diff --git a/charts/testkube-cloud-api/.argocd-source-dev-testkube-cloud-api.yaml b/charts/testkube-cloud-api/.argocd-source-dev-testkube-cloud-api.yaml index 408f79c1d..511799a10 100644 --- a/charts/testkube-cloud-api/.argocd-source-dev-testkube-cloud-api.yaml +++ b/charts/testkube-cloud-api/.argocd-source-dev-testkube-cloud-api.yaml @@ -4,5 +4,5 @@ helm: value: kubeshop/testkube-cloud-api forcestring: true - name: image.tag - value: 1.7.0-rc-37d51f3 + value: 1.6.7-rc-832fdf0 forcestring: true diff --git a/charts/testkube-cloud-api/.argocd-source-edge-testkube-cloud-api.yaml b/charts/testkube-cloud-api/.argocd-source-edge-testkube-cloud-api.yaml index b9ad006c6..8f5625fb1 100644 --- a/charts/testkube-cloud-api/.argocd-source-edge-testkube-cloud-api.yaml +++ b/charts/testkube-cloud-api/.argocd-source-edge-testkube-cloud-api.yaml @@ -4,5 +4,5 @@ helm: value: kubeshop/testkube-cloud-api forcestring: true - name: image.tag - value: 1.7.0-dev-2f6494d + value: 1.7.0-dev-bf894c2 forcestring: true diff --git a/charts/testkube-cloud-api/.argocd-source-norauto-testkube-cloud-api.yaml b/charts/testkube-cloud-api/.argocd-source-norauto-testkube-cloud-api.yaml index 4e4cf82a2..408f79c1d 100644 --- a/charts/testkube-cloud-api/.argocd-source-norauto-testkube-cloud-api.yaml +++ b/charts/testkube-cloud-api/.argocd-source-norauto-testkube-cloud-api.yaml @@ -4,5 +4,5 @@ helm: value: kubeshop/testkube-cloud-api forcestring: true - name: image.tag - value: 1.6.5-rc-0156232 + value: 1.7.0-rc-37d51f3 forcestring: true diff --git a/charts/testkube-cloud-api/templates/deployment.yaml b/charts/testkube-cloud-api/templates/deployment.yaml index 0558341ae..9f3489bb7 100644 --- a/charts/testkube-cloud-api/templates/deployment.yaml +++ b/charts/testkube-cloud-api/templates/deployment.yaml @@ -294,7 +294,7 @@ spec: - name: {{ $key }} valueFrom: secretKeyRef: - key: {{ $key }} + key: {{ $value }} name: api-external-secrets {{ end }} {{- end}} diff --git a/charts/testkube-cloud-api/values.yaml b/charts/testkube-cloud-api/values.yaml index 377f46979..057352226 100644 --- a/charts/testkube-cloud-api/values.yaml +++ b/charts/testkube-cloud-api/values.yaml @@ -44,7 +44,7 @@ replicaCount: 1 image: repository: kubeshop/testkube-cloud-api pullPolicy: IfNotPresent - tag: "1.6.4" + tag: "1.6.7" imagePullSecrets: [] nameOverride: "" fullnameOverride: "" @@ -273,7 +273,6 @@ statusPagesIngress: minio: # -- Toggle whether to deploy MinIO enabled: false - # -- MinIO full name override fullnameOverride: "" # -- MinIO name override diff --git a/charts/testkube-cloud-ui/.argocd-source-edge-testkube-cloud-ui.yaml b/charts/testkube-cloud-ui/.argocd-source-edge-testkube-cloud-ui.yaml index 9eb107761..90b968b02 100644 --- a/charts/testkube-cloud-ui/.argocd-source-edge-testkube-cloud-ui.yaml +++ b/charts/testkube-cloud-ui/.argocd-source-edge-testkube-cloud-ui.yaml @@ -4,5 +4,5 @@ helm: value: kubeshop/testkube-cloud-ui forcestring: true - name: image.tag - value: 1.7.0-dev-db16081 + value: 1.7.0-dev-545d777 forcestring: true diff --git a/charts/testkube-cloud-ui/.argocd-source-norauto-testkube-cloud-ui.yaml b/charts/testkube-cloud-ui/.argocd-source-norauto-testkube-cloud-ui.yaml index 63bdf8a93..eeddcba5e 100644 --- a/charts/testkube-cloud-ui/.argocd-source-norauto-testkube-cloud-ui.yaml +++ b/charts/testkube-cloud-ui/.argocd-source-norauto-testkube-cloud-ui.yaml @@ -1,8 +1,8 @@ helm: parameters: - name: image.name - value: kubeshop/testkube-cloud-ui + value: kubeshop/testkube-enterprise-ui forcestring: true - name: image.tag - value: 1.4.0-rc-a614087 + value: 1.6.4 forcestring: true diff --git a/charts/testkube-enterprise/Chart.lock b/charts/testkube-enterprise/Chart.lock index e12fcce90..930b8be30 100644 --- a/charts/testkube-enterprise/Chart.lock +++ b/charts/testkube-enterprise/Chart.lock @@ -1,7 +1,7 @@ dependencies: - name: common repository: https://charts.bitnami.com/bitnami - version: 2.2.5 + version: 2.13.3 - name: testkube-cloud-api repository: file://../testkube-cloud-api version: 1.22.1 @@ -10,12 +10,12 @@ dependencies: version: 1.21.0 - name: dex repository: https://charts.dexidp.io - version: 0.14.1 + version: 0.15.3 - name: mongodb repository: https://charts.bitnami.com/bitnami - version: 13.10.2 + version: 14.3.0 - name: nats repository: https://nats-io.github.io/k8s/helm/charts/ - version: 0.14.2 -digest: sha256:3db2e044500e5e5163ff02e66d02de9af4a6e8568f40ecd27d14e12699fe99d6 -generated: "2023-11-15T11:53:44.862905823Z" + version: 1.1.5 +digest: sha256:1642d9202556a1e81bb8eb7a7aa63fe1db5dbf44cb43e33f3e9120ac84772a50 +generated: "2023-11-21T14:21:23.636115+01:00" diff --git a/charts/testkube-enterprise/Chart.yaml b/charts/testkube-enterprise/Chart.yaml index c48f47307..e57376c54 100644 --- a/charts/testkube-enterprise/Chart.yaml +++ b/charts/testkube-enterprise/Chart.yaml @@ -5,7 +5,7 @@ type: application version: 1.34.1 dependencies: - name: common - version: 2.2.5 + version: 2.13.3 repository: https://charts.bitnami.com/bitnami - name: testkube-cloud-api version: 1.22.1 @@ -14,15 +14,15 @@ dependencies: version: 1.21.0 repository: file://../testkube-cloud-ui - name: dex - version: 0.14.1 + version: 0.15.3 repository: https://charts.dexidp.io condition: dex.enabled - name: mongodb - version: 13.10.2 + version: 14.3.0 repository: https://charts.bitnami.com/bitnami condition: mongodb.enabled - name: nats - version: 0.14.2 + version: 1.1.5 repository: https://nats-io.github.io/k8s/helm/charts/ condition: nats.enabled maintainers: @@ -30,6 +30,3 @@ maintainers: url: https://testkube.io icon: https://assets.website-files.com/61e00b3936e571a4ea7a5a4c/623b2bb9387ad04955b1f82c_testkube.svg home: https://github.com/kubeshop/testkube-cloud-charts -sources: - - https://github.com/kubeshop/testkube-cloud-api - - https://github.com/kubeshop/testkube-cloud-ui diff --git a/charts/testkube-enterprise/README.md b/charts/testkube-enterprise/README.md index c5753346d..28eb1a5f6 100644 --- a/charts/testkube-enterprise/README.md +++ b/charts/testkube-enterprise/README.md @@ -12,21 +12,16 @@ A Helm chart for Testkube Enterprise | ---- | ------ | --- | | testkube | | | -## Source Code - -* -* - ## Requirements | Repository | Name | Version | |------------|------|---------| | file://../testkube-cloud-api | testkube-cloud-api | 1.22.1 | | file://../testkube-cloud-ui | testkube-cloud-ui | 1.21.0 | -| https://charts.bitnami.com/bitnami | common | 2.2.5 | -| https://charts.bitnami.com/bitnami | mongodb | 13.10.2 | -| https://charts.dexidp.io | dex | 0.14.1 | -| https://nats-io.github.io/k8s/helm/charts/ | nats | 0.14.2 | +| https://charts.bitnami.com/bitnami | common | 2.13.3 | +| https://charts.bitnami.com/bitnami | mongodb | 14.3.0 | +| https://charts.dexidp.io | dex | 0.15.3 | +| https://nats-io.github.io/k8s/helm/charts/ | nats | 1.1.5 | ## Values @@ -35,7 +30,7 @@ A Helm chart for Testkube Enterprise | dex.configSecret.create | bool | `false` | This should be set to `false` so Dex does not create the config secret. Refer to the `createCustom` field for more info on creating config secret. | | dex.configSecret.createCustom | bool | `true` | Toggle whether to create a custom config secret for Dex (templates/dex-config-secret.yaml). If set to `true`, the `configTemplate` field will be used to generate the config secret. | | dex.configSecret.name | string | `"testkube-enterprise-dex-config"` | The name of the secret to mount as configuration in the pod. Set `createCustom: false` and edit the secret manually to use a custom config secret. | -| dex.configTemplate | object | `{"additionalConfig":"","base":"logger:\n level: debug\n format: json\nstorage:\n type: kubernetes\n config:\n inCluster: true\n","customConfig":""}` | Inline Dex configuration which will be used to generate the config secret. | +| dex.configTemplate | object | `{"additionalConfig":"","base":"logger:\n level: debug\n format: json\n","customConfig":""}` | Inline Dex configuration which will be used to generate the config secret. | | dex.configTemplate.additionalConfig | string | `""` | Additional config which will be appended to the config like `staticClients`, `staticPasswords ,`connectors`... | | dex.configTemplate.customConfig | string | `""` | If provided, it will completely override the default config (`base` and `additionalConfig`). This is useful if you want to use a custom config file. | | dex.enabled | bool | `true` | Toggle whether to install Dex | @@ -49,10 +44,13 @@ A Helm chart for Testkube Enterprise | dex.ingress.tls[0].hosts[0] | string | `"api.