Skip to content

Commit

Permalink
Merge branch 'master' into hectorj2f/bump_azure_csi
Browse files Browse the repository at this point in the history
  • Loading branch information
Hector Fernandez authored Feb 4, 2020
2 parents 81c8f38 + 51e0790 commit 8f5cfa0
Show file tree
Hide file tree
Showing 19 changed files with 85 additions and 34 deletions.
2 changes: 1 addition & 1 deletion stable/kommander/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,4 +7,4 @@ maintainers:
- name: alejandroEsc
- name: jimmidyson
name: kommander
version: 0.3.22
version: 0.3.25
Binary file removed stable/kommander/charts/grafana-3.8.19.tgz
View file
Binary file not shown.
Binary file added stable/kommander/charts/grafana-4.5.1.tgz
View file
Binary file not shown.
Binary file removed stable/kommander/charts/kommander-ui-1.192.1.tgz
View file
Binary file not shown.
Binary file added stable/kommander/charts/kommander-ui-1.192.2.tgz
View file
Binary file not shown.
10 changes: 5 additions & 5 deletions stable/kommander/requirements.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,10 @@ dependencies:
version: 0.1.4
- name: kommander-cluster-lifecycle
repository: https://mesosphere.github.io/kommander-cluster-lifecycle/charts
version: 0.3.5
version: v0.3.5
- name: kommander-ui
repository: https://mesosphere.github.io/kommander/charts
version: 1.192.1
version: 1.192.2
- name: kommander-thanos
repository: https://mesosphere.github.io/charts/stable
version: 0.1.8
Expand All @@ -16,6 +16,6 @@ dependencies:
version: 0.3.3
- name: grafana
repository: https://kubernetes-charts.storage.googleapis.com
version: 3.8.19
digest: sha256:671fe98b2aa105f7500dc22630ab11177a2663857069a40d7ebce61fd0e6ef72
generated: "2020-01-31T20:34:53.624471+01:00"
version: 4.5.1
digest: sha256:fd38277755dce2d373c4847d644c4b2a952d456f5e888758637a05378aa21531
generated: "2020-02-03T11:38:09.759551-08:00"
4 changes: 2 additions & 2 deletions stable/kommander/requirements.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ dependencies:
repository: "https://mesosphere.github.io/kommander-cluster-lifecycle/charts"
condition: kommander-cluster-lifecycle.enabled, global.kommander-cluster-lifecycle.enabled
- name: kommander-ui
version: "1.192.1"
version: "1.192.2"
repository: "https://mesosphere.github.io/kommander/charts"
condition: kommander-ui.enabled
- name: kommander-thanos
Expand All @@ -20,6 +20,6 @@ dependencies:
repository: "https://mesosphere.github.io/charts/stable"
condition: kommander-karma.enabled
- name: grafana
version: 3.8.*
version: 4.5.*
repository: https://kubernetes-charts.storage.googleapis.com
condition: grafana.enabled
38 changes: 37 additions & 1 deletion stable/kommander/templates/grafana/hooks-home-dashboard.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,42 @@ spec:
name: {{ .Values.grafana.hooks.jobName }}
defaultMode: 0777
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ .Values.grafana.hooks.jobName }}-upgrade-hook
namespace: {{ .Release.Namespace }}
labels:
{{ include "kommander.labels" . | indent 4 }}
annotations:
helm.sh/hook: post-upgrade
helm.sh/hook-weight: "-4"
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
spec:
template:
metadata:
name: {{ .Values.grafana.hooks.jobName }}-upgrade-hook
spec:
restartPolicy: OnFailure
containers:
- name: {{ .Values.grafana.hooks.jobName }}-upgrade-hook
image: {{ .Values.grafana.hooks.image | quote }}
command: ["/bin/sh", "-c", "/job/run.sh"]
env:
- name: X_FORWARDED_USER
valueFrom:
secretKeyRef:
name: {{ .Values.grafana.hooks.secretKeyRef }}
key: username
volumeMounts:
- mountPath: /job
name: job
volumes:
- name: job
configMap:
name: {{ .Values.grafana.hooks.jobName }}
defaultMode: 0777
---
apiVersion: v1
kind: ConfigMap
metadata:
Expand Down Expand Up @@ -77,4 +113,4 @@ spec:
- -c
- kubectl delete configmap {{ .Values.grafana.hooks.jobName }} --namespace={{ .Release.Namespace }}
restartPolicy: OnFailure
{{- end }}
{{- end }}
4 changes: 2 additions & 2 deletions stable/kommander/templates/grafana/opsportal-username-secret.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ metadata:
labels:
{{ include "kommander.labels" . | indent 4 }}
annotations:
"helm.sh/hook": pre-install
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-weight": "5"
"helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation
spec:
Expand All @@ -23,7 +23,7 @@ spec:
command:
- /bin/sh
- -c
- kubectl create secret generic {{ .Values.grafana.hooks.secretKeyRef }} -n {{ .Release.Namespace }} --from-literal=username=$(kubectl get secret ops-portal-credentials --namespace=kubeaddons --export -o jsonpath="{.data.username}" | base64 --decode)
- kubectl create secret generic {{ .Values.grafana.hooks.secretKeyRef }} -n {{ .Release.Namespace }} -oyaml --dry-run --from-literal=username=$(kubectl get secret ops-portal-credentials --namespace=kubeaddons --export -o jsonpath="{.data.username}" | base64 --decode) | kubectl apply -f -
restartPolicy: OnFailure
---
apiVersion: batch/v1
Expand Down
4 changes: 2 additions & 2 deletions stable/kommander/templates/hooks-kubeaddons.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ metadata:
