diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 75ce624c..c29ba77b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -5,7 +5,7 @@ repos: - id: detect-secrets args: ["--baseline", ".secrets.baseline"] additional_dependencies: ["gibberish-detector"] - + - repo: https://github.com/pre-commit/pre-commit-hooks rev: v5.0.0 hooks: @@ -17,15 +17,16 @@ repos: # hooks: # - id: helmlint - - repo: local + - repo: https://github.com/norwoodj/helm-docs + rev: "v1.14.2" hooks: - - id: helm-docs - args: ["-c", "helm"] - description: Uses 'helm-docs' to create documentation from the Helm chart's 'values.yaml' file, and inserts the result into a corresponding 'README.md' file. - entry: git-hook/helm-docs.sh - language: script - name: Helm Docs - require_serial: true + # Use a pinned version of helm-docs in a container to generate consistent documentation. + - name: helm-docs + id: helm-docs-container + entry: jnorwood/helm-docs:v1.14.2 + args: + - "--chart-search-root=helm" + - "--skip-version-footer" - repo: local hooks: diff --git a/.secrets.baseline b/.secrets.baseline index 09cae78d..bc507384 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -137,14 +137,16 @@ "filename": "helm/portal/README.md", "hashed_secret": "eb9739c6625f06b4ab73035223366dda6262ae77", "is_verified": false, - "line_number": 34 + "line_number": 34, + "is_secret": false }, { "type": "Base64 High Entropy String", "filename": "helm/portal/README.md", "hashed_secret": "08eeb737b239bdb7362a875b90e22c10b8826b20", "is_verified": false, - "line_number": 39 + "line_number": 39, + "is_secret": false } ], "helm/portal/values.yaml": [ @@ -153,14 +155,16 @@ "filename": "helm/portal/values.yaml", "hashed_secret": "08eeb737b239bdb7362a875b90e22c10b8826b20", "is_verified": false, - "line_number": 473 + "line_number": 473, + "is_secret": false }, { "type": "Base64 High Entropy String", "filename": "helm/portal/values.yaml", "hashed_secret": "eb9739c6625f06b4ab73035223366dda6262ae77", "is_verified": false, - "line_number": 475 + "line_number": 475, + "is_secret": false } ], "helm/revproxy/nginx/helpers.js": [ @@ -169,7 +173,8 @@ "filename": "helm/revproxy/nginx/helpers.js", "hashed_secret": "1d278d3c888d1a2fa7eed622bfc02927ce4049af", "is_verified": false, - "line_number": 10 + "line_number": 10, + "is_secret": false } ] }, diff --git a/helm/alloy/Chart.yaml b/helm/alloy/Chart.yaml index 32399d2d..ac429f84 100644 --- a/helm/alloy/Chart.yaml +++ b/helm/alloy/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.1 +version: 0.1.2 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/alloy/README.md b/helm/alloy/README.md index 7b910464..97a37142 100644 --- a/helm/alloy/README.md +++ b/helm/alloy/README.md @@ -1,6 +1,6 @@ # alloy -![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.2](https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for deploying Grafana Alloy @@ -27,6 +27,3 @@ A Helm chart for deploying Grafana Alloy | alloy.controller.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].operator | string | `"In"` | | | alloy.controller.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[0] | string | `"us-east-1a"` | | | alloy.controller.type | string | `"deployment"` | | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/ambassador/Chart.yaml b/helm/ambassador/Chart.yaml index 41fcca74..d356536b 100644 --- a/helm/ambassador/Chart.yaml +++ b/helm/ambassador/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.15 +version: 0.1.16 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,5 +25,5 @@ appVersion: "1.4.2" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common diff --git a/helm/ambassador/README.md b/helm/ambassador/README.md index 864fc6f4..98cc6e06 100644 --- a/helm/ambassador/README.md +++ b/helm/ambassador/README.md @@ -1,6 +1,6 @@ # ambassador -![Version: 0.1.15](https://img.shields.io/badge/Version-0.1.15-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.4.2](https://img.shields.io/badge/AppVersion-1.4.2-informational?style=flat-square) +![Version: 0.1.16](https://img.shields.io/badge/Version-0.1.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.4.2](https://img.shields.io/badge/AppVersion-1.4.2-informational?style=flat-square) A Helm chart for deploying ambassador for gen3 @@ -8,7 +8,7 @@ A Helm chart for deploying ambassador for gen3 | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | ## Values @@ -56,6 +56,3 @@ A Helm chart for deploying ambassador for gen3 | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template. | | tolerations | list | `[]` | Tolerations to use for the deployment. | | userNamespace | string | `"jupyter-pods"` | Namespace to use for user resources. | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/arborist/Chart.yaml b/helm/arborist/Chart.yaml index 89ce9343..1c13ff60 100644 --- a/helm/arborist/Chart.yaml +++ b/helm/arborist/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.13 +version: 0.1.14 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,7 +25,7 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common - name: postgresql version: 11.9.13 diff --git a/helm/arborist/README.md b/helm/arborist/README.md index 35052045..68301926 100644 --- a/helm/arborist/README.md +++ b/helm/arborist/README.md @@ -1,6 +1,6 @@ # arborist -![Version: 0.1.13](https://img.shields.io/badge/Version-0.1.13-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.14](https://img.shields.io/badge/Version-0.1.14-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 arborist @@ -8,7 +8,7 @@ A Helm chart for gen3 arborist | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | | https://charts.bitnami.com/bitnami | postgresql | 11.9.13 | ## Values @@ -101,6 +101,3 @@ A Helm chart for gen3 arborist | tolerations | list | `[]` | Tolerations to apply to the pod | | volumeMounts | list | `[]` | Volume mounts to attach to the container | | volumes | list | `[]` | Volumes to attach to the pod | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/argo-wrapper/Chart.yaml b/helm/argo-wrapper/Chart.yaml index 9adfd19c..6c3db9d2 100644 --- a/helm/argo-wrapper/Chart.yaml +++ b/helm/argo-wrapper/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.9 +version: 0.1.10 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,5 +25,5 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common diff --git a/helm/argo-wrapper/README.md b/helm/argo-wrapper/README.md index 0e128b22..75f3d778 100644 --- a/helm/argo-wrapper/README.md +++ b/helm/argo-wrapper/README.md @@ -1,6 +1,6 @@ # argo-wrapper -![Version: 0.1.9](https://img.shields.io/badge/Version-0.1.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.10](https://img.shields.io/badge/Version-0.1.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 Argo Wrapper Service @@ -8,7 +8,7 @@ A Helm chart for gen3 Argo Wrapper Service | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | ## Values @@ -66,6 +66,3 @@ A Helm chart for gen3 Argo Wrapper Service | strategy.rollingUpdate.maxUnavailable | int | `0` | Maximum amount of pods that can be unavailable during the update. | | volumeMounts | list | `[{"mountPath":"/argo.json","name":"argo-config","readOnly":true,"subPath":"argo.json"}]` | Volumes to mount to the pod. | | volumes | list | `[{"configMap":{"items":[{"key":"argo.json","path":"argo.json"}],"name":"manifest-argo"},"name":"argo-config"}]` | Volumes to attach to the pod. | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/argo-wrapper/templates/deployment.yaml b/helm/argo-wrapper/templates/deployment.yaml index 7f70f28a..a4d8ba20 100644 --- a/helm/argo-wrapper/templates/deployment.yaml +++ b/helm/argo-wrapper/templates/deployment.yaml @@ -29,6 +29,7 @@ spec: netnolimit: 'yes' public: 'yes' annotations: + checksum/config: {{ include (print $.Template.BasePath "/argo-wrapper-config.yaml") . | sha256sum }} {{- if .Values.metricsEnabled }} {{- include "common.grafanaAnnotations" . | nindent 8 }} {{- end }} diff --git a/helm/audit/Chart.yaml b/helm/audit/Chart.yaml index 8a9fe516..7099e8b3 100644 --- a/helm/audit/Chart.yaml +++ b/helm/audit/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.15 +version: 0.1.16 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -24,7 +24,7 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common - name: postgresql version: 11.9.13 diff --git a/helm/audit/README.md b/helm/audit/README.md index faa4cd6e..c2882cb8 100644 --- a/helm/audit/README.md +++ b/helm/audit/README.md @@ -1,6 +1,6 @@ # audit -![Version: 0.1.15](https://img.shields.io/badge/Version-0.1.15-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.16](https://img.shields.io/badge/Version-0.1.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for Kubernetes @@ -8,7 +8,7 @@ A Helm chart for Kubernetes | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | | https://charts.bitnami.com/bitnami | postgresql | 11.9.13 | ## Values @@ -122,6 +122,3 @@ A Helm chart for Kubernetes | tolerations | list | `[]` | Tolerations for the pods | | volumeMounts | list | `[]` | Volumes to mount to the container. | | volumes | list | `[]` | Volumes to attach to the container. | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/audit/templates/deployment.yaml b/helm/audit/templates/deployment.yaml index bad68a79..7cf86c02 100644 --- a/helm/audit/templates/deployment.yaml +++ b/helm/audit/templates/deployment.yaml @@ -14,6 +14,7 @@ spec: template: metadata: annotations: + checksum/config: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/helm/aws-es-proxy/Chart.yaml b/helm/aws-es-proxy/Chart.yaml index a14f6b98..a2c7bf35 100644 --- a/helm/aws-es-proxy/Chart.yaml +++ b/helm/aws-es-proxy/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.12 +version: 0.1.13 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,5 +25,5 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common diff --git a/helm/aws-es-proxy/README.md b/helm/aws-es-proxy/README.md index 3166311f..f0a3fb8c 100644 --- a/helm/aws-es-proxy/README.md +++ b/helm/aws-es-proxy/README.md @@ -1,6 +1,6 @@ # aws-es-proxy -![Version: 0.1.12](https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.13](https://img.shields.io/badge/Version-0.1.13-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for AWS ES Proxy Service for gen3 @@ -8,7 +8,7 @@ A Helm chart for AWS ES Proxy Service for gen3 | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | ## Values @@ -67,6 +67,3 @@ A Helm chart for AWS ES Proxy Service for gen3 | strategy.rollingUpdate.maxUnavailable | int | `0` | Maximum amount of pods that can be unavailable during the update. | | volumeMounts | list | `[{"mountPath":"/root/.aws","name":"credentials","readOnly":true}]` | Volumes to mount to the pod. | | volumes | list | `nil` | Volumes to attach to the pod | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/common/Chart.yaml b/helm/common/Chart.yaml index 1e8308c6..66e881bd 100644 --- a/helm/common/Chart.yaml +++ b/helm/common/Chart.yaml @@ -15,7 +15,7 @@ type: library # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.15 +version: 0.1.16 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/common/README.md b/helm/common/README.md index 5fc9d467..8ef44573 100644 --- a/helm/common/README.md +++ b/helm/common/README.md @@ -1,6 +1,6 @@ # common -![Version: 0.1.15](https://img.shields.io/badge/Version-0.1.15-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.16](https://img.shields.io/badge/Version-0.1.16-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for provisioning databases in gen3 @@ -32,6 +32,3 @@ A Helm chart for provisioning databases in gen3 | global.publicDataSets | bool | `true` | Whether public datasets are enabled. | | global.revproxyArn | string | `"arn:aws:acm:us-east-1:123456:certificate"` | ARN of the reverse proxy certificate. | | global.tierAccessLevel | string | `"libre"` | Access level for tiers. acceptable values for `tier_access_level` are: `libre`, `regular` and `private`. If omitted, by default common will be treated as `private` | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/dicom-server/Chart.yaml b/helm/dicom-server/Chart.yaml index f525ad97..caaed1d9 100644 --- a/helm/dicom-server/Chart.yaml +++ b/helm/dicom-server/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.10 +version: 0.1.11 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,5 +25,5 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common diff --git a/helm/dicom-server/README.md b/helm/dicom-server/README.md index 78e0b4b4..58c6394c 100644 --- a/helm/dicom-server/README.md +++ b/helm/dicom-server/README.md @@ -1,6 +1,6 @@ # dicom-server -![Version: 0.1.10](https://img.shields.io/badge/Version-0.1.