{{ .Values.global.domain }}"` | | | dex.ingress.tls[0].secretName | string | `"testkube-enterprise-api-tls"` | | | dex.podSecurityContext | string | `nil` | MongoDB Pod Security Context | +| dex.rbac.create | bool | `true` | Specifies whether RBAC resources should be created. If disabled, the operator is responsible for creating the necessary resources based on the templates. | +| dex.rbac.createClusterScoped | bool | `true` | Specifies which RBAC resources should be created. If disabled, the operator is responsible for creating the necessary resources (ClusterRole and RoleBinding or CRD's) | | dex.resources.limits | object | `{}` | | | dex.resources.requests.cpu | string | `"100m"` | | | dex.resources.requests.memory | string | `"128Mi"` | | | dex.securityContext | object | `{}` | Security Context for MongoDB container | +| dex.storage | object | `{}` | Configure backend for Dex internal config (more info here https://dexidp.io/docs/storage) | | global.certManager.issuerRef | string | `""` | Certificate Issuer ref (only used if `provider` is set to `cert-manager`) | | global.certificateProvider | string | `"cert-manager"` | TLS certificate provider. Set to "cert-manager" for integration with cert-manager or leave empty for other methods | | global.dex.issuer | string | `""` | Global Dex issuer url which is configured both in Dex and API | @@ -77,22 +75,27 @@ A Helm chart for Testkube Enterprise | mongodb.podSecurityContext | object | `{}` | MongoDB Pod Security Context | | mongodb.resources | object | `{"requests":{"cpu":"150m","memory":"128Mi"}}` | MongoDB resource settings | | mongodb.tolerations | list | `[]` | | -| nats.cluster.enabled | bool | `true` | Enable cluster mode (HA) | -| nats.cluster.replicas | int | `3` | NATS cluster replicas | -| nats.exporter.enabled | bool | `true` | Toggle whether to install NATS exporter | -| nats.exporter.resources | object | `{}` | Exporter resources settings | -| nats.exporter.securityContext | object | `{}` | Security Context for Exporter container | +| nats.config.cluster.enabled | bool | `true` | Enable cluster mode (HA) | +| nats.config.cluster.replicas | int | `3` | NATS cluster replicas | +| nats.config.jetstream.enabled | bool | `true` | | +| nats.config.jetstream.fileStore.pvc.enabled | bool | `true` | | +| nats.config.jetstream.fileStore.pvc.size | string | `"10Gi"` | | +| nats.config.jetstream.fileStore.pvc.storageClassName | string | `nil` | | +| nats.config.merge | object | `{"max_payload":"<< 8MB >>"}` | Merge additional fields to nats config https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#container-v1-core | +| nats.config.patch | list | `[]` | Patch additional fields to nats config | | nats.fullnameOverride | string | `"testkube-enterprise-nats"` | | -| nats.nats.enabled | bool | `true` | Toggle whether to install NATS | -| nats.nats.limits.maxPayload | string | `"8MB"` | Max payload | -| nats.nats.resources | object | `{}` | NATS resource settings | -| nats.nats.securityContext | object | `{}` | Security Context for NATS container | -| nats.natsbox.securityContext | object | `{}` | Security Context for NATS Box container | -| nats.natsbox.tolerations | list | `[]` | NATS Box tolerations settings | +| nats.natsBox.enabled | bool | `true` | | +| nats.natsBox.env | object | `{}` | Map of additional env vars | +| nats.natsBox.merge | object | `{}` | Merge additional fields to the