labels:
{{ include "kommander.labels" . | indent 4 }}
annotations:
"helm.sh/hook": pre-install,pre-delete
"helm.sh/hook": pre-install,pre-upgrade,pre-delete
"helm.sh/hook-weight": "1"
"helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation
rules:
Expand All @@ -27,7 +27,7 @@ metadata:
labels:
{{ include "kommander.labels" . | indent 4 }}
annotations:
"helm.sh/hook": pre-install,pre-delete
"helm.sh/hook": pre-install,pre-upgrade,pre-delete
"helm.sh/hook-weight": "2"
"helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation
roleRef:
Expand Down
2 changes: 1 addition & 1 deletion stable/opsportal/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ appVersion: 1.0.0
home: https://github.com/mesosphere/charts
description: OpsPortal Chart
name: opsportal
version: 0.1.32
version: 0.1.33
maintainers:
- name: hectorj2f
- name: alejandroEsc
Expand Down
Binary file removed stable/opsportal/charts/kommander-ui-1.192.1.tgz
View file
Binary file not shown.
Binary file added stable/opsportal/charts/kommander-ui-1.192.2.tgz
View file
Binary file not shown.
6 changes: 3 additions & 3 deletions stable/opsportal/requirements.lock
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
dependencies:
- name: kommander-ui
repository: https://mesosphere.github.io/kommander/charts
version: 1.192.1
digest: sha256:8f47939aa65d7105e5749503b2e000ba6b004552f8894491732b51af604e91f2
generated: "2020-01-31T20:08:54.217843+01:00"
version: 1.192.2
digest: sha256:6512a6af415a4e50a92816068f086c733a4c578e3dc71df43003cd218e723e0e
generated: "2020-02-03T15:52:31.153379+01:00"
2 changes: 1 addition & 1 deletion stable/opsportal/requirements.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
dependencies:
- name: kommander-ui
version: "1.192.1"
version: "1.192.2"
repository: "https://mesosphere.github.io/kommander/charts"
condition: kommander-ui.enabled
2 changes: 1 addition & 1 deletion staging/traefik-forward-auth/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: v1
appVersion: "latest"
description: Minimal forward authentication service that provides OIDC based login and authentication for the traefik reverse proxy
name: traefik-forward-auth
version: 0.2.12
version: 0.2.13
keywords:
- traefik-forward-auth
- traefik
Expand Down
20 changes: 17 additions & 3 deletions staging/traefik-forward-auth/templates/clusterrole.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,20 @@ rules:
- "impersonate"
# kube-oidc-proxy init container requires to list services in order to get
# load balancer hostname
- apiGroups: [""]
resources: ["services"]
verbs: ["get", "list", "watch"]
- apiGroups:
- ""
resources:
- "services"
verbs:
- "get"
- "list"
- "watch"
- apiGroups:
- "rbac.authorization.k8s.io"
resources:
- "clusterrolebindings"
- "clusterroles"
verbs:
- "get"
- "watch"
- "list"
17 changes: 10 additions & 7 deletions staging/traefik-forward-auth/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,12 @@ spec:
mountPath: "/etc/traefik-forward-auth/config"
readOnly: true
args:
{{- if .Values.traefikForwardAuth.enableImpersonation }}
- --enable-impersonation
{{- end }}
{{- if .Values.traefikForwardAuth.enableRBAC }}
- --enable-rbac
{{- end }}
env:
{{- range $key, $value := .Values.env }}
- name: {{ $key | quote }}
Expand Down Expand Up @@ -105,13 +110,7 @@ spec:
secretKeyRef:
name: {{ template "traefik-forward-auth.fullname" . }}-secret
key: secret
{{- if .Values.traefikForwardAuth.allowedUser.valueFrom.secretKeyRef }}
- name: WHITELIST
valueFrom:
secretKeyRef:
name: {{ required "traefikForwardAuth.allowedUser.valueFrom.secretKeyRef.name is required" .Values.traefikForwardAuth.allowedUser.valueFrom.secretKeyRef.name }}
key: {{ required "traefikForwardAuth.allowedUser.valueFrom.secretKeyRef.key is required" .Values.traefikForwardAuth.allowedUser.valueFrom.secretKeyRef.key }}
{{- else if gt (len .Values.traefikForwardAuth.whitelist) 0 }}
{{- if gt (len .Values.traefikForwardAuth.whitelist) 0 }}
- name: WHITELIST
value: {{ join "," .Values.traefikForwardAuth.whitelist | quote }}
{{- end }}
Expand All @@ -125,6 +124,10 @@ spec:
- name: AUTH_HOST
value: {{ .Values.traefikForwardAuth.authHost | quote }}
{{- end }}
{{- if gt (len .Values.traefikForwardAuth.rbacPassThroughPaths) 0 }}
- name: AUTHZ_PASS_THROUGH
value: {{ join "," .Values.traefikForwardAuth.rbacPassThroughPaths | quote }}
{{- end }}
ports:
- name: http
containerPort: 4181
Expand Down
8 changes: 3 additions & 5 deletions staging/traefik-forward-auth/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,11 +29,6 @@ traefikForwardAuth:
domain:
authHost:
whitelist: []
allowedUser:
valueFrom:
secretKeyRef:
name: secretName
key: secretKey
# oidcUri: ""
# If undefined use the Kubernetes root CA certificate
# caCertificate: |
Expand All @@ -43,6 +38,9 @@ traefikForwardAuth:
# or caSecretName: < name of the secret >
extraConfig: ""
userCookieName: "_forward_auth_name"
enableRBAC: false
enableImpersonation: false
rbacPassThroughPaths: []

ingress:
enabled: false
Expand Down

0 comments on commit 8f5cfa0

Please sign in to comment.