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.11](https://img.shields.io/badge/Version-0.1.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 Dicom Server @@ -8,7 +8,7 @@ A Helm chart for gen3 Dicom Server | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | ## Values @@ -50,6 +50,3 @@ A Helm chart for gen3 Dicom Server | service.targetport | int | `8042` | The port on the host machine that traffic is directed to. | | volumeMounts | list | `[{"mountPath":"/etc/orthanc/orthanc_config_overwrites.json","name":"config-volume-g3auto","readOnly":true,"subPath":"orthanc_config_overwrites.json"}]` | Volumes to mount to the pod. | | volumes | list | `[{"name":"config-volume-g3auto","secret":{"secretName":"orthanc-g3auto"}}]` | Volumes to attach to the pod. | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/dicom-viewer/Chart.yaml b/helm/dicom-viewer/Chart.yaml index 4123f9f1..30f65737 100644 --- a/helm/dicom-viewer/Chart.yaml +++ b/helm/dicom-viewer/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.10 +version: 0.1.11 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,5 +25,5 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common diff --git a/helm/dicom-viewer/README.md b/helm/dicom-viewer/README.md index 3983a6e4..fc6fab1f 100644 --- a/helm/dicom-viewer/README.md +++ b/helm/dicom-viewer/README.md @@ -1,6 +1,6 @@ # dicom-viewer -![Version: 0.1.10](https://img.shields.io/badge/Version-0.1.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.11](https://img.shields.io/badge/Version-0.1.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 Dicom Viewer @@ -8,7 +8,7 @@ A Helm chart for gen3 Dicom Viewer | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | ## Values @@ -36,6 +36,3 @@ A Helm chart for gen3 Dicom Viewer | service | map | `{"port":80,"type":"ClusterIP"}` | Kubernetes service information. | | service.port | int | `80` | The port number that the service exposes. | | service.type | string | `"ClusterIP"` | Type of service. Valid values are "ClusterIP", "NodePort", "LoadBalancer", "ExternalName". | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/etl/Chart.yaml b/helm/etl/Chart.yaml index 7e5bcc3d..f2a606bd 100644 --- a/helm/etl/Chart.yaml +++ b/helm/etl/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.4 +version: 0.1.5 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/etl/README.md b/helm/etl/README.md index 3d82c6e1..58c187f0 100644 --- a/helm/etl/README.md +++ b/helm/etl/README.md @@ -1,6 +1,6 @@ # etl -![Version: 0.1.4](https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.5](https://img.shields.io/badge/Version-0.1.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 etl @@ -107,6 +107,3 @@ A Helm chart for gen3 etl | resources.tube.requests | map | `{"cpu":0.3,"memory":"128Mi"}` | The amount of resources that the container requests | | resources.tube.requests.cpu | string | `0.3` | The amount of CPU requested | | resources.tube.requests.memory | string | `"128Mi"` | The amount of memory requested | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/faro-collector/Chart.yaml b/helm/faro-collector/Chart.yaml index 32399d2d..ac429f84 100644 --- a/helm/faro-collector/Chart.yaml +++ b/helm/faro-collector/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.1 +version: 0.1.2 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/faro-collector/README.md b/helm/faro-collector/README.md index 97a65cde..fd1f86db 100644 --- a/helm/faro-collector/README.md +++ b/helm/faro-collector/README.md @@ -1,6 +1,6 @@ # alloy -![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.2](https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for deploying Grafana Alloy @@ -29,6 +29,3 @@ A Helm chart for deploying Grafana Alloy | alloy.ingress.ingressClassName | string | `"alb"` | | | alloy.ingress.labels | object | `{}` | | | alloy.ingress.path | string | `"/"` | | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/fence/Chart.yaml b/helm/fence/Chart.yaml index b57cb952..02930bbf 100644 --- a/helm/fence/Chart.yaml +++ b/helm/fence/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.25 +version: 0.1.26 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -24,7 +24,7 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common - name: postgresql version: 11.9.13 diff --git a/helm/fence/README.md b/helm/fence/README.md index f9158f7e..690caa00 100644 --- a/helm/fence/README.md +++ b/helm/fence/README.md @@ -1,6 +1,6 @@ # fence -![Version: 0.1.25](https://img.shields.io/badge/Version-0.1.25-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.26](https://img.shields.io/badge/Version-0.1.26-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 Fence @@ -8,7 +8,7 @@ A Helm chart for gen3 Fence | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | | https://charts.bitnami.com/bitnami | postgresql | 11.9.13 | ## Values @@ -196,6 +196,3 @@ A Helm chart for gen3 Fence | usersync.usersync | bool | `false` | Whether to run Fence usersync or not. | | volumeMounts | list | `[{"mountPath":"/var/www/fence/local_settings.py","name":"old-config-volume","readOnly":true,"subPath":"local_settings.py"},{"mountPath":"/var/www/fence/fence_credentials.json","name":"json-secret-volume","readOnly":true,"subPath":"fence_credentials.json"},{"mountPath":"/var/www/fence/creds.json","name":"creds-volume","readOnly":true,"subPath":"creds.json"},{"mountPath":"/var/www/fence/config_helper.py","name":"config-helper","readOnly":true,"subPath":"config_helper.py"},{"mountPath":"/fence/fence/static/img/logo.svg","name":"logo-volume","readOnly":true,"subPath":"logo.svg"},{"mountPath":"/fence/fence/static/privacy_policy.md","name":"privacy-policy","readOnly":true,"subPath":"privacy_policy.md"},{"mountPath":"/var/www/fence/fence-config-secret.yaml","name":"config-volume","readOnly":true,"subPath":"fence-config.yaml"},{"mountPath":"/var/www/fence/yaml_merge.py","name":"yaml-merge","readOnly":true,"subPath":"yaml_merge.py"},{"mountPath":"/var/www/fence/fence_google_app_creds_secret.json","name":"fence-google-app-creds-secret-volume","readOnly":true,"subPath":"fence_google_app_creds_secret.json"},{"mountPath":"/var/www/fence/fence_google_storage_creds_secret.json","name":"fence-google-storage-creds-secret-volume","readOnly":true,"subPath":"fence_google_storage_creds_secret.json"},{"mountPath":"/fence/keys/key/jwt_private_key.pem","name":"fence-jwt-keys","readOnly":true,"subPath":"jwt_private_key.pem"},{"mountPath":"/var/www/fence/fence-config-public.yaml","name":"config-volume-public","readOnly":true,"subPath":"fence-config-public.yaml"}]` | Volumes to mount to the container. | | volumes | list | `[{"name":"old-config-volume","secret":{"secretName":"fence-secret"}},{"name":"json-secret-volume","secret":{"optional":true,"secretName":"fence-json-secret"}},{"name":"creds-volume","secret":{"secretName":"fence-creds"}},{"configMap":{"name":"config-helper","optional":true},"name":"config-helper"},{"configMap":{"name":"logo-config"},"name":"logo-volume"},{"name":"config-volume","secret":{"secretName":"fence-config"}},{"name":"fence-google-app-creds-secret-volume","secret":{"secretName":"fence-google-app-creds-secret"}},{"name":"fence-google-storage-creds-secret-volume","secret":{"secretName":"fence-google-storage-creds-secret"}},{"name":"fence-jwt-keys","secret":{"secretName":"fence-jwt-keys"}},{"configMap":{"name":"privacy-policy"},"name":"privacy-policy"},{"configMap":{"name":"fence-yaml-merge","optional":false},"name":"yaml-merge"},{"configMap":{"name":"manifest-fence","optional":true},"name":"config-volume-public"}]` | Volumes to attach to the container. | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/fence/templates/fence-deployment.yaml b/helm/fence/templates/fence-deployment.yaml index 09484c52..1b24c149 100644 --- a/helm/fence/templates/fence-deployment.yaml +++ b/helm/fence/templates/fence-deployment.yaml @@ -14,9 +14,11 @@ spec: template: metadata: annotations: - {{- with .Values.podAnnotations }} + checksum/publicconfig: {{ include (print $.Template.BasePath "/fence-config-public.yaml") . | sha256sum }} + checksum/secretconfig: {{ include (print $.Template.BasePath "/fence-config.yaml") . | sha256sum }} + {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} {{- if .Values.metricsEnabled }} {{- include "common.grafanaAnnotations" . | nindent 8 }} {{- end }} diff --git a/helm/fence/templates/presigned-url-fence.yaml b/helm/fence/templates/presigned-url-fence.yaml index 3bb3d568..0fc5342c 100644 --- a/helm/fence/templates/presigned-url-fence.yaml +++ b/helm/fence/templates/presigned-url-fence.yaml @@ -14,6 +14,8 @@ spec: template: metadata: annotations: + checksum/publicconfig: {{ include (print $.Template.BasePath "/fence-config-public.yaml") . | sha256sum }} + checksum/secretconfig: {{ include (print $.Template.BasePath "/fence-config.yaml") . | sha256sum }} {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/helm/frontend-framework/Chart.yaml b/helm/frontend-framework/Chart.yaml index 1a48668b..56609579 100644 --- a/helm/frontend-framework/Chart.yaml +++ b/helm/frontend-framework/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.4 +version: 0.1.5 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,5 +25,5 @@ appVersion: "develop" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common diff --git a/helm/frontend-framework/README.md b/helm/frontend-framework/README.md index 3cc82305..27c8d8c2 100644 --- a/helm/frontend-framework/README.md +++ b/helm/frontend-framework/README.md @@ -1,6 +1,6 @@ # frontend-framework -![Version: 0.1.4](https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: develop](https://img.shields.io/badge/AppVersion-develop-informational?style=flat-square) +![Version: 0.1.5](https://img.shields.io/badge/Version-0.1.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: develop](https://img.shields.io/badge/AppVersion-develop-informational?style=flat-square) A Helm chart for the gen3 frontend framework @@ -8,7 +8,7 @@ A Helm chart for the gen3 frontend framework | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | ## Values @@ -90,6 +90,3 @@ A Helm chart for the gen3 frontend framework | strategy.rollingUpdate.maxSurge | int | `2` | Number of additional replicas to add during rollout. | | strategy.rollingUpdate.maxUnavailable | int | `"25%"` | Maximum amount of pods that can be unavailable during the update. | | tolerations | list | `[]` | Tolerations to apply to the pod | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/frontend-framework/templates/deployment.yaml b/helm/frontend-framework/templates/deployment.yaml index f1da90dd..89cecec2 100644 --- a/helm/frontend-framework/templates/deployment.yaml +++ b/helm/frontend-framework/templates/deployment.yaml @@ -51,13 +51,13 @@ spec: path: / {{- end }} port: 3000 - initialDelaySeconds: 30 - periodSeconds: 60 + initialDelaySeconds: 3 + periodSeconds: 10 timeoutSeconds: 30 resources: {{- toYaml .Values.resources | nindent 12 }} ports: - - containerPort: 80 + - containerPort: 3000 name: http protocol: TCP envFrom: diff --git a/helm/pidgin/.helmignore b/helm/gen3-network-policies/.helmignore similarity index 100% rename from helm/pidgin/.helmignore rename to helm/gen3-network-policies/.helmignore diff --git a/wip/gen3-network-policies/Chart.yaml b/helm/gen3-network-policies/Chart.yaml similarity index 79% rename from wip/gen3-network-policies/Chart.yaml rename to helm/gen3-network-policies/Chart.yaml index 7bc53bc1..c1a81dfc 100644 --- a/wip/gen3-network-policies/Chart.yaml +++ b/helm/gen3-network-policies/Chart.yaml @@ -4,6 +4,6 @@ description: A Helm chart that holds network