container https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#container-v1-core | +| nats.natsBox.patch | list | `[]` | Patch additional fields to the container | +| nats.promExporter.enabled | bool | `true` | Toggle whether to install NATS exporter | +| nats.promExporter.env | object | `{}` | Map of additional env vars | +| nats.promExporter.merge | object | `{}` | Merge additional fields to the container https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#container-v1-core | +| nats.promExporter.patch | list | `[]` | Patch additional fields to the container | | nats.reloader.enabled | bool | `true` | Toggle whether to install Reloader | -| nats.reloader.securityContext | object | `{}` | Security Context for Reloader container | -| nats.securityContext | object | `{}` | NATS Pod Security Context | -| nats.tolerations | list | `[]` | | +| nats.reloader.env | object | `{}` | Map of additional env vars | +| nats.reloader.merge | object | `{}` | Merge additional fields to the container https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#container-v1-core | +| nats.reloader.patch | list | `[]` | Patch additional fields to the container | | testkube-cloud-api.ai.secretRef | string | `""` | | | testkube-cloud-api.api.agent.hide | bool | `false` | | | testkube-cloud-api.api.agent.host | string | `""` | Agent host (without protocol) is used for building agent install commands (if blank, api will autogenerate it based on the value of `global.domain`) | @@ -142,7 +145,7 @@ A Helm chart for Testkube Enterprise | testkube-cloud-api.minio.fullnameOverride | string | `"testkube-enterprise-minio"` | MinIO fullname override | | testkube-cloud-api.minio.image.pullPolicy | string | `"IfNotPresent"` | MinIO image pull policy | | testkube-cloud-api.minio.image.repository | string | `"minio/minio"` | MinIO image repository | -| testkube-cloud-api.minio.image.tag | string | `"RELEASE.2023-11-06T22-26-08Z"` | MinIO image tag | +| testkube-cloud-api.minio.image.tag | string | `"RELEASE.2023-11-20T22-40-07Z"` | MinIO image tag | | testkube-cloud-api.minio.ingress.enabled | bool | `true` | Toggle whether to enable ingress for MinIO | | testkube-cloud-api.minio.ingress.tls.tlsSecret | string | `"testkube-enterprise-minio-tls"` | TLS secret name which contains the certificate files | | testkube-cloud-api.minio.nodeSelector | object | `{}` | Node labels for pod assignment. | @@ -158,8 +161,9 @@ A Helm chart for Testkube Enterprise | testkube-cloud-api.prometheus.enabled | bool | `false` | | | testkube-cloud-ui.fullnameOverride | string | `"testkube-enterprise-ui"` | | | testkube-cloud-ui.image.repository | string | `"testkubeenterprise/testkube-enterprise-ui"` | | -| testkube-cloud-ui.image.tag | string | `"1.6.2"` | | +| testkube-cloud-ui.image.tag | string | `"1.6.4"` | | | testkube-cloud-ui.ingress.tlsSecretName | string | `"testkube-enterprise-ui-tls"` | Name of the TLS secret which contains the certificate files | +| testkube-cloud-ui.ui.authStrategy | string | `""` | Auth strategy to use (possible values: "" (default), "gitlab", "github"), setting to "" enables all auth strategies, if you use a custom Dex connector, set this to the id of the connector | ---------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) +Autogenerated from chart metadata using [helm-docs v1.11.3](https://github.com/norwoodj/helm-docs/releases/v1.11.3) diff --git a/charts/testkube-enterprise/docs/README.md b/charts/testkube-enterprise/docs/README.md index c89f9151e..a28a8c8d1 100644 --- a/charts/testkube-enterprise/docs/README.md +++ b/charts/testkube-enterprise/docs/README.md @@ -196,14 +196,15 @@ If you want to use a different Ingress Controller, we kindly ask you to reach ou #### Domain Testkube Enterprise requires a domain (public or internal) under which it will expose the following services: -| Subdomain | Service | -|---------------------------------|------------------| -| `dashboard.` | Dashboard UI | -| `api.