REL-2377 Revert and upgrade for release

charts/sonarqube-dce/CHANGELOG.md

@@ -1,20 +1,8 @@
 # SonarQube Chart Changelog
 All changes to this chart will be documented in this file.
 
-## [4.0.5]
-* Add the possibility of using a secret for customizing the admin password
-
-## [4.0.4]
-* Remove unreachable condition and fix the right values for sonarProperties and sonarSecretProperties
-
-## [4.0.3]
-* Bump apiVersion to v2
-
-## [4.0.2]
-* Add documentation for ApplicationNodes.jwtSecret
-
-## [4.0.1]
-* Add documentation for ingress tls
+## [4.0.6]
+* Updated SonarQube to 9.6.1
 
 ## [4.0.0]
 * Updated SonarQube to 9.6.0

charts/sonarqube-dce/Chart.yaml

@@ -1,9 +1,8 @@
-apiVersion: v2
+apiVersion: v1
 name: sonarqube-dce
 description: SonarQube offers Code Quality and Code Security analysis for up to 27 languages. Find Bugs, Vulnerabilities, Security Hotspots and Code Smells throughout your workflow.
-type: application
-version: 4.0.5
-appVersion: 9.6.0
+version: 4.0.6
+appVersion: 9.6.1
 keywords:
   - coverage
   - security
@@ -26,19 +25,10 @@ annotations:
       url: https://github.com/SonarSource/helm-chart-sonarqube/tree/master/charts/sonarqube-dce
   artifacthub.io/changes: |
     - kind: changed
-      description: "Updated SonarQube to 9.6.0"
+      description: "Updated SonarQube to 9.6.1"
   artifacthub.io/containsSecurityUpdates: "false"
   artifacthub.io/images: |
     - name: sonarqube-app
-      image: sonarqube:9.6.0-datacenter-app
+      image: sonarqube:9.6.1-datacenter-app
     - name: sonarqube-search
-      image: sonarqube:9.6.0-datacenter-search
-dependencies:
-  - name: postgresql
-    version: 10.15.0
-    repository: https://charts.bitnami.com/bitnami
-    condition: postgresql.enabled
-  - name: ingress-nginx
-    version: 4.0.13
-    repository: https://kubernetes.github.io/ingress-nginx
-    condition: nginx.enabled
+      image: sonarqube:9.6.1-datacenter-search

charts/sonarqube-dce/README.md

@@ -16,12 +16,7 @@ Please note that this chart does NOT support SonarQube Community, Developer, and
 
 ## Installing the chart
 
-> **_NOTE:_**  Please refer to [the official page](https://docs.sonarqube.org/latest/setup/sonarqube-cluster-on-kubernetes/) for further information on how to install and tune the helm chart specifications.
-
-Prior to installing the chart, please ensure that the `ApplicationNodes.jwtSecret` value is set properly with a HS256 key encoded with base64. In the following, an example on how to generate this key on a Unix system:
-```bash
-echo -n "your_secret" | openssl dgst -sha256 -hmac "your_key" -binary | base64
-```
+Please ensure that the value for `ApplicationNodes.jwtSecret` is set with something like `echo -n "your_secret" | openssl dgst -sha256 -hmac "your_key" -binary | base64` and persist this in your `values.yaml`.
 
 To install the chart:
 