policies needed to run Gen3 type: application -version: 0.1.1 +version: 0.1.2 -appVersion: "0.1.1" +appVersion: "0.1.2" diff --git a/helm/gen3-network-policies/README.md b/helm/gen3-network-policies/README.md new file mode 100644 index 00000000..be9c4d42 --- /dev/null +++ b/helm/gen3-network-policies/README.md @@ -0,0 +1,57 @@ +# gen3-network-policies + +![Version: 0.1.2](https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.2](https://img.shields.io/badge/AppVersion-0.1.2-informational?style=flat-square) + +A Helm chart that holds network policies needed to run Gen3 + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| argo-workflows.enabled | bool | `true` | | +| argocd.enabled | bool | `true` | | +| global.aws | map | `{"awsAccessKeyId":null,"awsSecretAccessKey":null,"enabled":false,"region":"us-east-1","secretStoreServiceAccount":{"enabled":false,"name":"secret-store-sa","roleArn":null},"useLocalSecret":{"enabled":false,"localSecretName":null}}` | AWS configuration | +| global.aws.awsAccessKeyId | string | `nil` | Credentials for AWS stuff. | +| global.aws.awsSecretAccessKey | string | `nil` | Credentials for AWS stuff. | +| global.aws.enabled | bool | `false` | Set to true if deploying to AWS. Controls ingress annotations. | +| global.aws.region | string | `"us-east-1"` | AWS region for this deployment | +| global.aws.secretStoreServiceAccount | map | `{"enabled":false,"name":"secret-store-sa","roleArn":null}` | Service account and AWS role for authentication to AWS Secrets Manager | +| global.aws.secretStoreServiceAccount.enabled | bool | `false` | Set true if deploying to AWS and want to use service account and IAM role instead of aws keys. Must provide role-arn. | +| global.aws.secretStoreServiceAccount.name | string | `"secret-store-sa"` | Name of the service account to create | +| global.aws.secretStoreServiceAccount.roleArn | string | `nil` | AWS Role ARN for Secret Store to use | +| global.aws.useLocalSecret | map | `{"enabled":false,"localSecretName":null}` | Local secret setting if using a pre-exising secret. | +| global.aws.useLocalSecret.enabled | bool | `false` | Set to true if you would like to use a secret that is already running on your cluster. | +| global.aws.useLocalSecret.localSecretName | string | `nil` | Name of the local secret. | +| global.dev | bool | `true` | Deploys postgres/elasticsearch for dev | +| global.dictionaryUrl | string | `"https://s3.amazonaws.com/dictionary-artifacts/datadictionary/develop/schema.json"` | URL of the data dictionary. | +| global.dispatcherJobNum | int | `"10"` | Number of dispatcher jobs. | +| global.environment | string | `"default"` | Environment name. This should be the same as vpcname if you're doing an AWS deployment. Currently this is being used to share ALB's if you have multiple namespaces in same cluster. | +| global.externalSecrets | map | `{"dbCreate":false,"deploy":false}` | External Secrets settings. | +| global.externalSecrets.dbCreate | bool | `false` | Will create the databases and store the creds in Kubernetes Secrets even if externalSecrets is deployed. Useful if you want to use ExternalSecrets for other secrets besides db secrets. | +| global.externalSecrets.deploy | bool | `false` | Will use ExternalSecret resources to pull secrets from Secrets Manager instead of creating them locally. Be cautious as this will override secrets you have deployed. | +| global.frontendRoot | string | `"portal"` | Which app will be served on /. Needs be set to portal for portal, or "gen3ff" for frontendframework. | +| global.hostname | string | `"localhost"` | Hostname for the deployment. | +| global.manifestGlobalExtraValues | map | `{}` | If you would like to add any extra values to the manifest-global configmap. | +| global.netPolicy | bool | `{"dbSubnet":"","enabled":false}` | Global flags to control and manage network policies for a Gen3 installation NOTE: Network policies are currently a beta feature. Use with caution! | +| global.netPolicy.dbSubnet | array | `""` | A CIDR range representing a database subnet, that services with a database need access to | +| global.netPolicy.enabled | bool | `false` | Whether network policies are enabled | +| global.portalApp | string | `"gitops"` | Portal application name. | +| global.postgres.dbCreate | bool | `true` | Whether the database create job should run. | +| global.postgres.master.host | string | `nil` | global postgres master host | +| global.postgres.master.password | string | `nil` | global postgres master password | +| global.postgres.master.port | string | `"5432"` | global postgres master port | +| global.postgres.master.username | string | `"postgres"` | global postgres master username | +| global.publicDataSets | bool | `true` | Whether public datasets are enabled. | +| global.revproxyArn | string | `"arn:aws:acm:us-east-1:123456:certificate"` | ARN of the reverse proxy certificate. | +| global.tierAccessLevel | string | `"libre"` | Access level for tiers. acceptable values for `tier_access_level` are: `libre`, `regular` and `private`. If omitted, by default common will be treated as `private` | +| global.tierAccessLimit | int | `"1000"` | Only relevant if tireAccessLevel is set to "regular". Summary charts below this limit will not appear for aggregated data. | +| s3CidrRanges[0].ipBlock.cidr | string | `"18.34.0.0/19"` | | +| s3CidrRanges[1].ipBlock.cidr | string | `"16.15.192.0/18"` | | +| s3CidrRanges[2].ipBlock.cidr | string | `"54.231.0.0/16"` | | +| s3CidrRanges[3].ipBlock.cidr | string | `"52.216.0.0/15"` | | +| s3CidrRanges[4].ipBlock.cidr | string | `"18.34.232.0/21"` | | +| s3CidrRanges[5].ipBlock.cidr | string | `"16.15.176.0/20"` | | +| s3CidrRanges[6].ipBlock.cidr | string | `"16.182.0.0/16"` | | +| s3CidrRanges[7].ipBlock.cidr | string | `"3.5.0.0/19"` | | +| s3CidrRanges[8].ipBlock.cidr | string | `"44.192.134.240/28"` | | +| s3CidrRanges[9].ipBlock.cidr | string | `"44.192.140.64/28"` | | diff --git a/wip/gen3-network-policies/templates/_helpers.tpl b/helm/gen3-network-policies/templates/_helpers.tpl similarity index 100% rename from wip/gen3-network-policies/templates/_helpers.tpl rename to helm/gen3-network-policies/templates/_helpers.tpl diff --git a/wip/gen3-network-policies/templates/allow_nothing_netpolicy.yaml b/helm/gen3-network-policies/templates/allow_nothing_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/allow_nothing_netpolicy.yaml rename to helm/gen3-network-policies/templates/allow_nothing_netpolicy.yaml diff --git a/wip/gen3-network-policies/templates/allowdns_netpolicy.yaml b/helm/gen3-network-policies/templates/allowdns_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/allowdns_netpolicy.yaml rename to helm/gen3-network-policies/templates/allowdns_netpolicy.yaml diff --git a/wip/gen3-network-policies/templates/argo_workflows_netpolicy.yaml b/helm/gen3-network-policies/templates/argo_workflows_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/argo_workflows_netpolicy.yaml rename to helm/gen3-network-policies/templates/argo_workflows_netpolicy.yaml diff --git a/wip/gen3-network-policies/templates/argocd_netpolicy.yaml b/helm/gen3-network-policies/templates/argocd_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/argocd_netpolicy.yaml rename to helm/gen3-network-policies/templates/argocd_netpolicy.yaml diff --git a/wip/gen3-network-policies/templates/auth_netpolicy.yaml b/helm/gen3-network-policies/templates/auth_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/auth_netpolicy.yaml rename to helm/gen3-network-policies/templates/auth_netpolicy.yaml diff --git a/wip/gen3-network-policies/templates/dev_elasticsearch_netpolicy.yaml b/helm/gen3-network-policies/templates/dev_elasticsearch_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/dev_elasticsearch_netpolicy.yaml rename to helm/gen3-network-policies/templates/dev_elasticsearch_netpolicy.yaml diff --git a/wip/gen3-network-policies/templates/dev_kube_api_netpolicy.yaml b/helm/gen3-network-policies/templates/dev_kube_api_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/dev_kube_api_netpolicy.yaml rename to helm/gen3-network-policies/templates/dev_kube_api_netpolicy.yaml diff --git a/wip/gen3-network-policies/templates/dev_postgres_netpolicy.yaml b/helm/gen3-network-policies/templates/dev_postgres_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/dev_postgres_netpolicy.yaml rename to helm/gen3-network-policies/templates/dev_postgres_netpolicy.yaml diff --git a/wip/gen3-network-policies/templates/external_egress_netpolicy.yaml b/helm/gen3-network-policies/templates/external_egress_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/external_egress_netpolicy.yaml rename to helm/gen3-network-policies/templates/external_egress_netpolicy.yaml diff --git a/wip/gen3-network-policies/templates/gen3job_netpolicy.yaml b/helm/gen3-network-policies/templates/gen3job_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/gen3job_netpolicy.yaml rename to helm/gen3-network-policies/templates/gen3job_netpolicy.yaml diff --git a/wip/gen3-network-policies/templates/jh_netpolicy.yaml b/helm/gen3-network-policies/templates/jh_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/jh_netpolicy.yaml rename to helm/gen3-network-policies/templates/jh_netpolicy.yaml diff --git a/wip/gen3-network-policies/templates/linklocal_netpolicy.yaml b/helm/gen3-network-policies/templates/linklocal_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/linklocal_netpolicy.yaml rename to helm/gen3-network-policies/templates/linklocal_netpolicy.yaml diff --git a/wip/gen3-network-policies/templates/nolimit_netpolicy.yaml b/helm/gen3-network-policies/templates/nolimit_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/nolimit_netpolicy.yaml rename to helm/gen3-network-policies/templates/nolimit_netpolicy.yaml diff --git a/wip/gen3-network-policies/templates/public_netpolicy.yaml b/helm/gen3-network-policies/templates/public_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/public_netpolicy.yaml rename to helm/gen3-network-policies/templates/public_netpolicy.yaml diff --git a/wip/gen3-network-policies/templates/s3_netpolicy.yaml b/helm/gen3-network-policies/templates/s3_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/s3_netpolicy.yaml rename to helm/gen3-network-policies/templates/s3_netpolicy.yaml diff --git a/wip/gen3-network-policies/templates/vpc_netpolicy.yaml b/helm/gen3-network-policies/templates/vpc_netpolicy.yaml similarity index 100% rename from wip/gen3-network-policies/templates/vpc_netpolicy.yaml rename to helm/gen3-network-policies/templates/vpc_netpolicy.yaml diff --git a/helm/gen3-network-policies/values.yaml b/helm/gen3-network-policies/values.yaml new file mode 100644 index 00000000..0492a5be --- /dev/null +++ b/helm/gen3-network-policies/values.yaml @@ -0,0 +1,109 @@ +# Global configuration +global: + # -- (map) AWS configuration + aws: + # -- (string) AWS region for this deployment + region: us-east-1 + # -- (bool) Set to true if deploying to AWS. Controls ingress annotations. + enabled: false + # -- (string) Credentials for AWS stuff. + awsAccessKeyId: + # -- (string) Credentials for AWS stuff. + awsSecretAccessKey: + # -- (map) Service account and AWS role for authentication to AWS Secrets Manager + secretStoreServiceAccount: + # -- (bool) Set true if deploying to AWS and want to use service account and IAM role instead of aws keys. Must provide role-arn. + enabled: false + # -- (string) Name of the service account to create + name: secret-store-sa + # -- (string) AWS Role ARN for Secret Store to use + roleArn: + # -- (map) Local secret setting if using a pre-exising secret. + useLocalSecret: + # -- (bool) Set to true if you would like to use a secret that is already running on your cluster. + enabled: false + # -- (string) Name of the local secret. + localSecretName: + # -- (bool) Deploys postgres/elasticsearch for dev + dev: true + postgres: + # -- (bool) Whether the database create job should run. + dbCreate: true + master: + # -- global postgres master username + username: postgres + # -- global postgres master password + password: + # -- global postgres master host + host: + # -- global postgres master port + port: "5432" + # -- (string) Environment name. + # This should be the same as vpcname if you're doing an AWS deployment. + # Currently this is being used to share ALB's if you have multiple namespaces in same cluster. + environment: default + # -- (string) Hostname for the deployment. + hostname: localhost + # -- (string) ARN of the reverse proxy certificate. + revproxyArn: arn:aws:acm:us-east-1:123456:certificate + # -- (string) URL of the data dictionary. + dictionaryUrl: https://s3.amazonaws.com/dictionary-artifacts/datadictionary/develop/schema.json + # -- (string) Portal application name. + portalApp: gitops + # -- (bool) Whether public datasets are enabled. + publicDataSets: true + # -- (string) Access level for tiers. acceptable values for `tier_access_level` are: `libre`, `regular` and `private`. If omitted, by default common will be treated as `private` + tierAccessLevel: libre + # -- (int) Only relevant if tireAccessLevel is set to "regular". Summary charts below this limit will not appear for aggregated data. + tierAccessLimit: "1000" + # -- (bool) Global flags to control and manage network policies for a Gen3 installation + # NOTE: Network policies are currently a beta feature. Use with caution! + netPolicy: + # -- (bool) Whether network policies are enabled + enabled: false + + # -- (array) A CIDR range representing a database subnet, that services with a database need access to + dbSubnet: "" + # -- (int) Number of dispatcher jobs. + dispatcherJobNum: "10" + # -- (map) If you would like to add any extra values to the manifest-global configmap. + manifestGlobalExtraValues: {} + # -- (string) Which app will be served on /. Needs be set to portal for portal, or "gen3ff" for frontendframework. + frontendRoot: "portal" + # -- (map) External Secrets settings. + externalSecrets: + # -- (bool) Will use ExternalSecret resources to pull secrets from Secrets Manager instead of creating them locally. Be cautious as this will override secrets you have deployed. + deploy: false + # -- (bool) Will create the databases and store the creds in Kubernetes Secrets even if externalSecrets is deployed. Useful if you want to use ExternalSecrets for other secrets besides db secrets. + dbCreate: false + + +argo-workflows: + enabled: true + +argocd: + enabled: true + +# This is a list of CIDR ranges that may be used by AWS. This is needed +# to allow egress to S3 for services that need it +s3CidrRanges: + - ipBlock: + cidr: 18.34.0.0/19 + - ipBlock: + cidr: 16.15.192.0/18 + - ipBlock: + cidr: 54.231.0.0/16 + - ipBlock: + cidr: 52.216.0.0/15 + - ipBlock: + cidr: 18.34.232.0/21 + - ipBlock: + cidr: 16.15.176.0/20 + - ipBlock: + cidr: 16.182.0.0/16 + - ipBlock: + cidr: 3.5.0.0/19 + - ipBlock: + cidr: 44.192.134.240/28 + - ipBlock: + cidr: 44.192.140.64/28 diff --git a/helm/gen3/Chart.yaml b/helm/gen3/Chart.yaml index e9008b3a..d45a3d16 100644 --- a/helm/gen3/Chart.yaml +++ b/helm/gen3/Chart.yaml @@ -5,99 +5,95 @@ description: Helm chart to deploy Gen3 Data Commons # Dependencies dependencies: - name: ambassador - version: 0.1.15 + version: 0.1.16 repository: "file://../ambassador" condition: ambassador.enabled - name: arborist - version: 0.1.13 + version: 0.1.14 repository: "file://../arborist" condition: arborist.enabled - name: argo-wrapper - version: 0.1.9 + version: 0.1.10 repository: "file://../argo-wrapper" condition: argo-wrapper.enabled - name: audit - version: 0.1.15 + version: 0.1.16 repository: "file://../audit" condition: audit.enabled - name: aws-es-proxy - version: 0.1.12 + version: 0.1.13 repository: "file://../aws-es-proxy" condition: aws-es-proxy.enabled - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common - name: etl - version: 0.1.4 + version: 0.1.5 repository: file://../etl condition: etl.enabled - name: frontend-framework - version: 0.1.4 + version: 0.1.5 repository: "file://../frontend-framework" condition: frontend-framework.enabled - name: fence - version: 0.1.25 + version: 0.1.26 repository: "file://../fence" condition: fence.enabled - name: guppy - version: 0.1.15 + version: 0.1.16 repository: "file://../guppy" condition: guppy.enabled - name: hatchery - version: 0.1.11 + version: 0.1.12 repository: "file://../hatchery" condition: hatchery.enabled - name: indexd - version: 0.1.17 + version: 0.1.18 repository: "file://../indexd" condition: indexd.enabled - name: manifestservice - version: 0.1.16 + version: 0.1.17 repository: "file://../manifestservice" condition: manifestservice.enabled - name: metadata - version: 0.1.15 + version: 0.1.16 repository: "file://../metadata" condition: metadata.enabled - name: peregrine - version: 0.1.16 + version: 0.1.17 repository: "file://../peregrine" condition: peregrine.enabled - - name: pidgin - version: 0.1.12 - repository: "file://../pidgin" - condition: pidgin.enabled - name: portal - version: 0.1.20 + version: 0.1.21 repository: "file://../portal" condition: portal.enabled - name: requestor - version: 0.1.15 + version: 0.1.16 repository: "file://../requestor" condition: requestor.enabled - name: revproxy - version: 0.1.18 + version: 0.1.19 repository: "file://../revproxy" condition: revproxy.enabled - name: sheepdog - version: 0.1.18 + version: 0.1.19 repository: "file://../sheepdog" condition: sheepdog.enabled - name: ssjdispatcher - version: 0.1.12 + version: 0.1.13 repository: "file://../ssjdispatcher" condition: ssjdispatcher.enabled - name: sower - version: 0.1.14 + version: 0.1.15 condition: sower.enabled repository: "file://../sower" - name: wts - version: 0.1.17 + version: 0.1.18 repository: "file://../wts" condition: wts.enabled - name: gen3-network-policies - version: 0.1.1 - repository: "file://../../wip/gen3-network-policies" + version: 0.1.2 + repository: "file://../gen3-network-policies" condition: global.netPolicy.enabled - name: elasticsearch @@ -115,7 +111,7 @@ dependencies: # Reference: https://github.com/neuvector/neuvector-helm # For more information, please use the Gen3 community Slack. - name: neuvector - version: "0.1.1" + version: "0.1.2" repository: "file://../neuvector" condition: neuvector.enabled diff --git a/helm/gen3/README.md b/helm/gen3/README.md index 7df5f5c4..2153532a 100644 --- a/helm/gen3/README.md +++ b/helm/gen3/README.md @@ -18,31 +18,30 @@ Helm chart to deploy Gen3 Data Commons | Repository | Name | Version | |------------|------|---------| -| file://../../wip/gen3-network-policies | gen3-network-policies | 0.1.1 | -| file://../ambassador | ambassador | 0.1.15 | -| file://../arborist | arborist | 0.1.13 | -| file://../argo-wrapper | argo-wrapper | 0.1.9 | -| file://../audit | audit | 0.1.15 | -| file://../aws-es-proxy | aws-es-proxy | 0.1.12 | -| file://../common | common | 0.1.15 | -| file://../etl | etl | 0.1.4 | -| file://../fence | fence | 0.1.25 | -| file://../frontend-framework | frontend-framework | 0.1.4 | -| file://../guppy | guppy | 0.1.15 | -| file://../hatchery | hatchery | 0.1.11 | -| file://../indexd | indexd | 0.1.17 | -| file://../manifestservice | manifestservice | 0.1.16 | -| file://../metadata | metadata | 0.1.15 | -| file://../neuvector | neuvector | 0.1.1 | -| file://../peregrine | peregrine | 0.1.16 | -| file://../pidgin | pidgin | 0.1.12 | -| file://../portal | portal | 0.1.20 | -| file://../requestor | requestor | 0.1.15 | -| file://../revproxy | revproxy | 0.1.18 | -| file://../sheepdog | sheepdog | 0.1.18 | -| file://../sower | sower | 0.1.14 | -| file://../ssjdispatcher | ssjdispatcher | 0.1.12 | -| file://../wts | wts | 0.1.17 | +| file://../ambassador | ambassador | 0.1.16 | +| file://../arborist | arborist | 0.1.14 | +| file://../argo-wrapper | argo-wrapper | 0.1.10 | +| file://../audit | audit | 0.1.16 | +| file://../aws-es-proxy | aws-es-proxy | 0.1.13 | +| file://../common | common | 0.1.16 | +| file://../etl | etl | 0.1.5 | +| file://../fence | fence | 0.1.26 | +| file://../frontend-framework | frontend-framework | 0.1.5 | +| file://../gen3-network-policies | gen3-network-policies | 0.1.2 | +| file://../guppy | guppy | 0.1.16 | +| file://../hatchery | hatchery | 0.1.12 | +| file://../indexd | indexd | 0.1.18 | +| file://../manifestservice | manifestservice | 0.1.17 | +| file://../metadata | metadata | 0.1.16 | +| file://../neuvector | neuvector | 0.1.2 | +| file://../peregrine | peregrine | 0.1.17 | +| file://../portal | portal | 0.1.21 | +| file://../requestor | requestor | 0.1.16 | +| file://../revproxy | revproxy | 0.1.19 | +| file://../sheepdog | sheepdog | 0.1.19 | +| file://../sower | sower | 0.1.15 | +| file://../ssjdispatcher | ssjdispatcher | 0.1.13 | +| file://../wts | wts | 0.1.18 | | https://charts.bitnami.com/bitnami | postgresql | 11.9.13 | | https://helm.elastic.co | elasticsearch | 7.10.2 | @@ -181,5 +180,5 @@ Helm chart to deploy Gen3 Data Commons | ssjdispatcher.enabled | bool | `false` | Whether to deploy the ssjdispatcher subchart. | | wts.enabled | bool | `true` | Whether to deploy the wts subchart. | ----------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) +======= diff --git a/helm/guppy/Chart.yaml b/helm/guppy/Chart.yaml index e625d113..ff0c3447 100644 --- a/helm/guppy/Chart.yaml +++ b/helm/guppy/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.15 +version: 0.1.16 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,5 +25,5 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common diff --git a/helm/guppy/README.md b/helm/guppy/README.md index 9d08e3ea..2e94cdf8 100644 --- a/helm/guppy/README.md +++ b/helm/guppy/README.md @@ -1,6 +1,6 @@ # guppy -![Version: 0.1.15](https://img.shields.io/badge/Version-0.1.15-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.16](https://img.shields.io/badge/Version-0.1.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 Guppy Service @@ -8,7 +8,7 @@ A Helm chart for gen3 Guppy Service | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | ## Values @@ -92,6 +92,3 @@ A Helm chart for gen3 Guppy Service | strategy.rollingUpdate.maxUnavailable | int | `0` | Maximum amount of pods that can be unavailable during the update. | | volumeMounts | list | `[{"mountPath":"/guppy/guppy_config.json","name":"guppy-config","readOnly":true,"subPath":"guppy_config.json"}]` | Volumes to mount to the container. | | volumes | list | `[{"configMap":{"items":[{"key":"guppy_config.json","path":"guppy_config.json"}],"name":"manifest-guppy"},"name":"guppy-config"}]` | Volumes to attach to the pod. | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/guppy/templates/deployment.yaml b/helm/guppy/templates/deployment.yaml index 788b1760..f23baf53 100644 --- a/helm/guppy/templates/deployment.yaml +++ b/helm/guppy/templates/deployment.yaml @@ -25,6 +25,7 @@ spec: netnolimit: 'yes' public: 'yes' annotations: + checksum/config: {{ include (print $.Template.BasePath "/guppy_config.yaml") . | sha256sum }} {{- if .Values.metricsEnabled }} {{- include "common.grafanaAnnotations" . | nindent 8 }} {{- end }} diff --git a/helm/hatchery/Chart.yaml b/helm/hatchery/Chart.yaml index 5a86a60c..f222c6b2 100644 --- a/helm/hatchery/Chart.yaml +++ b/helm/hatchery/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.11 +version: 0.1.12 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,5 +25,5 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common diff --git a/helm/hatchery/README.md b/helm/hatchery/README.md index dc3e8e00..1c429f03 100644 --- a/helm/hatchery/README.md +++ b/helm/hatchery/README.md @@ -1,6 +1,6 @@ # hatchery -![Version: 0.1.11](https://img.shields.io/badge/Version-0.1.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.12](https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 Hatchery @@ -8,7 +8,7 @@ A Helm chart for gen3 Hatchery | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | ## Values @@ -49,7 +49,7 @@ A Helm chart for gen3 Hatchery | global.publicDataSets | bool | `true` | Whether public datasets are enabled. | | global.revproxyArn | string | `"arn:aws:acm:us-east-1:123456:certificate"` | ARN of the reverse proxy certificate. | | global.tierAccessLevel | string | `"libre"` | Access level for tiers. acceptable values for `tier_access_level` are: `libre`, `regular` and `private`. If omitted, by default common will be treated as `private` | -| hatchery | map | `{"containers":[{"args":["--NotebookApp.base_url=/lw-workspace/proxy/","--NotebookApp.default_url=/lab","--NotebookApp.password=''","--NotebookApp.token=''","--NotebookApp.shutdown_no_activity_timeout=5400","--NotebookApp.quit_button=False"],"command":["start-notebook.sh"],"cpu-limit":"1.0","env":{"FRAME_ANCESTORS":"https://{{ .Values.global.hostname }}"},"fs-gid":100,"gen3-volume-location":"/home/jovyan/.gen3","image":"quay.io/cdis/heal-notebooks:combined_tutorials__latest","lifecycle-post-start":["/bin/sh","-c","export IAM=`whoami`; rm -rf /home/$IAM/pd/dockerHome; rm -rf /home/$IAM/pd/lost+found; ln -s /data /home/$IAM/pd/; true"],"memory-limit":"2Gi","name":"(Tutorials) Example Analysis Jupyter Lab Notebooks","path-rewrite":"/lw-workspace/proxy/","ready-probe":"/lw-workspace/proxy/","target-port":8888,"use-tls":"false","user-uid":1000,"user-volume-location":"/home/jovyan/pd"}],"sidecarContainer":{"args":[],"command":["/bin/bash","./sidecar.sh"],"cpu-limit":"0.1","env":{"HOSTNAME":"{{ .Values.global.hostname }}","NAMESPACE":"{{ .Release.Namespace }}"},"image":"quay.io/cdis/ecs-ws-sidecar:master","lifecycle-pre-stop":["su","-c","echo test","-s","/bin/sh","root"],"memory-limit":"256Mi"}}` | Hatchery sidcar container configuration. | +| hatchery | map | `{"containers":[{"args":["--NotebookApp.base_url=/lw-workspace/proxy/","--NotebookApp.default_url=/lab","--NotebookApp.password=''","--NotebookApp.token=''","--NotebookApp.shutdown_no_activity_timeout=5400","--NotebookApp.quit_button=False"],"command":["start-notebook.sh"],"cpu-limit":"1.0","env":{"FRAME_ANCESTORS":"https://{{ .Values.global.hostname }}"},"fs-gid":100,"gen3-volume-location":"/home/jovyan/.gen3","image":"quay.io/cdis/heal-notebooks:combined_tutorials__latest","lifecycle-post-start":["/bin/sh","-c","export IAM=`whoami`; rm -rf /home/$IAM/pd/dockerHome; rm -rf /home/$IAM/pd/lost+found; ln -s /data /home/$IAM/pd/; true"],"memory-limit":"2Gi","name":"(Tutorials) Example Analysis Jupyter Lab Notebooks","path-rewrite":"/lw-workspace/proxy/","ready-probe":"/lw-workspace/proxy/","target-port":8888,"use-tls":"false","user-uid":1000,"user-volume-location":"/home/jovyan/pd"}],"sidecarContainer":{"args":[],"command":["/bin/bash","./sidecar.sh"],"cpu-limit":"0.1","env":{"HOSTNAME":"{{ .Values.global.hostname }}","NAMESPACE":"{{ .Release.Namespace }}"},"image":"quay.io/cdis/ecs-ws-sidecar:master","lifecycle-pre-stop":["su","-c","echo test","-s","/bin/sh","root"],"memory-limit":"256Mi"},"skipNodeSelector":false,"useInternalServicesUrl":false}` | Hatchery sidcar container configuration. | | hatchery.containers | list | `[{"args":["--NotebookApp.base_url=/lw-workspace/proxy/","--NotebookApp.default_url=/lab","--NotebookApp.password=''","--NotebookApp.token=''","--NotebookApp.shutdown_no_activity_timeout=5400","--NotebookApp.quit_button=False"],"command":["start-notebook.sh"],"cpu-limit":"1.0","env":{"FRAME_ANCESTORS":"https://{{ .Values.global.hostname }}"},"fs-gid":100,"gen3-volume-location":"/home/jovyan/.gen3","image":"quay.io/cdis/heal-notebooks:combined_tutorials__latest","lifecycle-post-start":["/bin/sh","-c","export IAM=`whoami`; rm -rf /home/$IAM/pd/dockerHome; rm -rf /home/$IAM/pd/lost+found; ln -s /data /home/$IAM/pd/; true"],"memory-limit":"2Gi","name":"(Tutorials) Example Analysis Jupyter Lab Notebooks","path-rewrite":"/lw-workspace/proxy/","ready-probe":"/lw-workspace/proxy/","target-port":8888,"use-tls":"false","user-uid":1000,"user-volume-location":"/home/jovyan/pd"}]` | Notebook configuration. | | hatchery.sidecarContainer.args | list | `[]` | Arguments to pass to the sidecare container. | | hatchery.sidecarContainer.command | list | `["/bin/bash","./sidecar.sh"]` | Commands to run for the sidecar container. | @@ -58,6 +58,8 @@ A Helm chart for gen3 Hatchery | hatchery.sidecarContainer.image | string | `"quay.io/cdis/ecs-ws-sidecar:master"` | The sidecar image. | | hatchery.sidecarContainer.lifecycle-pre-stop | list | `["su","-c","echo test","-s","/bin/sh","root"]` | Commands that are run before the container is stopped. | | hatchery.sidecarContainer.memory-limit | string | `"256Mi"` | The maximum amount of memory the sidecar container can use | +| hatchery.skipNodeSelector | bool | `false` | Whether to skip node selector for . Defaults to `global.dev`. | +| hatchery.useInternalServicesUrl | bool | `false` | Whether to use internal services url. Defaults to `global.dev`. | | image | map | `{"pullPolicy":"IfNotPresent","repository":"quay.io/cdis/hatchery","tag":""}` | Docker image information. | | image.pullPolicy | string | `"IfNotPresent"` | Docker pull policy. | | image.repository | string | `"quay.io/cdis/hatchery"` | Docker repository. | @@ -83,6 +85,3 @@ A Helm chart for gen3 Hatchery | tolerations | list | `[]` | Tolerations to use for the deployment. | | volumeMounts | list | `[{"mountPath":"/hatchery.json","name":"hatchery-config","readOnly":true,"subPath":"json"}]` | Volumes to mount to the container. | | volumes | list | `[{"configMap":{"name":"manifest-hatchery"},"name":"hatchery-config"}]` | Volumes to attach to the container. | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/hatchery/templates/deployment.yaml b/helm/hatchery/templates/deployment.yaml index 81ae84aa..04c7ca21 100644 --- a/helm/hatchery/templates/deployment.yaml +++ b/helm/hatchery/templates/deployment.yaml @@ -14,6 +14,7 @@ spec: template: metadata: annotations: + checksum/config: {{ include (print $.Template.BasePath "/hatchery-manifest.yaml") . | sha256sum }} {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/helm/hatchery/templates/hatchery-manifest.yaml b/helm/hatchery/templates/hatchery-manifest.yaml index 777e6922..3d643a84 100644 --- a/helm/hatchery/templates/hatchery-manifest.yaml +++ b/helm/hatchery/templates/hatchery-manifest.yaml @@ -6,7 +6,8 @@ data: json: | { "user-namespace": "jupyter-pods-{{ .Release.Name }}", - "localdev": {{ .Values.global.dev }}, + "skip-node-selector": {{ or .Values.global.dev .Values.hatchery.skipNodeSelector }}, + "use-internal-services-url": {{ or .Values.global.dev .Values.hatchery.useInternalServicesUrl }}, "sub-dir": "/lw-workspace", "user-volume-size": "10Gi", "sidecar": {{ tpl (.Values.hatchery.sidecarContainer | toJson) . }}, diff --git a/helm/hatchery/values.yaml b/helm/hatchery/values.yaml index 7ee911ca..db9d8241 100644 --- a/helm/hatchery/values.yaml +++ b/helm/hatchery/values.yaml @@ -206,6 +206,11 @@ hatchery: user-volume-location: "/home/jovyan/pd" gen3-volume-location: "/home/jovyan/.gen3" + # -- (bool) Whether to skip node selector for . Defaults to `global.dev`. + skipNodeSelector: false + # -- (bool) Whether to use internal services url. Defaults to `global.dev`. + useInternalServicesUrl: false + # Values to determine the labels that are used for the deployment, pod, etc. # -- (string) Valid options are "production" or "dev". If invalid option is set- the value will default to "dev". release: "production" diff --git a/helm/indexd/Chart.yaml b/helm/indexd/Chart.yaml index a21d6f6d..99ac703b 100644 --- a/helm/indexd/Chart.yaml +++ b/helm/indexd/Chart.yaml @@ -25,7 +25,7 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common - name: postgresql version: 11.9.13 diff --git a/helm/indexd/README.md b/helm/indexd/README.md index 5a421b11..88f8ae27 100644 --- a/helm/indexd/README.md +++ b/helm/indexd/README.md @@ -8,7 +8,7 @@ A Helm chart for gen3 indexd | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | | https://charts.bitnami.com/bitnami | postgresql | 11.9.13 | ## Values @@ -107,5 +107,4 @@ A Helm chart for gen3 indexd | volumeMounts | list | `[{"mountPath":"/var/www/indexd/local_settings.py","name":"config-volume","readOnly":true,"subPath":"local_settings.py"}]` | Volumes to mount to the container. | | volumes | list | `[{"configMap":{"name":"indexd-uwsgi"},"name":"uwsgi-config"},{"name":"config-volume","secret":{"secretName":"indexd-settings"}}]` | Volumes to attach to the pod | ----------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/manifestservice/Chart.yaml b/helm/manifestservice/Chart.yaml index 4e5ad932..84194a1a 100644 --- a/helm/manifestservice/Chart.yaml +++ b/helm/manifestservice/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.16 +version: 0.1.17 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,5 +25,5 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common diff --git a/helm/manifestservice/README.md b/helm/manifestservice/README.md index 06f23829..cc328847 100644 --- a/helm/manifestservice/README.md +++ b/helm/manifestservice/README.md @@ -1,6 +1,6 @@ # manifestservice -![Version: 0.1.16](https://img.shields.io/badge/Version-0.1.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.17](https://img.shields.io/badge/Version-0.1.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for Kubernetes @@ -8,7 +8,7 @@ A Helm chart for Kubernetes | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | ## Values @@ -81,6 +81,3 @@ A Helm chart for Kubernetes | terminationGracePeriodSeconds | int | `50` | Grace period that applies to the total time it takes for both the PreStop hook to execute and for the Container to stop normally. | | volumeMounts | list | `[{"mountPath":"/var/gen3/config/","name":"config-volume","readOnly":true}]` | Volumes to mount to the container. | | volumes | list | `[{"name":"config-volume","secret":{"secretName":"manifestservice-g3auto"}}]` | Volumes to attach to the container. | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/manifestservice/templates/deployment.yaml b/helm/manifestservice/templates/deployment.yaml index 9c362f6a..c13f4f0a 100644 --- a/helm/manifestservice/templates/deployment.yaml +++ b/helm/manifestservice/templates/deployment.yaml @@ -23,6 +23,7 @@ spec: {{- include "manifestservice.selectorLabels" . | nindent 8 }} {{- include "common.extraLabels" . | nindent 8 }} annotations: + checksum/config: {{ include (print $.Template.BasePath "/manifestservice-creds.yaml") . | sha256sum }} {{- if .Values.metricsEnabled }} {{- include "common.grafanaAnnotations" . | nindent 8 }} {{- end }} diff --git a/helm/metadata/Chart.yaml b/helm/metadata/Chart.yaml index 5def4e33..ecaa6636 100644 --- a/helm/metadata/Chart.yaml +++ b/helm/metadata/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.15 +version: 0.1.16 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,7 +25,7 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common - name: postgresql version: 11.9.13 diff --git a/helm/metadata/README.md b/helm/metadata/README.md index 578ac30d..e577d5fc 100644 --- a/helm/metadata/README.md +++ b/helm/metadata/README.md @@ -1,6 +1,6 @@ # metadata -![Version: 0.1.15](https://img.shields.io/badge/Version-0.1.15-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.16](https://img.shields.io/badge/Version-0.1.