` | REST API | -| `agent.(sub)` | gRPC API | -| `websockets.(sub)` | WebSockets API | -| `storage.(sub)` | Storage API | -| `status.(sub)` | Status Pages API | + +| Subdomain | Service | Endpoint | +|---------------------------------|------------------|----------------------------------| +| `dashboard.` | Dashboard UI | `testkube-enterprise-ui:8080` | +| `api.` | REST API | `testkube-enterprise-api:9443` | +| `agent.` | gRPC API | `testkube-enterprise-api:8443` | +| `websockets.` | WebSockets API | `testkube-enterprise-api:9443` | +| `storage.` | Storage API | `testkube-enterprise-minio:9000` | +| `status.` | Status Pages API | `testkube-enterprise-api:9443` | #### TLS @@ -241,6 +242,23 @@ global: Testkube Enterprise utilizes [Dex](https://dexidp.io/) for authentication & authorization. For detailed instruction on configuring Dex, please refer to the [auth.md](./auth.md) document. +Dex requires persisting state to perform various tasks such as track refresh tokens, preventing replays, and rotating keys. +This document is a summary of the storage configurations supported by dex. + +Default storage type for Dex is Kubernetes CRDs. This is the recommended storage type for most users. + +In order to use a different storage type, you need to configure the `dex.storage` field in the `values.yaml` file. +```helm +storage: + type: sqlite3 + config: + file: /var/dex/dex.db +``` + +If the `dex.storage` field is not configured, it will default to the Kubernetes CRDs storage type. + +More info on various storage options can be found in the [Dex Storage](https://dexidp.io/docs/storage/) documentation. + ### Metrics Testkube Enterprise exposes Prometheus metrics on the `/metrics` endpoint and uses a `ServiceMonitor` resource to expose them to Prometheus. diff --git a/charts/testkube-enterprise/templates/NOTES.txt b/charts/testkube-enterprise/templates/NOTES.txt index b63afd510..2ba38163e 100644 --- a/charts/testkube-enterprise/templates/NOTES.txt +++ b/charts/testkube-enterprise/templates/NOTES.txt @@ -1,27 +1,3 @@ Thank you for subscribing to Testkube Enterprise! Make sure to check out the Enterprise documentation at https://docs.testkube.io - -To access your application, please follow the instructions below: -{{/*1. Get the application URL by running these commands:*/}} -{{/*{{- if .Values.ingress.enabled }}*/}} -{{/*{{- range $host := .Values.ingress.hosts }}*/}} -{{/* {{- range .paths }}*/}} -{{/* http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}*/}} -{{/* {{- end }}*/}} -{{/*{{- end }}*/}} -{{/*{{- else if contains "NodePort" .Values.service.type }}*/}} -{{/* export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "testkube-enterprise.fullname" . }})*/}} -{{/* export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")*/}} -{{/* echo http://$NODE_IP:$NODE_PORT*/}} -{{/*{{- else if contains "LoadBalancer" .Values.service.type }}*/}} -{{/* NOTE: It may take a few minutes for the LoadBalancer IP to be available.*/}} -{{/* You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "testkube-enterprise.fullname" . }}'*/}} -{{/* export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "testkube-enterprise.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")*/}} -{{/* echo http://$SERVICE_IP:{{ .Values.service.port }}*/}} -{{/*{{- else if contains "ClusterIP" .Values.service.type }}*/}} -{{/* export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "testkube-enterprise.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")*/}} -{{/* export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")*/}} -{{/* echo "Visit http://127.0.0.1:8080 to use your application"*/}} -{{/* kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT*/}} -{{/*{{- end }}*/}} diff --git a/charts/testkube-enterprise/templates/dex-config-secret.yaml b/charts/testkube-enterprise/templates/dex-config-secret.yaml index e07b08f9e..9a61bc2c9 100644 --- a/charts/testkube-enterprise/templates/dex-config-secret.yaml +++ b/charts/testkube-enterprise/templates/dex-config-secret.yaml @@ -13,6 +13,14 @@ stringData: {{- else }} config.yaml: |- {{- .Values.dex.configTemplate.base | nindent 4 }} + storage: + {{- if .Values.dex.storage }} + {{- toYaml .Values.dex.storage | nindent 6 }} + {{- else }} + type: kubernetes + config: + inCluster: true + {{- end }} {{- $api := index .Values "testkube-cloud-api"}} issuer: {{ if .Values.global.dex.issuer }}{{ .Values.global.dex.issuer }}{{ else }}https://{{ .Values.global.restApiSubdomain }}.