:
12 | {{ toYaml .Values.service.annotations | indent 4 }}
13 | {{- end }}
14 | spec:
15 |   type: {{ .Values.service.type }}
16 |   ports:
17 |     - port: {{ .Values.service.port }}
18 |       targetPort: http
19 |       protocol: TCP
20 |       name: http
21 |   selector:
22 |     app.kubernetes.io/name: {{ include "prometheus-pingdom-exporter.name" . }}
23 |     app.kubernetes.io/instance: {{ .Release.Name }}
24 | 


--------------------------------------------------------------------------------
/charts/prometheus-pingdom-exporter/values.yaml:
--------------------------------------------------------------------------------
 1 | # Default values for prometheus-pingdom-exporter.
 2 | # This is a YAML-formatted file.
 3 | # Declare variables to be passed into your templates.
 4 | 
 5 | replicaCount: 1
 6 | 
 7 | image:
 8 |   # we use camptocamp/prometheus-pingdom-exporter image as giantswarm did not publish recent versions after 0.1.1
 9 |   repository: camptocamp/prometheus-pingdom-exporter
10 |   tag: 20180821-1
11 |   pullPolicy: IfNotPresent
12 | 
13 | nameOverride: ""
14 | fullnameOverride: ""
15 | 
16 | service:
17 |   type: ClusterIP
18 |   port: 9100
19 |   annotations: {}
20 |     # prometheus.io/scrape: "true"
21 |     # prometheus.io/port: "9100"
22 | 
23 | resources: {}
24 |   # We usually recommend not to specify default resources and to leave this as a conscious
25 |   # choice for the user. This also increases chances charts run on environments with little
26 |   # resources, such as Minikube. If you do want to specify resources, uncomment the following
27 |   # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
28 |   # limits:
29 |   #  cpu: 100m
30 |   #  memory: 128Mi
31 |   # requests:
32 |   #  cpu: 100m
33 |   #  memory: 128Mi
34 | 
35 | nodeSelector: {}
36 | 
37 | tolerations: []
38 | 
39 | affinity: {}
40 | 
41 | # configuration of the pingdom credentials
42 | pingdom:
43 |   # username of the pingdom account
44 |   user: somebody@invalid
45 |   # password of the pingdom account
46 |   password: totallysecret
47 |   # application id / api secret can be created on the pingdom website
48 |   appId: alsototallysecret
49 |   # account email of the account owner if using multiaccount / team accounts
50 |   accountEmail: somebodyorelse@invalid
51 |   # time (in seconds) between accessing the Pingdom  API
52 |   wait: 10
53 | 
54 | pod:
55 |   annotations: {}
56 |     # key: "true"
57 |     # example: "false"
58 | 
59 | secret:
60 |   annotations: {}
61 |     # key: "true"
62 |     # example: "false"
63 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: "0.32.4"
 3 | description: A Helm chart for thanos monitoring components
 4 | name: prometheus-thanos
 5 | version: 5.0.0
 6 | home: https://github.com/thanos-io/thanos
 7 | sources:
 8 | - https://github.com/thanos-io/thanos
 9 | - https://github.com/kiwigrid/helm-charts/tree/master/charts/prometheus-thanos
10 | icon: https://raw.githubusercontent.com/thanos-io/thanos/master/docs/img/Thanos-logo_fullmedium.png
11 | maintainers:
12 | - name: rpahli
13 |   email: rico.pahlisch@kiwigrid.com
14 | - name: axdotl
15 |   email: axel.koehler@kiwigrid.com
16 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/requirements.yaml:
--------------------------------------------------------------------------------
1 | dependencies:
2 | - name: minio
3 |   version: 7.0.2
4 |   repository: https://helm.min.io/
5 |   condition: minio.enabled
6 | - name: any-resource
7 |   version: 0.1.0
8 |   repository: https://kiwigrid.github.io/
9 |   condition: any-resource.enabled


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Store gateway and querier now running.
2 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "prometheus-thanos.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 7 | {{- end -}}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "prometheus-thanos.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "prometheus-thanos.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 | 
34 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/bucket-web/service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.bucketWebInterface.enabled -}}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-bucket-web-interface
 6 | {{- if .Values.service.bucketWebInterface.annotations }}
 7 |   annotations:
 8 | {{ toYaml .Values.service.bucketWebInterface.annotations | indent 4 }}
 9 | {{- end }}
10 |   labels:
11 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-bucket-web-interface
12 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
13 |     app.kubernetes.io/instance: {{ .Release.Name }}
14 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
15 | spec:
16 |   type: {{ .Values.service.bucketWebInterface.type }}
17 |   ports:
18 |     - port: {{ .Values.service.bucketWebInterface.http.port }}
19 |       targetPort: http
20 |       protocol: TCP
21 |       name: http
22 |   selector:
23 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-bucket-web-interface
24 |     app.kubernetes.io/instance: {{ .Release.Name }}
25 | {{- end }}
26 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/bucket-web/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.bucketWebInterface.enabled .Values.bucketWebInterface.serviceAccount.create -}}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-bucket-web-interface
 6 | {{- if .Values.bucketWebInterface.serviceAccount.annotations }}
 7 |   annotations:
 8 | {{ toYaml .Values.bucketWebInterface.serviceAccount.annotations | indent 4 }}
 9 | {{- end }}
10 |   labels:
11 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-bucket-web-interface
12 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
13 |     app.kubernetes.io/instance: {{ .Release.Name }}
14 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
15 | {{- end }}
16 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/compactor/service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.compact.enabled -}}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-compact
 6 | {{- if .Values.service.compact.annotations }}
 7 |   annotations:
 8 | {{ toYaml .Values.service.compact.annotations | indent 4 }}
 9 | {{- end }}
10 |   labels:
11 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-compact
12 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
13 |     app.kubernetes.io/instance: {{ .Release.Name }}
14 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
15 | spec:
16 |   type: {{ .Values.service.compact.type }}
17 |   ports:
18 |     - port: {{ .Values.service.compact.http.port }}
19 |       targetPort: monitoring
20 |       protocol: TCP
21 |       name: http
22 |   selector:
23 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-compact
24 |     app.kubernetes.io/instance: {{ .Release.Name }}
25 | {{- end }}
26 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/compactor/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.compact.enabled .Values.compact.serviceAccount.create -}}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-compact
 6 | {{- if .Values.compact.serviceAccount.annotations }}
 7 |   annotations:
 8 | {{ toYaml .Values.compact.serviceAccount.annotations | indent 4 }}
 9 | {{- end }}
10 |   labels:
11 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-compact
12 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
13 |     app.kubernetes.io/instance: {{ .Release.Name }}
14 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
15 | {{- end }}
16 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/querier/deployment-hpa.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.querier.enabled .Values.querier.autoscaling.enabled -}}
 2 | apiVersion: autoscaling/v1
 3 | kind: HorizontalPodAutoscaler
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-querier
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-querier
 8 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | spec:
12 |   scaleTargetRef:
13 |     apiVersion: apps/v1
14 |     kind: Deployment
15 |     name: {{ include "prometheus-thanos.fullname" . }}-querier
16 |   minReplicas: {{ .Values.querier.autoscaling.minReplicas }}
17 |   maxReplicas: {{ .Values.querier.autoscaling.maxReplicas }}
18 | {{- with .Values.querier.autoscaling.metrics }}
19 |   metrics: 
20 |     {{- toYaml . | nindent 4 }}
21 | {{- end }}
22 | {{- end }}
23 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/querier/service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.querier.enabled -}}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-querier
 6 | {{- if .Values.service.querier.annotations }}
 7 |   annotations:
 8 | {{ toYaml .Values.service.querier.annotations | indent 4 }}
 9 | {{- end }}
10 |   labels:
11 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-querier
12 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
13 |     app.kubernetes.io/instance: {{ .Release.Name }}
14 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
15 | spec:
16 |   type: {{ .Values.service.querier.type }}
17 |   ports:
18 |     - port: {{ .Values.service.querier.http.port }}
19 |       targetPort: http
20 |       protocol: TCP
21 |       name: http
22 |     - port: {{ .Values.service.querier.grpc.port }}
23 |       targetPort: grpc
24 |       protocol: TCP
25 |       name: grpc
26 |   selector:
27 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-querier
28 |     app.kubernetes.io/instance: {{ .Release.Name }}
29 | {{- end }}
30 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/querier/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.querier.enabled .Values.querier.serviceAccount.create -}}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-querier
 6 | {{- if .Values.querier.serviceAccount.annotations }}
 7 |   annotations:
 8 | {{ toYaml .Values.querier.serviceAccount.annotations | indent 4 }}
 9 | {{- end }}
10 |   labels:
11 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-querier
12 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
13 |     app.kubernetes.io/instance: {{ .Release.Name }}
14 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
15 | {{- end }}
16 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/query-frontend/deployment-hpa.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.queryFrontend.enabled .Values.queryFrontend.autoscaling.enabled -}}
 2 | apiVersion: autoscaling/v1
 3 | kind: HorizontalPodAutoscaler
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-query-frontend
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-query-frontend
 8 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | spec:
12 |   scaleTargetRef:
13 |     apiVersion: apps/v1
14 |     kind: Deployment
15 |     name: {{ include "prometheus-thanos.fullname" . }}-query-frontend
16 |   minReplicas: {{ .Values.queryFrontend.autoscaling.minReplicas }}
17 |   maxReplicas: {{ .Values.queryFrontend.autoscaling.maxReplicas }}
18 | {{- with .Values.querier.autoscaling.metrics }}
19 |   metrics: 
20 |     {{- toYaml . | nindent 4 }}
21 | {{- end }}
22 | {{- end }}
23 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/query-frontend/service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.queryFrontend.enabled -}}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-query-frontend
 6 | {{- if .Values.service.queryFrontend.annotations }}
 7 |   annotations:
 8 | {{ toYaml .Values.service.queryFrontend.annotations | indent 4 }}
 9 | {{- end }}
10 |   labels:
11 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-query-frontend
12 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
13 |     app.kubernetes.io/instance: {{ .Release.Name }}
14 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
15 | spec:
16 |   type: {{ .Values.service.queryFrontend.type }}
17 |   ports:
18 |     - port: {{ .Values.service.queryFrontend.http.port }}
19 |       targetPort: http
20 |       protocol: TCP
21 |       name: http
22 |   selector:
23 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-query-frontend
24 |     app.kubernetes.io/instance: {{ .Release.Name }}
25 | {{- end }}
26 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/query-frontend/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.queryFrontend.enabled .Values.queryFrontend.serviceAccount.create -}}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-query-frontend