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 Metadata Service @@ -8,7 +8,7 @@ A Helm chart for gen3 Metadata Service | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | | https://charts.bitnami.com/bitnami | postgresql | 11.9.13 | | https://helm.elastic.co | elasticsearch | 7.17.1 | @@ -120,6 +120,3 @@ A Helm chart for gen3 Metadata Service | strategy.rollingUpdate.maxUnavailable | int | `0` | Maximum amount of pods that can be unavailable during the update. | | useAggMds | bool | `"True"` | Set to true to aggregate metadata from multiple other Metadata Service instances. | | volumeMounts | list | `[{"mountPath":"/src/.env","name":"config-volume-g3auto","readOnly":true,"subPath":"metadata.env"},{"mountPath":"/mds/.env","name":"config-volume-g3auto","readOnly":true,"subPath":"metadata.env"},{"mountPath":"/aggregate_config.json","name":"config-volume","readOnly":true,"subPath":"aggregate_config.json"},{"mountPath":"/metadata.json","name":"config-manifest","readOnly":true,"subPath":"json"}]` | Volumes to mount to the container. | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/metadata/templates/deployment.yaml b/helm/metadata/templates/deployment.yaml index 58e06603..e4c6ee87 100644 --- a/helm/metadata/templates/deployment.yaml +++ b/helm/metadata/templates/deployment.yaml @@ -25,6 +25,7 @@ spec: {{- include "metadata.selectorLabels" . | nindent 8 }} {{- include "common.extraLabels" . | nindent 8 }} annotations: + checksum/config: {{ include (print $.Template.BasePath "/metadata.yaml") . | sha256sum }} {{- if .Values.metricsEnabled }} {{- include "common.grafanaAnnotations" . | nindent 8 }} {{- end }} diff --git a/helm/neuvector/Chart.yaml b/helm/neuvector/Chart.yaml index 1a064380..845c1797 100644 --- a/helm/neuvector/Chart.yaml +++ b/helm/neuvector/Chart.yaml @@ -19,7 +19,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.1 +version: 0.1.2 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/neuvector/README.md b/helm/neuvector/README.md index d075b808..928cd747 100644 --- a/helm/neuvector/README.md +++ b/helm/neuvector/README.md @@ -1,6 +1,6 @@ # neuvector -![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.16.0](https://img.shields.io/badge/AppVersion-1.16.0-informational?style=flat-square) +![Version: 0.1.2](https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.16.0](https://img.shields.io/badge/AppVersion-1.16.0-informational?style=flat-square) NeuVector Kubernetes Security Policy templates to protect Gen3 @@ -18,6 +18,3 @@ NeuVector Kubernetes Security Policy templates to protect Gen3 | nameOverride | string | `""` | | | policies.include | bool | `true` | | | policies.policyMode | string | `"Monitor"` | | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/observability/README.md b/helm/observability/README.md index 4f89c1af..793bee83 100644 --- a/helm/observability/README.md +++ b/helm/observability/README.md @@ -307,5 +307,4 @@ A Helm chart for deploying the LGTM stack with additional resources | lgtm.role.arn | string | `nil` | The arn of the aws role to associate with the service account that will be used for Loki and Mimir. Documentation on IRSA setup https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html | | lgtm.tempo.enabled | bool | `false` | Enable or disable tempo. | ----------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/peregrine/Chart.yaml b/helm/peregrine/Chart.yaml index d1357d18..f726f8ca 100644 --- a/helm/peregrine/Chart.yaml +++ b/helm/peregrine/Chart.yaml @@ -25,7 +25,7 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common - name: postgresql version: 11.9.13 diff --git a/helm/peregrine/README.md b/helm/peregrine/README.md index afd057e1..8b5c6935 100644 --- a/helm/peregrine/README.md +++ b/helm/peregrine/README.md @@ -8,7 +8,7 @@ A Helm chart for gen3 Peregrine service | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | | https://charts.bitnami.com/bitnami | postgresql | 11.9.13 | ## Values @@ -102,5 +102,4 @@ A Helm chart for gen3 Peregrine service | volumeMounts | list | `[{"mountPath":"/var/www/peregrine/settings.py","name":"config-volume","readOnly":true,"subPath":"settings.py"},{"mountPath":"peregrine/bin/settings.py","name":"config-volume","readOnly":true,"subPath":"settings.py"}]` | Volumes to mount to the container. | | volumes | list | `[{"emptyDir":{},"name":"shared-data"},{"name":"config-volume","secret":{"secretName":"peregrine-secret"}}]` | Volumes to attach to the container. | ----------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/peregrine/templates/deployment.yaml b/helm/peregrine/templates/deployment.yaml index b56eca44..39edbd5d 100644 --- a/helm/peregrine/templates/deployment.yaml +++ b/helm/peregrine/templates/deployment.yaml @@ -76,6 +76,12 @@ spec: optional: false - name: FLASK_SECRET_KEY value: "TODO: FIX THIS!!!" + - name: INDEXD_PASS + valueFrom: + secretKeyRef: + name: indexd-service-creds + key: sheepdog + optional: false - name: PGHOST valueFrom: secretKeyRef: diff --git a/helm/pidgin/Chart.yaml b/helm/pidgin/Chart.yaml deleted file mode 100644 index a0086a5e..00000000 --- a/helm/pidgin/Chart.yaml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: v2 -name: pidgin -description: A Helm chart for gen3 Pidgin Service - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.12 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "master" - -dependencies: - - name: common - version: 0.1.15 - repository: file://../common diff --git a/helm/pidgin/README.md b/helm/pidgin/README.md deleted file mode 100644 index 552d0d20..00000000 --- a/helm/pidgin/README.md +++ /dev/null @@ -1,86 +0,0 @@ -# pidgin - -![Version: 0.1.12](https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) - -A Helm chart for gen3 Pidgin Service - -## Requirements - -| Repository | Name | Version | -|------------|------|---------| -| file://../common | common | 0.1.15 | - -## Values - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| affinity | map | `{"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["pidgin"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]}}` | Affinity to use for the deployment. | -| affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | map | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["pidgin"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | Option for scheduling to be required or preferred. | -| affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0] | int | `{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["pidgin"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}` | Weight value for preferred scheduling. | -| affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].podAffinityTerm.labelSelector.matchExpressions[0] | list | `{"key":"app","operator":"In","values":["pidgin"]}` | Label key for match expression. | -| affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].podAffinityTerm.labelSelector.matchExpressions[0].operator | string | `"In"` | Operation type for the match expression. | -| affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].podAffinityTerm.labelSelector.matchExpressions[0].values | list | `["pidgin"]` | Value for the match expression key. | -| affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].podAffinityTerm.topologyKey | string | `"kubernetes.io/hostname"` | Value for topology key label. | -| automountServiceAccountToken | bool | `false` | Automount the default service account token | -| autoscaling | map | `{"enabled":false,"maxReplicas":100,"minReplicas":1,"targetCPUUtilizationPercentage":80}` | Configuration for autoscaling the number of replicas | -| autoscaling.enabled | bool | `false` | Whether autoscaling is enabled | -| autoscaling.maxReplicas | int | `100` | The maximum number of replicas to scale up to | -| autoscaling.minReplicas | int | `1` | The minimum number of replicas to scale down to | -| autoscaling.targetCPUUtilizationPercentage | int | `80` | The target CPU utilization percentage for autoscaling | -| commonLabels | map | `nil` | Will completely override the commonLabels defined in the common chart's _label_setup.tpl | -| criticalService | string | `"false"` | Valid options are "true" or "false". If invalid option is set- the value will default to "false". | -| dataDog | bool | `{"enabled":false,"env":"dev"}` | Whether Datadog is enabled. | -| datadogLogsInjection | bool | `true` | If enabled, the Datadog Agent will automatically inject Datadog-specific metadata into your application logs. | -| datadogProfilingEnabled | bool | `true` | If enabled, the Datadog Agent will collect profiling data for your application using the Continuous Profiler. This data can be used to identify performance bottlenecks and optimize your application. | -| datadogTraceSampleRate | int | `1` | A value between 0 and 1, that represents the percentage of requests that will be traced. For example, a value of 0.5 means that 50% of requests will be traced. | -| global.aws | map | `{"awsAccessKeyId":null,"awsSecretAccessKey":null,"enabled":false}` | AWS configuration | -| global.aws.awsAccessKeyId | string | `nil` | Credentials for AWS stuff. | -| global.aws.awsSecretAccessKey | string | `nil` | Credentials for AWS stuff. | -| global.aws.enabled | bool | `false` | Set to true if deploying to AWS. Controls ingress annotations. | -| global.ddEnabled | bool | `false` | Whether Datadog is enabled. | -| global.dev | bool | `true` | Whether the deployment is for development purposes. | -| global.dictionaryUrl | string | `"https://s3.amazonaws.com/dictionary-artifacts/datadictionary/develop/schema.json"` | URL of the data dictionary. | -| global.dispatcherJobNum | int | `"10"` | Number of dispatcher jobs. | -| global.environment | string | `"default"` | Environment name. This should be the same as vpcname if you're doing an AWS deployment. Currently this is being used to share ALB's if you have multiple namespaces. Might be used other places too. | -| global.hostname | string | `"localhost"` | Hostname for the deployment. | -| global.kubeBucket | string | `"kube-gen3"` | S3 bucket name for Kubernetes manifest files. | -| global.logsBucket | string | `"logs-gen3"` | S3 bucket name for log files. | -| global.minAvialable | int | `1` | The minimum amount of pods that are available at all times if the PDB is deployed. | -| global.netPolicy | map | `{"enabled":false}` | Controls network policy settings | -| global.pdb | bool | `false` | If the service will be deployed with a Pod Disruption Budget. Note- you need to have more than 2 replicas for the pdb to be deployed. | -| global.portalApp | string | `"gitops"` | Portal application name. | -| global.postgres.dbCreate | bool | `true` | Whether the database should be created. | -| global.postgres.externalSecret | string | `""` | Name of external secret. Disabled if empty | -| global.postgres.master | map | `{"host":null,"password":null,"port":"5432","username":"postgres"}` | Master credentials to postgres. This is going to be the default postgres server being used for each service, unless each service specifies their own postgres | -| global.postgres.master.host | string | `nil` | hostname of postgres server | -| global.postgres.master.password | string | `nil` | password for superuser in postgres. This is used to create or restore databases | -| global.postgres.master.port | string | `"5432"` | Port for Postgres. | -| global.postgres.master.username | string | `"postgres"` | username of superuser in postgres. This is used to create or restore databases | -| global.publicDataSets | bool | `true` | Whether public datasets are enabled. | -| global.revproxyArn | string | `"arn:aws:acm:us-east-1:123456:certificate"` | ARN of the reverse proxy certificate. | -| global.tierAccessLevel | string | `"libre"` | Access level for tiers. acceptable values for `tier_access_level` are: `libre`, `regular` and `private`. If omitted, by default common will be treated as `private` | -| image.pullPolicy | string | `"Always"` | When to pull the image. | -| image.repository | string | `"quay.io/cdis/pidgin"` | The Docker image repository for the fence service | -| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | -| partOf | string | `"Peregrine"` | Label to help organize pods and their use. Any value is valid, but use "_" or "-" to divide words. | -| postgres | map | `{"database":null,"dbCreate":null,"dbRestore":false,"host":null,"password":null,"port":"5432","username":null}` | Postgres database configuration. If db does not exist in postgres cluster and dbCreate is set ot true then these databases will be created for you | -| postgres.database | string | `nil` | Database name for postgres. This is a service override, defaults to - | -| postgres.dbCreate | bool | `nil` | Whether the database should be created. Default to global.postgres.dbCreate | -| postgres.host | string | `nil` | Hostname for postgres server. This is a service override, defaults to global.postgres.host | -| postgres.password | string | `nil` | Password for Postgres. Will be autogenerated if left empty. | -| postgres.port | string | `"5432"` | Port for Postgres. | -| postgres.username | string | `nil` | Username for postgres. This is a service override, defaults to - | -| release | string | `"production"` | Valid options are "production" or "dev". If invalid option is set- the value will default to "dev". | -| replicaCount | int | `1` | Number of desired replicas | -| resources | map | `nil` | Resource requests and limits for the containers in the pod | -| revisionHistoryLimit | int | `2` | Number of old revisions to retain | -| selectorLabels | map | `nil` | Will completely override the selectorLabels defined in the common chart's _label_setup.tpl | -| service | map | `{"port":[{"name":"http","port":80,"protocol":"TCP","targetPort":80},{"name":"https","port":443,"protocol":"TCP","targetPort":443}],"type":"ClusterIP"}` | Kubernetes service information. | -| service.port | list | `[{"name":"http","port":80,"protocol":"TCP","targetPort":80},{"name":"https","port":443,"protocol":"TCP","targetPort":443}]` | The port numbers that the service exposes. | -| service.type | string | `"ClusterIP"` | Type of service. Valid values are "ClusterIP", "NodePort", "LoadBalancer", "ExternalName". | -| strategy | map | `{"rollingUpdate":{"maxSurge":1,"maxUnavailable":0},"type":"RollingUpdate"}` | Rolling update deployment strategy | -| strategy.rollingUpdate.maxSurge | int | `1` | Number of additional replicas to add during rollout. | -| strategy.rollingUpdate.maxUnavailable | int | `0` | Maximum amount of pods that can be unavailable during the update. | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/pidgin/templates/NOTES.txt b/helm/pidgin/templates/NOTES.txt deleted file mode 100644 index c1e7e1ae..00000000 --- a/helm/pidgin/templates/NOTES.txt +++ /dev/null @@ -1 +0,0 @@ -{{ .Chart.Name }} has been deployed successfully. diff --git a/helm/pidgin/templates/_helpers.tpl b/helm/pidgin/templates/_helpers.tpl deleted file mode 100644 index 9a3571d9..00000000 --- a/helm/pidgin/templates/_helpers.tpl +++ /dev/null @@ -1,68 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "pidgin.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "pidgin.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "pidgin.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "pidgin.labels" -}} -{{- if .Values.commonLabels }} - {{- with .Values.commonLabels }} - {{- toYaml . }} - {{- end }} -{{- else }} - {{- (include "common.commonLabels" .)}} -{{- end }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "pidgin.selectorLabels" -}} -{{- if .Values.selectorLabels }} - {{- with .Values.selectorLabels }} - {{- toYaml . }} - {{- end }} -{{- else }} - {{- (include "common.selectorLabels" .)}} -{{- end }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "pidgin.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "pidgin.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/helm/pidgin/templates/deployment.yaml b/helm/pidgin/templates/deployment.yaml deleted file mode 100644 index d58bed77..00000000 --- a/helm/pidgin/templates/deployment.yaml +++ /dev/null @@ -1,64 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pidgin-deployment - labels: - {{- include "pidgin.labels" . | nindent 4 }} - {{- if .Values.global.ddEnabled }} - {{- include "common.datadogLabels" . | nindent 4 }} - {{- end }} -spec: - {{- if not .Values.autoscaling.enabled }} - replicas: {{ .Values.replicaCount }} - {{- end }} - selector: - matchLabels: - {{- include "pidgin.selectorLabels" . | nindent 6 }} - revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} - {{- with .Values.strategy }} - strategy: - {{- toYaml . | nindent 4 }} - {{- end }} - template: - metadata: - labels: - {{- include "pidgin.selectorLabels" . | nindent 8 }} - {{- include "common.extraLabels" . | nindent 8 }} - # gen3 networkpolicy labels - netnolimit: 'yes' - public: 'yes' - {{- if .Values.global.ddEnabled }} - {{- include "common.datadogLabels" . | nindent 8 }} - {{- end }} - spec: - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} - containers: - - name: {{ .Chart.Name }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - env: - {{- if .Values.global.ddEnabled }} - {{- include "common.datadogEnvVar" . | nindent 12 }} - {{- end }} - - name: GEN3_DEBUG - value: "False" - livenessProbe: - httpGet: - path: /_status - port: 80 - initialDelaySeconds: 30 - periodSeconds: 60 - timeoutSeconds: 30 - readinessProbe: - httpGet: - path: /_status - port: 80 - ports: - - containerPort: 80 - - containerPort: 443 - imagePullPolicy: {{ .Values.image.pullPolicy }} - resources: - {{- toYaml .Values.resources | nindent 12 }} \ No newline at end of file diff --git a/helm/pidgin/templates/hpa.yaml b/helm/pidgin/templates/hpa.yaml deleted file mode 100644 index d16ecf05..00000000 --- a/helm/pidgin/templates/hpa.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- if .Values.autoscaling.enabled }} -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: {{ include "pidgin.fullname" . }} - labels: - {{- include "pidgin.labels" . | nindent 4 }} -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: {{ include "pidgin.fullname" . }} - minReplicas: {{ .Values.autoscaling.minReplicas }} - maxReplicas: {{ .Values.autoscaling.maxReplicas }} - metrics: - {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} - - type: Resource - resource: - name: cpu - targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} - {{- end }} - {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} - - type: Resource - resource: - name: memory - targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} - {{- end }} -{{- end }} diff --git a/helm/pidgin/templates/pdb.yaml b/helm/pidgin/templates/pdb.yaml deleted file mode 100644 index 2ef2de13..00000000 --- a/helm/pidgin/templates/pdb.yaml +++ /dev/null @@ -1,3 +0,0 @@ -{{- if and .Values.global.pdb (gt (int .Values.replicaCount) 1) }} -{{ include "common.pod_disruption_budget" . }} -{{- end }} \ No newline at end of file diff --git a/helm/pidgin/templates/service.yaml b/helm/pidgin/templates/service.yaml deleted file mode 100644 index 42f6936b..00000000 --- a/helm/pidgin/templates/service.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: "pidgin-service" - labels: - {{- include "pidgin.labels" . | nindent 4 }} -spec: - selector: - {{- include "pidgin.selectorLabels" . | nindent 4 }} - {{- with .Values.service.port }} - ports: - {{- toYaml . | nindent 8 }} - {{- end }} - type: {{ .Values.service.type }} \ No newline at end of file diff --git a/helm/pidgin/templates/tests/test-connection.yaml b/helm/pidgin/templates/tests/test-connection.yaml deleted file mode 100644 index 0fc4b8f4..00000000 --- a/helm/pidgin/templates/tests/test-connection.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "pidgin-test-connection" - labels: - {{- include "pidgin.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": test -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['pidgin-service:80/_status'] - restartPolicy: Never diff --git a/helm/pidgin/values.yaml b/helm/pidgin/values.yaml deleted file mode 100644 index 4ac6b14f..00000000 --- a/helm/pidgin/values.yaml +++ /dev/null @@ -1,183 +0,0 @@ -# Default values for pidgin. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -# Global configuration -global: - # -- (map) AWS configuration - aws: - # -- (bool) Set to true if deploying to AWS. Controls ingress annotations. - enabled: false - # -- (string) Credentials for AWS stuff. - awsAccessKeyId: - # -- (string) Credentials for AWS stuff. - awsSecretAccessKey: - # -- (bool) Whether the deployment is for development purposes. - dev: true - - postgres: - # -- (bool) Whether the database should be created. - dbCreate: true - # -- (string) Name of external secret. Disabled if empty - externalSecret: "" - # -- (map) Master credentials to postgres. This is going to be the default postgres server being used for each service, unless each service specifies their own postgres - master: - # -- (string) hostname of postgres server - host: - # -- (string) username of superuser in postgres. This is used to create or restore databases - username: postgres - # -- (string) password for superuser in postgres. This is used to create or restore databases - password: - # -- (string) Port for Postgres. - port: "5432" - # -- (string) Environment name. This should be the same as vpcname if you're doing an AWS deployment. Currently this is being used to share ALB's if you have multiple namespaces. Might be used other places too. - environment: default - # -- (string) Hostname for the deployment. - hostname: localhost - # -- (string) ARN of the reverse proxy certificate. - revproxyArn: arn:aws:acm:us-east-1:123456:certificate - # -- (string) URL of the data dictionary. - dictionaryUrl: https://s3.amazonaws.com/dictionary-artifacts/datadictionary/develop/schema.json - # -- (string) Portal application name. - portalApp: gitops - # -- (string) S3 bucket name for Kubernetes manifest files. - kubeBucket: kube-gen3 - # -- (string) S3 bucket name for log files. - logsBucket: logs-gen3 - # -- (bool) Whether public datasets are enabled. - publicDataSets: true - # -- (string) Access level for tiers. acceptable values for `tier_access_level` are: `libre`, `regular` and `private`. If omitted, by default common will be treated as `private` - tierAccessLevel: libre - # -- (map) Controls network policy settings - netPolicy: - enabled: false - # -- (int) Number of dispatcher jobs. - dispatcherJobNum: "10" - # -- (bool) Whether Datadog is enabled. - ddEnabled: false - # -- (bool) If the service will be deployed with a Pod Disruption Budget. Note- you need to have more than 2 replicas for the pdb to be deployed. - pdb: false - # -- (int) The minimum amount of pods that are available at all times if the PDB is deployed. - minAvialable: 1 - -# -- (map) Postgres database configuration. If db does not exist in postgres cluster and dbCreate is set ot true then these databases will be created for you -postgres: - # (bool) Whether the database should be restored from s3. Default to global.postgres.dbRestore - dbRestore: false - # -- (bool) Whether the database should be created. Default to global.postgres.dbCreate - dbCreate: - # -- (string) Hostname for postgres server. This is a service override, defaults to global.postgres.host - host: - # -- (string) Database name for postgres. This is a service override, defaults to - - database: - # -- (string) Username for postgres. This is a service override, defaults to - - username: - # -- (string) Port for Postgres. - port: "5432" - # -- (string) Password for Postgres. Will be autogenerated if left empty. - password: - -# Deployment -# -- (map) Configuration for autoscaling the number of replicas -autoscaling: - # -- (bool) Whether autoscaling is enabled - enabled: false - # -- (int) The minimum number of replicas to scale down to - minReplicas: 1 - # -- (int) The maximum number of replicas to scale up to - maxReplicas: 100 - # -- (int) The target CPU utilization percentage for autoscaling - targetCPUUtilizationPercentage: 80 - -# -- (int) Number of desired replicas -replicaCount: 1 - -# -- (int) Number of old revisions to retain -revisionHistoryLimit: 2 - -# -- (map) Rolling update deployment strategy -strategy: - type: RollingUpdate - rollingUpdate: - # -- (int) Number of additional replicas to add during rollout. - maxSurge: 1 - # -- (int) Maximum amount of pods that can be unavailable during the update. - maxUnavailable: 0 - -# -- (bool) Whether Datadog is enabled. -dataDog: - enabled: false - env: dev - -# -- (map) Affinity to use for the deployment. -affinity: - podAntiAffinity: - # -- (map) Option for scheduling to be required or preferred. - preferredDuringSchedulingIgnoredDuringExecution: - # -- (int) Weight value for preferred scheduling. - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - # -- (list) Label key for match expression. - - key: app - # -- (string) Operation type for the match expression. - operator: In - # -- (list) Value for the match expression key. - values: - - pidgin - # -- (string) Value for topology key label. - topologyKey: "kubernetes.io/hostname" - -# -- (bool) Automount the default service account token -automountServiceAccountToken: false - -image: - # -- (string) The Docker image repository for the fence service - repository: quay.io/cdis/pidgin - # -- (string) When to pull the image. - pullPolicy: Always - # -- (string) Overrides the image tag whose default is the chart appVersion. - tag: "" - -# -- (map) Resource requests and limits for the containers in the pod -resources: - # limits: - # cpu: 1 - # memory: 512Mi - -# Service and Pod -# -- (map) Kubernetes service information. -service: - # -- (string) Type of service. Valid values are "ClusterIP", "NodePort", "LoadBalancer", "ExternalName". - type: ClusterIP - # -- (list) The port numbers that the service exposes. - port: - - protocol: TCP - port: 80 - targetPort: 80 - name: http - - protocol: TCP - port: 443 - targetPort: 443 - name: https - -# Values to determine the labels that are used for the deployment, pod, etc. -# -- (string) Valid options are "production" or "dev". If invalid option is set- the value will default to "dev". -release: "production" -# -- (string) Valid options are "true" or "false". If invalid option is set- the value will default to "false". -criticalService: "false" -# -- (string) Label to help organize pods and their use. Any value is valid, but use "_" or "-" to divide words. -partOf: "Peregrine" -# -- (map) Will completely override the selectorLabels defined in the common chart's _label_setup.tpl -selectorLabels: -# -- (map) Will completely override the commonLabels defined in the common chart's _label_setup.tpl -commonLabels: - -# Values to configure datadog if ddEnabled is set to "true". -# -- (bool) If enabled, the Datadog Agent will automatically inject Datadog-specific metadata into your application logs. -datadogLogsInjection: true -# -- (bool) If enabled, the Datadog Agent will collect profiling data for your application using the Continuous Profiler. This data can be used to identify performance bottlenecks and optimize your application. -datadogProfilingEnabled: true -# -- (int) A value between 0 and 1, that represents the percentage of requests that will be traced. For example, a value of 0.5 means that 50% of requests will be traced. -datadogTraceSampleRate: 1 diff --git a/helm/portal/Chart.yaml b/helm/portal/Chart.yaml index 55943894..c90c264a 100644 --- a/helm/portal/Chart.yaml +++ b/helm/portal/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.20 +version: 0.1.21 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,5 +25,5 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common diff --git a/helm/portal/README.md b/helm/portal/README.md index 7d425ee9..99537d8d 100644 --- a/helm/portal/README.md +++ b/helm/portal/README.md @@ -1,6 +1,6 @@ # portal -![Version: 0.1.20](https://img.shields.io/badge/Version-0.1.20-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.21](https://img.shields.io/badge/Version-0.1.21-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 data-portal @@ -8,7 +8,7 @@ A Helm chart for gen3 data-portal | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | ## Values @@ -97,6 +97,3 @@ A Helm chart for gen3 data-portal | strategy.rollingUpdate.maxSurge | int | `2` | Number of additional replicas to add during rollout. | | strategy.rollingUpdate.maxUnavailable | int | `"25%"` | Maximum amount of pods that can be unavailable during the update. | | tolerations | list | `[]` | Tolerations to apply to the pod | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/portal/templates/deployment.yaml b/helm/portal/templates/deployment.yaml index 2445821f..894dd831 100644 --- a/helm/portal/templates/deployment.yaml +++ b/helm/portal/templates/deployment.yaml @@ -17,6 +17,7 @@ spec: template: metadata: annotations: + checksum/config: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }} {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} @@ -93,8 +94,8 @@ spec: path: / {{- end }} port: 80 - initialDelaySeconds: 30 - periodSeconds: 60 + initialDelaySeconds: 5 + periodSeconds: 10 timeoutSeconds: 30 resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/helm/requestor/Chart.yaml b/helm/requestor/Chart.yaml index 064e6223..becb737c 100644 --- a/helm/requestor/Chart.yaml +++ b/helm/requestor/Chart.yaml @@ -25,7 +25,7 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common - name: postgresql version: 11.9.13 diff --git a/helm/requestor/README.md b/helm/requestor/README.md index 231a45a2..62f1fe5b 100644 --- a/helm/requestor/README.md +++ b/helm/requestor/README.md @@ -8,7 +8,7 @@ A Helm chart for gen3 Requestor Service | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | | https://charts.bitnami.com/bitnami | postgresql | 11.9.13 | ## Values @@ -114,5 +114,4 @@ A Helm chart for gen3 Requestor Service | strategy.rollingUpdate.maxUnavailable | int | `0` | Maximum amount of pods that can be unavailable during the update. | | volumeMounts | list | `nil` | Volumes to mount to the container. | ----------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/revproxy/Chart.yaml b/helm/revproxy/Chart.yaml index 016cf70d..e186696b 100644 --- a/helm/revproxy/Chart.yaml +++ b/helm/revproxy/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.18 +version: 0.1.19 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,5 +25,5 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common diff --git a/helm/revproxy/README.md b/helm/revproxy/README.md index 9c862929..057cc4e4 100644 --- a/helm/revproxy/README.md +++ b/helm/revproxy/README.md @@ -1,6 +1,6 @@ # revproxy -![Version: 0.1.18](https://img.shields.io/badge/Version-0.1.18-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.19](https://img.shields.io/badge/Version-0.1.19-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 revproxy @@ -8,7 +8,7 @@ A Helm chart for gen3 revproxy | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | ## Values @@ -106,6 +106,3 @@ A Helm chart for gen3 revproxy | strategy.rollingUpdate.maxUnavailable | int | `0` | Maximum amount of pods that can be unavailable during the update. | | tolerations | list | `[]` | Tolerations to use for the deployment. | | userhelperEnabled | bool | `false` | | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/revproxy/templates/deployment.yaml b/helm/revproxy/templates/deployment.yaml index b2fcf788..996acd78 100644 --- a/helm/revproxy/templates/deployment.yaml +++ b/helm/revproxy/templates/deployment.yaml @@ -21,6 +21,7 @@ spec: template: metadata: annotations: + checksum/config: {{ include (print $.Template.BasePath "/configMaps.yaml") . | sha256sum }} {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/helm/sheepdog/Chart.yaml b/helm/sheepdog/Chart.yaml index 4587c8d6..8cb88f98 100644 --- a/helm/sheepdog/Chart.yaml +++ b/helm/sheepdog/Chart.yaml @@ -25,7 +25,7 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common - name: postgresql version: 11.9.13 diff --git a/helm/sheepdog/README.md b/helm/sheepdog/README.md index 1843f60f..927981b6 100644 --- a/helm/sheepdog/README.md +++ b/helm/sheepdog/README.md @@ -8,7 +8,7 @@ A Helm chart for gen3 Sheepdog Service | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | | https://charts.bitnami.com/bitnami | postgresql | 11.9.13 | ## Values @@ -107,5 +107,4 @@ A Helm chart for gen3 Sheepdog Service | terminationGracePeriodSeconds | int | `50` | sheepdog transactions take forever - try to let the complete before termination | | volumeMounts | list | `[{"mountPath":"/var/www/sheepdog/settings.py","name":"config-volume","readOnly":true,"subPath":"settings.py"},{"mountPath":"sheepdog/bin/settings.py","name":"config-volume","readOnly":true,"subPath":"settings.py"}]` | Volumes to mount to the container. | ----------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/sower/Chart.yaml b/helm/sower/Chart.yaml index 510eab8c..b47cda9f 100644 --- a/helm/sower/Chart.yaml +++ b/helm/sower/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.14 +version: 0.1.15 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,5 +25,5 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common diff --git a/helm/sower/README.md b/helm/sower/README.md index 060fadbc..4b883c3c 100644 --- a/helm/sower/README.md +++ b/helm/sower/README.md @@ -1,6 +1,6 @@ # sower -![Version: 0.1.14](https://img.shields.io/badge/Version-0.1.14-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.15](https://img.shields.io/badge/Version-0.1.15-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 sower @@ -8,7 +8,7 @@ A Helm chart for gen3 sower | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | ## Values @@ -183,6 +183,3 @@ A Helm chart for gen3 sower | tolerations | list | `[]` | Tolerations for the pods | | volumeMounts | list | `[{"mountPath":"/sower_config.json","name":"sower-config","readOnly":true,"subPath":"sower_config.json"}]` | Volumes to mount to the container. | | volumes | list | `[{"configMap":{"items":[{"key":"json","path":"sower_config.json"}],"name":"manifest-sower"},"name":"sower-config"}]` | Volumes to attach to the container. | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/ssjdispatcher/Chart.yaml b/helm/ssjdispatcher/Chart.yaml index 61b00d9a..20e74dd0 100644 --- a/helm/ssjdispatcher/Chart.yaml +++ b/helm/ssjdispatcher/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.12 +version: 0.1.13 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,5 +25,5 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common diff --git a/helm/ssjdispatcher/README.md b/helm/ssjdispatcher/README.md index 97195985..211b4389 100644 --- a/helm/ssjdispatcher/README.md +++ b/helm/ssjdispatcher/README.md @@ -1,6 +1,6 @@ # ssjdispatcher -![Version: 0.1.12](https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.13](https://img.shields.io/badge/Version-0.1.13-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 ssjdispatcher @@ -8,7 +8,7 @@ A Helm chart for gen3 ssjdispatcher | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | ## Values @@ -108,6 +108,3 @@ A Helm chart for gen3 ssjdispatcher | tolerations | list | `[]` | Tolerations for the pods | | volumeMounts | list | `[{"mountPath":"/credentials.json","name":"ssjdispatcher-creds-volume","readOnly":true,"subPath":"credentials.json"}]` | Volumes to mount to the container. | | volumes | list | `[{"name":"ssjdispatcher-creds-volume","secret":{"secretName":"ssjdispatcher-creds"}}]` | Volumes to attach to the container. | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/helm/wts/Chart.yaml b/helm/wts/Chart.yaml index 3ca40f48..16de2705 100644 --- a/helm/wts/Chart.yaml +++ b/helm/wts/Chart.yaml @@ -25,7 +25,7 @@ appVersion: "master" dependencies: - name: common - version: 0.1.15 + version: 0.1.16 repository: file://../common - name: postgresql version: 11.9.13 diff --git a/helm/wts/README.md b/helm/wts/README.md index e714f143..f2d70129 100644 --- a/helm/wts/README.md +++ b/helm/wts/README.md @@ -8,7 +8,7 @@ A Helm chart for gen3 workspace token service | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.15 | +| file://../common | common | 0.1.16 | | https://charts.bitnami.com/bitnami | postgresql | 11.9.13 | ## Values @@ -102,5 +102,4 @@ A Helm chart for gen3 workspace token service | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | tolerations | list | `[]` | Tolerations for the pods | ----------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/wip/gen3-network-policies/.helmignore b/wip/gen3-network-policies/.helmignore deleted file mode 100644 index 0e8a0eb3..00000000 --- a/wip/gen3-network-policies/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/wip/gen3-network-policies/values.yaml b/wip/gen3-network-policies/values.yaml deleted file mode 100644 index 2d97161f..00000000 --- a/wip/gen3-network-policies/values.yaml +++ /dev/null @@ -1,29 +0,0 @@ -argo-workflows: - enabled: true - -argocd: - enabled: true - -# This is a list of CIDR ranges that may be used by AWS. This is needed -# to allow egress to S3 for services that need it -s3CidrRanges: - - ipBlock: - cidr: 18.34.0.0/19 - - ipBlock: - cidr: 16.15.192.0/18 - - ipBlock: - cidr: 54.231.0.0/16 - - ipBlock: - cidr: 52.216.0.0/15 - - ipBlock: - cidr: 18.34.232.0/21 - - ipBlock: - cidr: 16.15.176.0/20 - - ipBlock: - cidr: 16.182.0.0/16 - - ipBlock: - cidr: 3.5.0.0/19 - - ipBlock: - cidr: 44.192.134.240/28 - - ipBlock: - cidr: 44.192.140.64/28