@@ -166,8 +161,8 @@ The following table lists the configurable parameters of the Sonarqube chart and
 | `ApplicationNodes.image.pullSecret` | (DEPRECATED) app imagePullSecret to use for private repository | `nil` |
 | `ApplicationNodes.image.pullSecrets` | app imagePullSecrets to use for private repository | `nil` |
 | `ApplicationNodes.env` | Environment variables to attach to the app pods | `nil` |
-| `ApplicationNodes.sonarProperties` | Custom `sonar.properties` key-value pairs for App Nodes (e.g., "ApplicationNodes.sonarProperties.sonar.forceAuthentication=true") | `None` |
-| `ApplicationNodes.sonarSecretProperties` | Additional `sonar.properties` key-value pairs for App Nodes to load from a secret | `None` |
+| `ApplicationNodes.sonarProperties` | Custom `sonar.properties` file for App Nodes | `None` |
+| `ApplicationNodes.sonarSecretProperties` | Additional `sonar.properties` file for App Nodes to load from a secret | `None` |
 | `ApplicationNodes.sonarSecretKey` | Name of existing secret used for settings encryption | `None` |
 | `ApplicationNodes.replicaCount` | Replica count of the app Nodes | `2` |
 | `ApplicationNodes.podDistributionBudget` | PodDisctributionBudget for the App Nodes | `minAvailable: "50%"` |
@@ -214,7 +209,7 @@ The following table lists the configurable parameters of the Sonarqube chart and
 | `ApplicationNodes.plugins.securityContext` | Security context for the container to download plugins | see `values.yaml |
 | `ApplicationNodes.jvmOpts` | Values to add to SONARQUBE_WEB_JVM_OPTS | `""` |
 | `ApplicationNodes.jvmCeOpts` | Values to add to SONAR_CE_JAVAOPTS | `""` |
-| `ApplicationNodes.jwtSecret` | A HS256 key encoded with base64 (*This value must be set before installing the chart, see [the documentation](https://docs.sonarqube.org/latest/setup/sonarqube-cluster-on-kubernetes/)*) | `""` |
+| `ApplicationNodes.jwtSecret` | A HS256 key encoded with base64 | `""` |
 | `ApplicationNodes.existingJwtSecret` | secret that contains the `jwtSecret` | `nil` |
 | `ApplicationNodes.resources.requests.memory` | memory request for app Nodes | `2Gi` |
 | `ApplicationNodes.resources.requests.cpu` | cpu request for app Nodes | `400m` |
@@ -396,7 +391,6 @@ The following table lists the configurable parameters of the Sonarqube chart and
 | `logging.jsonOutput` | Enable/Disable logging in JSON format | `false` |
 | `account.adminPassword` | Custom new admin password | `admin` |
 | `account.currentAdminPassword` | Current admin password | `admin` |
-| `account.adminPasswordSecretName` | Secret containing `password` (custom password) and `currentPassword` (current password) keys for admin | `None` |
 | `account.resources.requests.memory` | Memory request for Admin hook | `128Mi` |
 | `account.resources.requests.cpu` | CPU request for Admin hook | `100m` |
 | `account.resources.limits.memory` | Memory limit for Admin hook | `128Mi` |

charts/sonarqube-dce/requirements.yaml

@@ -0,0 +1,9 @@
+dependencies:
+- name: postgresql
+  version: 10.15.0
+  repository: https://charts.bitnami.com/bitnami
+  condition: postgresql.enabled
+- name: ingress-nginx
+  version: 4.0.13
+  repository: https://kubernetes.github.io/ingress-nginx
+  condition: nginx.enabled

charts/sonarqube-dce/templates/change-admin-password-hook.yml

@@ -1,5 +1,5 @@
 {{- if .Values.account }}
-{{- if or .Values.account.adminPassword .Values.account.adminPasswordSecretName}}
+{{- if .Values.account.adminPassword }}
 apiVersion: batch/v1
 kind: Job
 metadata:
@@ -57,20 +57,12 @@ spec:
         - name: ADMIN_PASSWORD
           valueFrom:
             secretKeyRef:
-              {{- if .Values.account.adminPassword }}
               name: {{ template "sonarqube.fullname" . }}-admin-password
-              {{- else }}
-              name: {{ .Values.account.adminPasswordSecretName }}
-              {{- end }}
               key: password
         - name: CURRENT_ADMIN_PASSWORD
           valueFrom:
             secretKeyRef:
-              {{- if .Values.account.adminPassword }}
               name: {{ template "sonarqube.fullname" . }}-admin-password
-              {{- else }}
-              name: {{ .Values.account.adminPasswordSecretName }}
-              {{- end }}
               key: currentPassword
         resources:
 {{ toYaml (default .Values.resources .Values.account.resources) | indent 10 }}