{{ .Values.global.domain }}/idp{{ end }} staticClients: diff --git a/charts/testkube-enterprise/values.yaml b/charts/testkube-enterprise/values.yaml index 17d8d9aea..e9f7e1434 100644 --- a/charts/testkube-enterprise/values.yaml +++ b/charts/testkube-enterprise/values.yaml @@ -45,7 +45,7 @@ testkube-cloud-api: fullnameOverride: testkube-enterprise-api image: repository: testkubeenterprise/testkube-enterprise-api - tag: 1.6.4 + tag: 1.6.7 ai: secretRef: "" api: @@ -133,7 +133,7 @@ testkube-cloud-api: # -- MinIO image repository repository: minio/minio # -- MinIO image tag - tag: RELEASE.2023-11-06T22-26-08Z + tag: RELEASE.2023-11-20T22-40-07Z # -- MinIO image pull policy pullPolicy: IfNotPresent # -- MinIO fullname override @@ -193,74 +193,115 @@ testkube-cloud-api: enabled: false ingress: className: nginx + testkube-cloud-ui: fullnameOverride: testkube-enterprise-ui + ui: + # -- Auth strategy to use (possible values: "" (default), "gitlab", "github"), setting to "" enables all auth strategies, if you use a custom Dex connector, set this to the id of the connector + authStrategy: "" image: repository: testkubeenterprise/testkube-enterprise-ui - tag: 1.6.2 + tag: 1.6.4 ingress: # -- Name of the TLS secret which contains the certificate files tlsSecretName: testkube-enterprise-ui-tls + ## NATS chart parameter ## For more configuration parameters of NATS chart please look here: https://docs.nats.io/running-a-nats-service/nats-kubernetes/helm-charts nats: fullnameOverride: testkube-enterprise-nats - tolerations: [] - # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod - # -- NATS Pod Security Context - securityContext: {} - cluster: - # -- Enable cluster mode (HA) - enabled: true - # -- NATS cluster replicas - replicas: 3 - # NATS container settings - nats: - # -- Toggle whether to install NATS - enabled: true - # Uncomment if you want to provide a different image or pullPolicy - # image: nats:2.7.4-alpine - # pullPolicy: IfNotPresent - # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - # -- Security Context for NATS container - securityContext: {} - # -- NATS resource settings - resources: {} - limits: - # -- Max payload - maxPayload: 8MB + + # Uncomment if you want to provide a different image or pullPolicy + # container: + # image: + # repository: nats + # tag: 2.10.5-alpine + # pullPolicy: IfNotPresent + # registry: + + config: + cluster: + # -- Enable cluster mode (HA) + enabled: true + # -- NATS cluster replicas + replicas: 3 + + jetstream: + enabled: true + + fileStore: + pvc: + enabled: true + size: 10Gi + storageClassName: + + # -- Merge additional fields to nats config + # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#container-v1-core + merge: + max_payload: << 8MB >> + # -- Patch additional fields to nats config + patch: [] + # Reloader container settings reloader: # -- Toggle whether to install Reloader enabled: true # Uncomment if you want to provide a different image or pullPolicy - # image: natsio/nats-server-config-reloader:0.6.3 - # pullPolicy: IfNotPresent - # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - # -- Security Context for Reloader container - securityContext: {} + # image: + # repository: natsio/nats-server-config-reloader + # tag: 0.13.0 + # pullPolicy: + # registry: + + # -- Map of additional env vars + env: {} + + # -- Merge additional fields to the container + # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#container-v1-core + merge: {} + # -- Patch additional fields to the container + patch: [] + # NATS Box container settings - natsbox: + natsBox: + enabled: true # Uncomment if you want to provide a different image or pullPolicy - # image: natsio/nats-box:0.8.1 - # pullPolicy: IfNotPresent - # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - # -- Security Context for NATS Box container - securityContext: {} - # -- NATS Box tolerations settings - tolerations: [] + # container: + # image: + # repository: natsio/nats-box + # tag: 0.14.1 + # pullPolicy: + # registry: + + # -- Map of additional env vars + env: {} + + # -- Merge additional fields to the container + # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#container-v1-core + merge: {} + # -- Patch additional fields to the container + patch: [] + # Exporter container settings - exporter: + promExporter: # -- Toggle whether to install NATS exporter enabled: true # Uncomment if you want to provide a different image or pullPolicy - # image: natsio/prometheus-nats-exporter:0.9.1 - # pullPolicy: IfNotPresent - # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - # -- Security Context for Exporter container - securityContext: {} - # -- Exporter resources settings - resources: {} + # image: + # repository: natsio/prometheus-nats-exporter + # tag: 0.12.0 + # pullPolicy: + # registry: + + # -- Map of additional env vars + env: {} + + # -- Merge additional fields to the container + # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#container-v1-core + merge: {} + # -- Patch additional fields to the container + patch: [] + ## MongoDB chart parameters ## For more configuration parameters of MongoDB chart please look here: https://github.com/bitnami/charts/tree/master/bitnami/mongodb#parameters mongodb: @@ -270,8 +311,9 @@ mongodb: # image: # registry: docker.io # repository: bitnami/mongodb - # tag: 6.0.5-debian-11-r13 + # tag: 7.0.3-debian-11-r6 # digest: "" + # -- MongoDB fullname override fullnameOverride: "testkube-enterprise-mongodb" # MongoDB Auth settings @@ -296,6 +338,7 @@ mongodb: containerSecurityContext: {} # For OpenShift clusters use the following settings: # runAsGroup: 1000670000 + ## Dex chart parameters ## For more configuration parameters of NATS chart please look here: https://github.com/dexidp/helm-charts dex: @@ -307,6 +350,13 @@ dex: # repository: ghcr.io/dexidp/dex # tag: v2.36.0-alpine # pullPolicy: IfNotPresent + rbac: + # -- Specifies whether RBAC resources should be created. + # If disabled, the operator is responsible for creating the necessary resources based on the templates. + create: true + # -- Specifies which RBAC resources should be created. + # If disabled, the operator is responsible for creating the necessary resources (ClusterRole and RoleBinding or CRD's) + createClusterScoped: true configSecret: # -- This should be set to `false` so Dex does not create the config secret. Refer to the `createCustom` field for more info on creating config secret. create: false @@ -314,6 +364,12 @@ dex: createCustom: true # -- The name of the secret to mount as configuration in the pod. Set `createCustom: false` and edit the secret manually to use a custom config secret. name: "testkube-enterprise-dex-config" + # -- Configure backend for Dex internal config (more info here https://dexidp.io/docs/storage) + storage: {} + # example config for saving Dex internal data as Kubernetes CRDs + # type: kubernetes + # config: + # inCluster: true # -- Inline Dex configuration which will be used to generate the config secret. configTemplate: # -- If provided, it will completely override the default config (`base` and `additionalConfig`). This is useful if you want to use a custom config file. @@ -322,10 +378,6 @@ dex: logger: level: debug format: json - storage: - type: kubernetes - config: - inCluster: true # -- Additional config which will be appended to the config like `staticClients`, `staticPasswords ,`connectors`... additionalConfig: "" # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container