 6 | {{- if .Values.queryFrontend.serviceAccount.annotations }}
 7 |   annotations:
 8 | {{ toYaml .Values.queryFrontend.serviceAccount.annotations | indent 4 }}
 9 | {{- end }}
10 |   labels:
11 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-query-frontend
12 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
13 |     app.kubernetes.io/instance: {{ .Release.Name }}
14 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
15 | {{- end }}
16 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/receiver/hashring-configmap.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.receiver.enabled -}}
 2 | apiVersion: v1
 3 | kind: ConfigMap
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-receiver-hashring
 6 | data:
 7 |   hashrings.json: |
 8 |     [
 9 |       {
10 |         "endpoints": [
11 |           {{- range $i, $e := until (int .Values.receiver.replicaCount) }}
12 |             "{{ include "prometheus-thanos.fullname" $ }}-receiver-{{ $i }}.{{ include "prometheus-thanos.fullname" $ }}-receiver.{{ $.Release.Namespace }}.svc.cluster.local:{{ $.Values.service.receiver.grpc.port }}"
13 | 
14 |             {{- if lt $i (sub (int $.Values.receiver.replicaCount) 1) -}}
15 |             ,
16 |             {{- end -}}
17 |           {{- end }}
18 |         ]
19 |       }
20 |     ]
21 | {{- end }}
22 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/receiver/service.yaml:
--------------------------------------------------------------------------------
 1 | {{- /*
 2 | See comments in ./statefulset.yaml about why this is headless
 3 | */}}
 4 | 
 5 | {{- if .Values.receiver.enabled -}}
 6 | apiVersion: v1
 7 | kind: Service
 8 | metadata:
 9 |   name: {{ include "prometheus-thanos.fullname" . }}-receiver
10 | {{- if .Values.service.receiver.annotations }}
11 |   annotations:
12 | {{ toYaml .Values.service.receiver.annotations | indent 4 }}
13 | {{- end }}
14 |   labels:
15 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-receiver
16 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
17 |     app.kubernetes.io/instance: {{ .Release.Name }}
18 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
19 | spec:
20 |   clusterIP: None
21 |   ports:
22 |     - port: {{ .Values.service.receiver.http.port }}
23 |       targetPort: http
24 |       protocol: TCP
25 |       name: http
26 |     - port: {{ .Values.service.receiver.httpRemoteWrite.port }}
27 |       targetPort: http-rw
28 |       protocol: TCP
29 |       name: http-rw
30 |     - port: {{ .Values.service.receiver.grpc.port }}
31 |       targetPort: grpc
32 |       protocol: TCP
33 |       name: grpc
34 |   selector:
35 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-receiver
36 |     app.kubernetes.io/instance: {{ .Release.Name }}
37 | {{- end }}
38 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/receiver/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.receiver.enabled .Values.receiver.serviceAccount.create -}}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-receiver
 6 | {{- if .Values.receiver.serviceAccount.annotations }}
 7 |   annotations:
 8 | {{ toYaml .Values.receiver.serviceAccount.annotations | indent 4 }}
 9 | {{- end }}
10 |   labels:
11 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-receiver
12 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
13 |     app.kubernetes.io/instance: {{ .Release.Name }}
14 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
15 | {{- end }}
16 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/ruler/clusterrole.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.ruler.sidecar.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRole
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-ruler
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-ruler
 8 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | rules:
12 | - apiGroups:
13 |   - ""
14 |   resources:
15 |   - configmaps
16 |   verbs:
17 |   - get
18 |   - list
19 |   - watch
20 | {{- end }}
21 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/ruler/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.ruler.sidecar.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRoleBinding
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-ruler
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-ruler
 8 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | roleRef:
12 |   apiGroup: rbac.authorization.k8s.io
13 |   kind: ClusterRole
14 |   name: {{ include "prometheus-thanos.fullname" . }}-ruler
15 | subjects:
16 | - kind: ServiceAccount
17 |   name: {{ include "prometheus-thanos.fullname" . }}-ruler
18 |   namespace: {{ .Release.Namespace }}
19 | {{- end }}
20 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/ruler/configmap.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.ruler.enabled -}}
 2 | apiVersion: v1
 3 | kind: ConfigMap
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-ruler
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-ruler
 8 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | data:
12 |   default.rules.yaml: |
13 |   {{- if .Values.ruler.config }}
14 |     {{- .Values.ruler.config | toYaml | nindent 4 }}
15 |   {{- end }}
16 | {{- end }}
17 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/ruler/service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.ruler.enabled -}}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-ruler
 6 | {{- if .Values.service.ruler.annotations }}
 7 |   annotations:
 8 | {{ toYaml .Values.service.ruler.annotations | indent 4 }}
 9 | {{- end }}
10 |   labels:
11 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-ruler
12 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
13 |     app.kubernetes.io/instance: {{ .Release.Name }}
14 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
15 | spec:
16 |   type: {{ .Values.service.ruler.type }}
17 |   ports:
18 |     - port: {{ .Values.service.ruler.http.port }}
19 |       targetPort: http
20 |       protocol: TCP
21 |       name: http
22 |     - port: {{ .Values.service.ruler.grpc.port }}
23 |       targetPort: grpc
24 |       protocol: TCP
25 |       name: grpc
26 |   selector:
27 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-ruler
28 |     app.kubernetes.io/instance: {{ .Release.Name }}
29 | {{- end }}
30 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/ruler/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.ruler.enabled -}}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-ruler
 6 | {{- if .Values.ruler.serviceAccount.annotations }}
 7 |   annotations:
 8 | {{ toYaml .Values.ruler.serviceAccount.annotations | indent 4 }}
 9 | {{- end }}
10 |   labels:
11 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-ruler
12 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
13 |     app.kubernetes.io/instance: {{ .Release.Name }}
14 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
15 | {{- end }}
16 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/store-gateway/service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.storeGateway.enabled -}}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-store-gateway
 6 | {{- if .Values.service.storeGateway.annotations }}
 7 |   annotations:
 8 | {{ toYaml .Values.service.storeGateway.annotations | indent 4 }}
 9 | {{- end }}
10 |   labels:
11 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-store-gateway
12 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
13 |     app.kubernetes.io/instance: {{ .Release.Name }}
14 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
15 | spec:
16 |   type: {{ .Values.service.storeGateway.type }}
17 |   ports:
18 |     - port: {{ .Values.service.storeGateway.http.port }}
19 |       targetPort: http
20 |       protocol: TCP
21 |       name: http
22 |     - port: {{ .Values.service.storeGateway.grpc.port }}
23 |       targetPort: grpc
24 |       protocol: TCP
25 |       name: grpc
26 |   selector:
27 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-store-gateway
28 |     app.kubernetes.io/instance: {{ .Release.Name }}
29 | {{- end }}
30 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/store-gateway/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.storeGateway.enabled .Values.storeGateway.serviceAccount.create -}}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-store-gateway
 6 | {{- if .Values.storeGateway.serviceAccount.annotations }}
 7 |   annotations:
 8 | {{ toYaml .Values.storeGateway.serviceAccount.annotations | indent 4 }}
 9 | {{- end }}
10 |   labels:
11 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-store-gateway
12 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
13 |     app.kubernetes.io/instance: {{ .Release.Name }}
14 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
15 | {{- end }}
16 | 


--------------------------------------------------------------------------------
/charts/prometheus-thanos/templates/store-gateway/statefulset-hpa.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.storeGateway.enabled .Values.storeGateway.autoscaling.enabled -}}
 2 | apiVersion: autoscaling/v1
 3 | kind: HorizontalPodAutoscaler
 4 | metadata:
 5 |   name: {{ include "prometheus-thanos.fullname" . }}-store-gateway
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "prometheus-thanos.name" . }}-store-gateway
 8 |     helm.sh/chart: {{ include "prometheus-thanos.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | spec:
12 |   scaleTargetRef:
13 |     apiVersion: apps/v1
14 |     kind: StatefulSet
15 |     name: {{ include "prometheus-thanos.fullname" . }}-store-gateway
16 |   minReplicas: {{ .Values.storeGateway.autoscaling.minReplicas }}
17 |   maxReplicas: {{ .Values.storeGateway.autoscaling.maxReplicas }}
18 | {{ with  .Values.storeGateway.autoscaling.metrics }}
19 |   metrics:
20 |     {{- toYaml . | nindent 4 }}
21 | {{- end }}
22 | {{- end }}
23 | 


--------------------------------------------------------------------------------
/charts/pull-secret-distributor/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | 


--------------------------------------------------------------------------------
/charts/pull-secret-distributor/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: "25"
 3 | description: A Helm chart to distribute pull secret across namespaces
 4 | name: pull-secret-distributor
 5 | version: 0.3.1
 6 | home: https://github.com/kiwigrid/pull-secret-distributor
 7 | sources:
 8 | - https://github.com/kiwigrid/pull-secret-distributor
 9 | deprecated: true
10 | 


--------------------------------------------------------------------------------
/charts/pull-secret-distributor/README.md:
--------------------------------------------------------------------------------
1 | # Pull secret distributor
2 | 
3 | This chart was renamed and is therefore deprecated.
4 | 
5 | Please use [secret-replicator](https://github.com/kiwigrid/helm-charts/tree/master/charts/secret-replicator) instead.
6 | 
7 | 


--------------------------------------------------------------------------------
/charts/pull-secret-distributor/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Deployments successful installed.
2 | 
3 | you can check if it's working by creating a new namespace. The pull secrets should be populated to the new namespace.
4 | 


--------------------------------------------------------------------------------
/charts/pull-secret-distributor/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "pull-secret-distributor.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 7 | {{- end -}}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "pull-secret-distributor.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "pull-secret-distributor.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 | 


--------------------------------------------------------------------------------
/charts/pull-secret-distributor/templates/cluster-role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRole
 4 | metadata:
 5 |   name: {{ template "pull-secret-distributor.fullname" . }}-ca
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "pull-secret-distributor.name" . }}
 8 |     helm.sh/chart: {{ include "pull-secret-distributor.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | rules:
12 | - apiGroups:
13 |     - ""
14 |   resources:
15 |     - "secrets"
16 |     - "namespaces"
17 |   verbs:
18 |     - "*"
19 | {{- end -}}
20 | 


--------------------------------------------------------------------------------
/charts/pull-secret-distributor/templates/cluster-rolebinding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRoleBinding
 4 | metadata:
 5 |   name: {{ template "pull-secret-distributor.fullname" . }}-crb
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "pull-secret-distributor.name" . }}
 8 |     helm.sh/chart: {{ include "pull-secret-distributor.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | roleRef:
12 |   apiGroup: rbac.authorization.k8s.io
13 |   kind: ClusterRole
14 |   name: {{ template "pull-secret-distributor.fullname" . }}-ca
15 | subjects:
16 | - kind: ServiceAccount
17 |   name: {{ template "pull-secret-distributor.fullname" . }}-sa
18 |   namespace: {{ .Release.Namespace }}
19 | {{- end }}
20 | 