charts/sonarqube-dce/templates/sonarqube-application.yaml

@@ -315,10 +315,14 @@ spec:
 {{- toYaml .Values.containerSecurityContext | nindent 12 }}
           {{- end }}
           volumeMounts:
-            {{- if or .Values.ApplicationNodes.sonarProperties .Values.ApplicationNodes.sonarSecretProperties }}
+            {{- if or .Values.sonarProperties .Values.sonarSecretProperties }}
             - mountPath: {{ .Values.sonarqubeFolder }}/conf/sonar.properties
               subPath: sonar.properties
               name: concat-dir
+            {{- else if .Values.sonarProperties }}
+            - mountPath: {{ .Values.sonarqubeFolder }}/conf/sonar.properties
+              subPath: sonar.properties
+              name: config
             {{- end }}
             {{- if .Values.sonarSecretKey }}
             - mountPath: {{ .Values.sonarqubeFolder }}/secret/

charts/sonarqube-dce/values.yaml

@@ -5,7 +5,7 @@
 searchNodes:
   image:
     repository: sonarqube
-    tag: 9.6.0-datacenter-search
+    tag: 9.6.1-datacenter-search
     pullPolicy: IfNotPresent
     # If using a private repository, the imagePullSecrets to use
     # pullSecrets:
@@ -242,7 +242,7 @@ ApplicationNodes:
   ## Values to add to SONAR_CE_JAVAOPTS
   jvmCeOpts: ""
 
-  # Set this value with a HS256 key encoded with base64. You can generate a key using the following command on a Unix system: echo -n "your_secret" | openssl dgst -sha256 -hmac "your_key" -binary | base64
+  # SONAR_AUTH_JWTBASE64HS256SECRET
   jwtSecret: ""
   # can use existing secret with SONAR_AUTH_JWTBASE64HS256SECRET as key
   # existingJwtSecret: ""
@@ -311,7 +311,7 @@ ingress:
   #  traffic-type: external
   #  traffic-type: internal
   tls: []
-  # Secrets must be manually created in the namespace. To generate a self-signed certificate (and private key) and then create the secret in the cluster please refer to official documentation available at https://kubernetes.github.io/ingress-nginx/user-guide/tls/#tls-secrets
+  # Secrets must be manually created in the namespace.
   # - secretName: chart-example-tls
   #   hosts:
   #     - chart-example.local
@@ -549,12 +549,8 @@ extraConfig:
   configmaps: []
 
 # account:
-# The values can be set to define the current and the (new) custom admin passwords at the startup (the username will remain "admin")
 #   adminPassword: admin
 #   currentAdminPassword: admin
-# The above values can be also provided by a secret that contains "password" and "currentPassword" as keys. You can generate such a secret in your cluster
-# using "kubectl create secret generic admin-password-secret-name --from-literal=password=admin --from-literal=currentPassword=admin"
-#   adminPasswordSecretName: ""
 #   resources:
 #     limits:
 #       cpu: 100m

charts/sonarqube/CHANGELOG.md

@@ -1,20 +1,8 @@
 # SonarQube Chart Changelog
 All changes to this chart will be documented in this file.
 
-## [5.0.5]
-* Add the possibility of using a secret for customizing the admin password
-
-## [5.0.4]
-* Add documentation for sonarProperties and sonarSecretProperties
-
-## [5.0.3]
-* Bump apiVersion to v2
-
-## [5.0.2]
-* Set the number of allowed replicas to 0 and 1
-
-## [5.0.1]
-* Add documentation for ingress tls
+## [5.0.6]
+* Updated SonarQube to 9.6.1
 
 ## [5.0.0]
 * Updated SonarQube to 9.6.0

charts/sonarqube/Chart.yaml

@@ -1,9 +1,8 @@
-apiVersion: v2
+apiVersion: v1
 name: sonarqube
 description: SonarQube offers Code Quality and Code Security analysis for up to 27 languages. Find Bugs, Vulnerabilities, Security Hotspots and Code Smells throughout your workflow.
-type: application
-version: 5.0.5
-appVersion: 9.6.0
+version: 5.0.6
+appVersion: 9.6.1
 keywords:
   - coverage
   - security
@@ -26,17 +25,8 @@ annotations:
       url: https://github.com/SonarSource/helm-chart-sonarqube/tree/master/charts/sonarqube
   artifacthub.io/changes: |
     - kind: changed
-      description: "Updated SonarQube to 9.6.0"
+      description: "Updated SonarQube to 9.6.1"
   artifacthub.io/containsSecurityUpdates: "false"
   artifacthub.io/images: |
     - name: sonarqube
-      image: sonarqube:9.6.0-community
-dependencies:
-  - name: postgresql
-    version: 10.15.0
-    repository: https://charts.bitnami.com/bitnami
-    condition: postgresql.enabled
-  - name: ingress-nginx
-    version: 4.0.13
-    repository: https://kubernetes.github.io/ingress-nginx
-    condition: nginx.enabled
+      image: sonarqube:9.6.1-community

charts/sonarqube/README.md

@@ -118,7 +118,7 @@ The following table lists the configurable parameters of the Sonarqube chart and
 | Parameter | Description | Default |
 | --------- | ----------- | ------- |
 | `deploymentType` | Deployment Type (supported values are `StatefulSet` or `Deployment`) | `StatefulSet` |
-| `replicaCount`   | Number of replicas deployed (supported values are 0 and 1)  | `1` |
+| `replicaCount`   | Number of replicas deployed  | `1` |
 | `deploymentStrategy` | Deployment strategy | `{}` |
 | `priorityClassName` | Schedule pods on priority (e.g. `high-priority`) | `None` |
 | `schedulerName` | Kubernetes scheduler name | `None` |
@@ -287,8 +287,8 @@ The following table lists the configurable parameters of the Sonarqube chart and
 | `jvmOpts` | Values to add to SONARQUBE_WEB_JVM_OPTS | `""` |
 | `jvmCeOpts` | Values to add to SONAR_CE_JAVAOPTS | `""` |
 | `sonarqubeFolder` | Directory name of Sonarqube | `/opt/sonarqube` |
-| `sonarProperties` | Custom `sonar.properties` key-value pairs (e.g., "sonarProperties.sonar.forceAuthentication=true") | `None` |
-| `sonarSecretProperties` | Additional `sonar.properties` key-value pairs to load from a secret | `None` |
+| `sonarProperties` | Custom `sonar.properties` file | `None` |
+| `sonarSecretProperties` | Additional `sonar.properties` file to load from a secret | `None` |
 | `sonarSecretKey` | Name of existing secret used for settings encryption | `None` |
 | `monitoringPasscode` | Value for sonar.web.systemPasscode. needed for LivenessProbes | `define_it` |
 | `extraContainers` | Array of extra containers to run alongside the `sonarqube` container (aka. Sidecars) | `[]` |
@@ -384,7 +384,6 @@ The following table lists the configurable parameters of the Sonarqube chart and
 | --------- | ----------- | ------- |
 | `account.adminPassword` | Custom admin password | `admin` |
 | `account.currentAdminPassword` | Current admin password | `admin` |
-| `account.adminPasswordSecretName` | Secret containing `password` (custom password) and `currentPassword` (current password) keys for admin | `None` |
 | `account.resources.requests.memory` | Memory request for Admin hook | `128Mi` |
 | `account.resources.requests.cpu` | CPU request for Admin hook | `100m` |
 | `account.resources.limits.memory` | Memory limit for Admin hook | `128Mi` |

charts/sonarqube/requirements.yaml

@@ -0,0 +1,9 @@
+dependencies:
+- name: postgresql
+  version: 10.15.0
+  repository: https://charts.bitnami.com/bitnami
+  condition: postgresql.enabled
+- name: ingress-nginx
+  version: 4.0.13
+  repository: https://kubernetes.github.io/ingress-nginx
+  condition: nginx.enabled