--------------------------------------------------------------------------------
/charts/pull-secret-distributor/templates/deployment.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apps/v1
 2 | kind: Deployment
 3 | metadata:
 4 |   name: {{ include "pull-secret-distributor.fullname" . }}
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "pull-secret-distributor.name" . }}
 7 |     helm.sh/chart: {{ include "pull-secret-distributor.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | spec:
11 |   replicas: 1
12 |   selector:
13 |     matchLabels:
14 |       app.kubernetes.io/name: {{ include "pull-secret-distributor.name" . }}
15 |       app.kubernetes.io/instance: {{ .Release.Name }}
16 |   template:
17 |     metadata:
18 |       labels:
19 |         app.kubernetes.io/name: {{ include "pull-secret-distributor.name" . }}
20 |         app.kubernetes.io/instance: {{ .Release.Name }}
21 |     spec:
22 |       serviceAccountName: {{ template "pull-secret-distributor.fullname" . }}-sa
23 |       containers:
24 |         - name: {{ .Chart.Name }}
25 |           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
26 |           imagePullPolicy: {{ .Values.image.pullPolicy }}
27 |           env:
28 |           - name: PULL_SECRETS
29 |             value: {{ .Values.pullSecrets }}
30 |           - name: IGNORE_NAMESPACES
31 |             value: {{ .Values.ignoreNamespaces }}
32 |           resources:
33 | {{ toYaml .Values.resources | indent 12 }}
34 |       imagePullSecrets:
35 |       - name: registry-secret
36 |     {{- with .Values.nodeSelector }}
37 |       nodeSelector:
38 | {{ toYaml . | indent 8 }}
39 |     {{- end }}
40 |     {{- with .Values.affinity }}
41 |       affinity:
42 | {{ toYaml . | indent 8 }}
43 |     {{- end }}
44 |     {{- with .Values.tolerations }}
45 |       tolerations:
46 | {{ toYaml . | indent 8 }}
47 |     {{- end }}
48 | 


--------------------------------------------------------------------------------
/charts/pull-secret-distributor/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enabled }}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   name: {{ template "pull-secret-distributor.fullname" . }}-sa
 6 |   labels:  
 7 |     app.kubernetes.io/name: {{ include "pull-secret-distributor.name" . }}
 8 |     helm.sh/chart: {{ include "pull-secret-distributor.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | {{- end }}
12 | 


--------------------------------------------------------------------------------
/charts/pull-secret-distributor/values.yaml:
--------------------------------------------------------------------------------
 1 | # Default values for pull-secret-distributor.
 2 | # This is a YAML-formatted file.
 3 | # Declare variables to be passed into your templates.
 4 | 
 5 | image:
 6 |   repository: kiwigrid/pull-secret-distributor
 7 |   tag: 25
 8 |   pullPolicy: IfNotPresent
 9 | # csv list of secrets
10 | pullSecrets: ""
11 | # pullSecrets: "secret1,secret2
12 | 
13 | ignoreNamespaces: "kube-system,kube-public"
14 | rbac:
15 |   enabled: true
16 | 
17 | resources: {}
18 |   # limits:
19 |   #   cpu: 50m
20 |   #   memory: 20Mi
21 |   # requests:
22 |   #   cpu: 20m
23 |   #   memory: 20Mi
24 | 
25 | nodeSelector: {}
26 | 
27 | tolerations: []
28 | 
29 | affinity: {}
30 | 


--------------------------------------------------------------------------------
/charts/secret-replicator/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | 


--------------------------------------------------------------------------------
/charts/secret-replicator/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: "0.2.0"
 3 | description: A Helm chart to replicate secret across namespaces
 4 | name: secret-replicator
 5 | version: 0.6.0
 6 | home: https://github.com/kiwigrid/secret-replicator
 7 | sources:
 8 | - https://github.com/kiwigrid/secret-replicator
 9 | maintainers:
10 | - name: rpahli
11 |   email: rico.pahlisch@kiwigrid.com
12 | 


--------------------------------------------------------------------------------
/charts/secret-replicator/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Deployments successful installed.
2 | 
3 | you can check if it's working by creating a new namespace. The pull secrets should be populated to the new namespace.
4 | 


--------------------------------------------------------------------------------
/charts/secret-replicator/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "secret-replicator.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 7 | {{- end -}}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "secret-replicator.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "secret-replicator.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 | 


--------------------------------------------------------------------------------
/charts/secret-replicator/templates/cluster-role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRole
 4 | metadata:
 5 |   name: {{ template "secret-replicator.fullname" . }}-ca
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "secret-replicator.name" . }}
 8 |     helm.sh/chart: {{ include "secret-replicator.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | rules:
12 | - apiGroups:
13 |     - ""
14 |   resources:
15 |     - "secrets"
16 |     - "namespaces"
17 |   verbs:
18 |     - "*"
19 | {{- end -}}
20 | 


--------------------------------------------------------------------------------
/charts/secret-replicator/templates/cluster-rolebinding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enabled }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRoleBinding
 4 | metadata:
 5 |   name: {{ template "secret-replicator.fullname" . }}-crb
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "secret-replicator.name" . }}
 8 |     helm.sh/chart: {{ include "secret-replicator.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | roleRef:
12 |   apiGroup: rbac.authorization.k8s.io
13 |   kind: ClusterRole
14 |   name: {{ template "secret-replicator.fullname" . }}-ca
15 | subjects:
16 | - kind: ServiceAccount
17 |   name: {{ template "secret-replicator.fullname" . }}-sa
18 |   namespace: {{ .Release.Namespace }}
19 | {{- end }}
20 | 


--------------------------------------------------------------------------------
/charts/secret-replicator/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enabled }}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   name: {{ template "secret-replicator.fullname" . }}-sa
 6 |   labels:  
 7 |     app.kubernetes.io/name: {{ include "secret-replicator.name" . }}
 8 |     helm.sh/chart: {{ include "secret-replicator.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
11 | {{- end }}
12 | 


--------------------------------------------------------------------------------
/charts/secret-replicator/values.yaml:
--------------------------------------------------------------------------------
 1 | # Default values for secret-replicator.
 2 | # This is a YAML-formatted file.
 3 | # Declare variables to be passed into your templates.
 4 | 
 5 | image:
 6 |   repository: kiwigrid/secret-replicator
 7 |   tag: 0.2.0
 8 |   pullPolicy: IfNotPresent
 9 |   ## Specify ImagePullSecrets for Pods
10 |   ## ref: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
11 |   # pullSecrets: myregistrykey
12 | 
13 | # csv list of secrets
14 | secretList: ""
15 | # secretList: "secret1,secret2
16 | 
17 | ignoreNamespaces: "kube-system,kube-public"
18 | 
19 | # If defined, allow secret-replicator to watch for secrets in _another_ namespace
20 | secretNamespace:
21 | 
22 | rbac:
23 |   enabled: true
24 | 
25 | resources: {}
26 |   # limits:
27 |   #   cpu: 50m
28 |   #   memory: 20Mi
29 |   # requests:
30 |   #   cpu: 20m
31 |   #   memory: 20Mi
32 | 
33 | nodeSelector: {}
34 | 
35 | tolerations: []
36 | 
37 | affinity: {}
38 | 


--------------------------------------------------------------------------------
/charts/spring-cloud-config-server/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 | 


--------------------------------------------------------------------------------
/charts/spring-cloud-config-server/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: "2.1.3.RELEASE"
 3 | description: A Helm chart for Spring Cloud Config Server
 4 | name: spring-cloud-config-server
 5 | version: 0.1.3
 6 | home: https://github.com/hyness/spring-cloud-config-server
 7 | sources:
 8 | - https://github.com/hyness/spring-cloud-config-server
 9 | - https://github.com/kiwigrid/helm-charts/tree/master/charts/spring-cloud-config-server
10 | maintainers:
11 | - name: rpahli
12 |   email: rico.pahlisch@kiwigrid.com
13 | 


--------------------------------------------------------------------------------
/charts/spring-cloud-config-server/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Spring cloud config server is now running
2 | 


--------------------------------------------------------------------------------
/charts/spring-cloud-config-server/templates/ingress.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.ingress.enabled -}}
 2 | {{- $fullName := include "spring-cloud-config-server.fullname" . -}}
 3 | apiVersion: networking.k8s.io/v1beta1
 4 | kind: Ingress
 5 | metadata:
 6 |   name: {{ $fullName }}
 7 |   labels:
 8 |     {{- include "spring-cloud-config-server.labels" . | nindent 4 }}
 9 |   {{- with .Values.ingress.annotations }}
10 |   annotations:
11 |     {{- toYaml . | nindent 4 }}
12 |   {{- end }}
13 | spec:
14 | {{- if .Values.ingress.tls }}
15 |   tls:
16 |   {{- range .Values.ingress.tls }}
17 |     - hosts:
18 |       {{- range .hosts }}
19 |         - {{ . | quote }}
20 |       {{- end }}
21 |       secretName: {{ .secretName }}
22 |   {{- end }}
23 | {{- end }}
24 |   rules:
25 |   {{- range .Values.ingress.hosts }}
26 |     - host: {{ .host | quote }}
27 |       http:
28 |         paths:
29 |         {{- range .paths }}
30 |           - path: {{ . }}
31 |             backend:
32 |               serviceName: {{ $fullName }}
33 |               servicePort: http
34 |         {{- end }}
35 |   {{- end }}
36 | {{- end }}
37 | 


--------------------------------------------------------------------------------
/charts/spring-cloud-config-server/templates/secret.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Secret
 3 | type: Opaque
 4 | metadata:
 5 |   name: {{ include "spring-cloud-config-server.fullname" . }}
 6 |   labels:
 7 | {{ include "spring-cloud-config-server.labels" . | indent 4 }}
 8 | data:
 9 |   {{- if .Values.secrets.gitUsername }}
10 |   gitUsername: {{ .Values.secrets.gitUsername | b64enc | quote }}
11 |   {{- else }}
12 |   gitUsername: {{ randAlphaNum 20 | b64enc | quote }}
13 |   {{- end }}
14 |   {{- if .Values.secrets.gitPassword }}
15 |   gitPassword: {{ .Values.secrets.gitPassword | b64enc | quote }}
16 |   {{- else }}
17 |   gitPassword: {{ randAlphaNum 20 | b64enc | quote }}
18 |   {{- end }}
19 | ---
20 | {{- if .Values.secrets.githubPrivateKey }}
21 | apiVersion: v1
22 | kind: Secret
23 | type: Opaque
24 | metadata:
25 |   name: {{ include "spring-cloud-config-server.fullname" . }}-githubprivatekey
26 |   labels:
27 | {{ include "spring-cloud-config-server.labels" . | indent 4 }}
28 | data:
29 |   id_rsa: {{ .Values.secrets.githubPrivateKey }}
30 |   known_hosts: {{ .Values.secrets.githubKnownHosts }}
31 | {{- end }}
32 | 


--------------------------------------------------------------------------------
/charts/spring-cloud-config-server/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: {{ include "spring-cloud-config-server.fullname" . }}
 5 |   labels:
 6 |     {{- include "spring-cloud-config-server.labels" . | nindent 4 }}
 7 | spec:
 8 |   type: {{ .Values.service.type }}
 9 |   ports:
10 |     - port: {{ .Values.service.port }}
11 |       targetPort: http
12 |       protocol: TCP
13 |       name: http
14 |   selector:
15 |     {{- include "spring-cloud-config-server.selectorLabels" . | nindent 4 }}
16 | 
17 | 


--------------------------------------------------------------------------------
/charts/spring-cloud-config-server/values.yaml:
--------------------------------------------------------------------------------
 1 | # Default values for spring-cloud-config-server.
 2 | # This is a YAML-formatted file.
 3 | # Declare variables to be passed into your templates.
 4 | 
 5 | replicaCount: 1
 6 | 
 7 | image:
 8 |   repository: hyness/spring-cloud-config-server
 9 |   tag: 2.1.3.RELEASE
10 |   pullPolicy: IfNotPresent
11 | 
12 | imagePullSecrets: []
13 | nameOverride: ""
14 | fullnameOverride: ""
15 | 
16 | service:
17 |   type: ClusterIP
18 |   port: 80
19 | 
20 | ingress:
21 |   enabled: false
22 |   annotations: {}
23 |     # kubernetes.io/ingress.class: nginx
24 |     # kubernetes.io/tls-acme: "true"
25 |   hosts:
26 |     - host: chart-example.local
27 |       paths: []
28 | 
29 |   tls: []
30 |   #  - secretName: chart-example-tls
31 |   #    hosts:
32 |   #      - chart-example.local
33 | 
34 | resources: {}
35 |   # We usually recommend not to specify default resources and to leave this as a conscious
36 |   # choice for the user. This also increases chances charts run on environments with little
37 |   # resources, such as Minikube. If you do want to specify resources, uncomment the following
38 |   # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
39 |   # limits:
40 |   #   cpu: 100m
41 |   #   memory: 128Mi
42 |   # requests:
43 |   #   cpu: 100m
44 |   #   memory: 128Mi
45 | 
46 | nodeSelector: {}
47 | 
48 | tolerations: []
49 | 
50 | affinity: {}
51 | 
52 | podTemplate:
53 |   annotations: {}
54 | 
55 | extraEnv: []
56 | config:
57 |   gitUri: ""
58 |   gitSearchpath: "{application}"
59 | 
60 | secrets:
61 |   gitUsername: ""
62 |   gitPassword: ""
63 | # Github deploy key auth method. Base64 coded known_hosts and private key.
64 | # githubKnownHosts: ""
65 | # githubPrivateKey: ""
66 | 
67 | 


--------------------------------------------------------------------------------
/charts/stackdriver-exporter/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 | 


--------------------------------------------------------------------------------
/charts/stackdriver-exporter/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: "0.6.0"
 3 | description: A Helm chart for exporting stackdriver metrics to prometheus
 4 | name: stackdriver-exporter
 5 | version: 0.2.0
 6 | home: https://github.com/frodenas/stackdriver_exporter
 7 | sources:
 8 | - https://github.com/frodenas/stackdriver_exporter
 9 | maintainers:
10 | - name: rpahli
11 |   email: rico.pahlisch@kiwigrid.com
12 | 


--------------------------------------------------------------------------------
/charts/stackdriver-exporter/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Deployments successful installed.
2 | 
3 | you can check if it's working by forwarding the port 9255 and visit localhost:9255/metrics
4 | 
5 |   export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "stackdriver-exporter.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
6 |   echo "Visit http://127.0.0.1:9255/metrics to use your application"
7 |   kubectl port-forward $POD_NAME 9255
8 |   


--------------------------------------------------------------------------------
/charts/stackdriver-exporter/templates/gcpserviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.usingGCPController }}
 2 | apiVersion: gcp.kiwigrid.com/v1beta1
 3 | kind: GcpServiceAccount
 4 | metadata:
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "stackdriver-exporter.name" . }}
 7 |     helm.sh/chart: {{ include "stackdriver-exporter.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 |   name: {{ template "stackdriver-exporter.fullname" . }}
11 | spec:
12 |   serviceAccountIdentifier: {{ template "stackdriver-exporter.serviceAccountName" . }}
13 |   serviceAccountDescription: Service account for accessing stackdriver metrics for prometheus
14 |   secretName: {{ template "stackdriver-exporter.gcpsecretName" . }}
15 |   bindings:
16 |   - resource: "//cloudresourcemanager.googleapis.com/projects/{{required "gcp.projectId has to be set" .Values.gcp.projectId }}"
17 |     roles:
18 |     - roles/monitoring.viewer
19 | {{ end }}
20 | 


--------------------------------------------------------------------------------
/charts/stackdriver-exporter/templates/secret.yaml:
--------------------------------------------------------------------------------
 1 | {{- if not .Values.usingGCPController }}
 2 | apiVersion: v1
 3 | kind: Secret
 4 | metadata:
 5 |   name: {{ template "stackdriver-exporter.gcpsecretName" . }}
 6 |   labels:
 7 |     app.kubernetes.io/name: {{ include "stackdriver-exporter.name" . }}
 8 |     helm.sh/chart: {{ include "stackdriver-exporter.chart" . }}
 9 |     app.kubernetes.io/instance: {{ .Release.Name }}
10 |     app.kubernetes.io/managed-by: {{ .Release.Service }}    
11 | data:
12 |   credentials.json: "{{ required "gcpCredentials has to be set if usingGCPController is false" .Values.gcpCredentials }}"
13 | {{ end }}
14 | 


--------------------------------------------------------------------------------
/charts/zipkin-stackdriver-proxy/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 | 


--------------------------------------------------------------------------------
/charts/zipkin-stackdriver-proxy/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: "v0.6.0"
 3 | description: A Helm chart for Zipkin Stackdriver proxy
 4 | name: zipkin-stackdriver-proxy
 5 | version: 0.1.0
 6 | home: https://github.com/openzipkin/zipkin-gcp
 7 | sources:
 8 |   - https://github.com/openzipkin/zipkin-gcp
 9 | maintainers:
10 |   - name: rpahli
11 |     email: rico.pahlisch@kiwigrid.com
12 | 


--------------------------------------------------------------------------------
/charts/zipkin-stackdriver-proxy/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Your Zipkin proxy is now running and can collect traces from your apps
2 | 


--------------------------------------------------------------------------------
/charts/zipkin-stackdriver-proxy/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "zipkin-stackdriver-proxy.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 7 | {{- end -}}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "zipkin-stackdriver-proxy.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "zipkin-stackdriver-proxy.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 | 


--------------------------------------------------------------------------------
/charts/zipkin-stackdriver-proxy/templates/deployment.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apps/v1
 2 | kind: Deployment
 3 | metadata:
 4 |   name: {{ include "zipkin-stackdriver-proxy.fullname" . }}
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "zipkin-stackdriver-proxy.name" . }}
 7 |     helm.sh/chart: {{ include "zipkin-stackdriver-proxy.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | spec:
11 |   replicas: {{ .Values.replicaCount }}
12 |   selector:
13 |     matchLabels:
14 |       app.kubernetes.io/name: {{ include "zipkin-stackdriver-proxy.name" . }}
15 |       app.kubernetes.io/instance: {{ .Release.Name }}
16 |   template:
17 |     metadata:
18 |       labels:
19 |         app.kubernetes.io/name: {{ include "zipkin-stackdriver-proxy.name" . }}
20 |         app.kubernetes.io/instance: {{ .Release.Name }}
21 |     spec:
22 |       containers:
23 |         - name: {{ .Chart.Name }}
24 |           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
25 |           imagePullPolicy: {{ .Values.image.pullPolicy }}
26 |           ports:
27 |             - name: http
28 |               containerPort: 9411
29 |               protocol: TCP
30 |           livenessProbe:
31 |             httpGet:
32 |               path: /health
33 |               port: http
34 |           readinessProbe:
35 |             httpGet:
36 |               path: /health
37 |               port: http
38 |           resources:
39 |             {{- toYaml .Values.resources | nindent 12 }}
40 |       {{- with .Values.nodeSelector }}
41 |       nodeSelector:
42 |         {{- toYaml . | nindent 8 }}
43 |       {{- end }}
44 |     {{- with .Values.affinity }}
45 |       affinity:
46 |         {{- toYaml . | nindent 8 }}
47 |     {{- end }}
48 |     {{- with .Values.tolerations }}
49 |       tolerations:
50 |         {{- toYaml . | nindent 8 }}
51 |     {{- end }}
52 | 


--------------------------------------------------------------------------------
/charts/zipkin-stackdriver-proxy/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: {{ include "zipkin-stackdriver-proxy.fullname" . }}
 5 |   labels:
 6 |     app.kubernetes.io/name: {{ include "zipkin-stackdriver-proxy.name" . }}
 7 |     helm.sh/chart: {{ include "zipkin-stackdriver-proxy.chart" . }}
 8 |     app.kubernetes.io/instance: {{ .Release.Name }}
 9 |     app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | spec:
11 |   type: {{ .Values.service.type }}
12 |   ports:
13 |     - port: {{ .Values.service.port }}
14 |       targetPort: http
15 |       protocol: TCP
16 |       name: http
17 |   selector:
18 |     app.kubernetes.io/name: {{ include "zipkin-stackdriver-proxy.name" . }}
19 |     app.kubernetes.io/instance: {{ .Release.Name }}
20 | 


--------------------------------------------------------------------------------
/charts/zipkin-stackdriver-proxy/values.yaml:
--------------------------------------------------------------------------------
 1 | # Default values for zipkin-stackdriver-proxy.
 2 | # This is a YAML-formatted file.
 3 | # Declare variables to be passed into your templates.
 4 | 
 5 | replicaCount: 1
 6 | 
 7 | image:
 8 |   repository: gcr.io/stackdriver-trace-docker/zipkin-collector
 9 |   tag: v0.6.0
10 |   pullPolicy: IfNotPresent
11 | 
12 | nameOverride: ""
13 | fullnameOverride: ""
14 | 
15 | service:
16 |   type: ClusterIP
17 |   port: 9411
18 | 
19 | resources: {}
20 |   # We usually recommend not to specify default resources and to leave this as a conscious
21 |   # choice for the user. This also increases chances charts run on environments with little
22 |   # resources, such as Minikube. If you do want to specify resources, uncomment the following
23 |   # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
24 |   # limits:
25 |   #  cpu: 100m
26 |   #  memory: 128Mi
27 |   # requests:
28 |   #  cpu: 100m
29 |   #  memory: 128Mi
30 | 
31 | nodeSelector: {}
32 | 
33 | tolerations: []
34 | 
35 | affinity: {}
36 | 


--------------------------------------------------------------------------------