charts/sonarqube/templates/change-admin-password-hook.yml

@@ -1,5 +1,5 @@
 {{- if .Values.account }}
-{{- if or .Values.account.adminPassword .Values.account.adminPasswordSecretName}}
+{{- if .Values.account.adminPassword }}
 apiVersion: batch/v1
 kind: Job
 metadata:
@@ -61,20 +61,12 @@ spec:
         - name: ADMIN_PASSWORD
           valueFrom:
             secretKeyRef:
-              {{- if .Values.account.adminPassword }}
               name: {{ template "sonarqube.fullname" . }}-admin-password
-              {{- else }}
-              name: {{ .Values.account.adminPasswordSecretName }}
-              {{- end }}
               key: password
         - name: CURRENT_ADMIN_PASSWORD
           valueFrom:
             secretKeyRef:
-              {{- if .Values.account.adminPassword }}
               name: {{ template "sonarqube.fullname" . }}-admin-password
-              {{- else }}
-              name: {{ .Values.account.adminPasswordSecretName }}
-              {{- end }}
               key: currentPassword
         resources:
 {{ toYaml (default .Values.resources .Values.account.resources) | indent 10 }}

charts/sonarqube/templates/sonarqube-sts.yaml

@@ -15,7 +15,7 @@ metadata:
     app.kubernetes.io/component: {{ template "sonarqube.fullname" . }}
     app.kubernetes.io/version: {{ tpl .Values.image.tag . | quote }}
 spec:
-  replicas: {{ .Values.replicaCount }}
+  replicas: 1
   serviceName: {{ template "sonarqube.fullname" . }}
   selector:
     matchLabels:

charts/sonarqube/values.yaml

@@ -2,13 +2,13 @@
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.
 
-# If the deployment Type is set to Deployment sonarqube is deployed as a replica set.
 deploymentType: "StatefulSet"
 
-# There should not be more than 1 sonarqube instance connected to the same database. Please set this value to 1 or 0 (in case you need to scale down programmatically).
+# If the deployment Type is set to Deployment sonarqube is deployed as a replica set
+# There should not be more than 1 sonarqube instance connected to the same database
 replicaCount: 1
 
-# This will use the default deployment strategy unless it is overriden
+ # This will use the default deployment strategy unless it is overriden
 deploymentStrategy: {}
 # Uncomment this to scheduler pods on priority
 # priorityClassName: "high-priority"
@@ -27,7 +27,7 @@ edition: "community"
 
 image:
   repository: sonarqube
-  tag: 9.6.0-{{ .Values.edition }}
+  tag: 9.6.1-{{ .Values.edition }}
   pullPolicy: IfNotPresent
   # If using a private repository, the imagePullSecrets to use
   # pullSecrets:
@@ -103,7 +103,7 @@ ingress:
   #  traffic-type: external
   #  traffic-type: internal
   tls: []
-  # Secrets must be manually created in the namespace. To generate a self-signed certificate (and private key) and then create the secret in the cluster please refer to official documentation available at https://kubernetes.github.io/ingress-nginx/user-guide/tls/#tls-secrets
+  # Secrets must be manually created in the namespace.
   # - secretName: chart-example-tls
   #   hosts:
   #     - chart-example.local
@@ -498,12 +498,8 @@ extraConfig:
   configmaps: []
 
 # account:
-# The values can be set to define the current and the (new) custom admin passwords at the startup (the username will remain "admin")
 #   adminPassword: admin
 #   currentAdminPassword: admin
-# The above values can be also provided by a secret that contains "password" and "currentPassword" as keys. You can generate such a secret in your cluster
-# using "kubectl create secret generic admin-password-secret-name --from-literal=password=admin --from-literal=currentPassword=admin"
-#   adminPasswordSecretName: ""
 #   securityContext: {}
 #   resources:
 #     limits: