mirror of
https://github.com/empayre/fleet.git
synced 2024-11-06 00:45:19 +00:00
Modifying chart to include dependencies (#14758)
This commit is contained in:
parent
91063d8385
commit
4b25709081
1
.gitignore
vendored
1
.gitignore
vendored
@ -37,6 +37,7 @@ mysqldata/
|
||||
|
||||
# test helm charts
|
||||
helm-temp
|
||||
charts/fleet/charts
|
||||
|
||||
#editors
|
||||
.idea
|
||||
|
35
charts/example-skaffold.yaml
Normal file
35
charts/example-skaffold.yaml
Normal file
@ -0,0 +1,35 @@
|
||||
apiVersion: skaffold/v2beta28
|
||||
kind: Config
|
||||
deploy:
|
||||
helm:
|
||||
releases:
|
||||
- name: fleet
|
||||
imageStrategy:
|
||||
helm: {}
|
||||
chartPath: ./fleet
|
||||
valuesFiles:
|
||||
- ./fleet/values.yaml
|
||||
recreatePods: false
|
||||
setValues:
|
||||
image.pullPolicy: Never
|
||||
imageTag: main
|
||||
replicas: 1
|
||||
hostName: fleet.example.com
|
||||
database.secretName: fleet-mysql
|
||||
database.address: fleet-mysql:3306
|
||||
cache.secretName: fleet-redis
|
||||
cache.address: fleet-redis-master:6379
|
||||
ingress.enabled: true
|
||||
ingress.hosts[0].host: fleet.example.com
|
||||
ingress.tls[0].secretName: fleet-web-tls
|
||||
ingress.tls[0].hosts: ["fleet.example.com"]
|
||||
fleet.tls.enabled: false
|
||||
mysql.enabled: true
|
||||
mysql.auth.username: fleet
|
||||
mysql.auth.database: fleet
|
||||
mysql.primary.livenessProbe.enabled: false
|
||||
mysql.primary.readinessProbe.enabled: false
|
||||
mysql.primary.startupProbe.enabled: false
|
||||
redis.enabled: true
|
||||
redis.architecture: standalone
|
||||
redis.auth.enabled: false
|
@ -4,8 +4,17 @@ name: fleet
|
||||
keywords:
|
||||
- fleet
|
||||
- osquery
|
||||
version: v5.0.1
|
||||
version: v6.0.1
|
||||
home: https://github.com/fleetdm/fleet
|
||||
sources:
|
||||
- https://github.com/fleetdm/fleet.git
|
||||
appVersion: v4.40.0
|
||||
dependencies:
|
||||
- name: mysql
|
||||
condition: mysql.enabled
|
||||
version: 9.12.5
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
- name: redis
|
||||
condition: redis.enabled
|
||||
version: 18.1.6
|
||||
repository: https://charts.bitnami.com/bitnami
|
BIN
charts/fleet/charts/mysql-9.12.5.tgz
Normal file
BIN
charts/fleet/charts/mysql-9.12.5.tgz
Normal file
Binary file not shown.
BIN
charts/fleet/charts/redis-18.1.6.tgz
Normal file
BIN
charts/fleet/charts/redis-18.1.6.tgz
Normal file
Binary file not shown.
9
charts/fleet/requirements.lock
Normal file
9
charts/fleet/requirements.lock
Normal file
@ -0,0 +1,9 @@
|
||||
dependencies:
|
||||
- name: mysql
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 9.12.5
|
||||
- name: redis
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 18.1.6
|
||||
digest: sha256:f0b4e3397c22afafde5a56c3a78beecf72c2604ae5bdcad83c5ce9920fd2ea9a
|
||||
generated: "2023-10-20T12:53:32.721448425-05:00"
|
@ -99,52 +99,52 @@ spec:
|
||||
## END FLEET SECTION
|
||||
## BEGIN MYSQL SECTION
|
||||
- name: FLEET_MYSQL_ADDRESS
|
||||
value: "{{ .Values.mysql.address }}"
|
||||
value: "{{ .Values.database.address }}"
|
||||
- name: FLEET_MYSQL_DATABASE
|
||||
value: "{{ .Values.mysql.database }}"
|
||||
value: "{{ .Values.database.database }}"
|
||||
- name: FLEET_MYSQL_USERNAME
|
||||
value: "{{ .Values.mysql.username }}"
|
||||
value: "{{ .Values.database.username }}"
|
||||
- name: FLEET_MYSQL_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.mysql.secretName }}
|
||||
key: {{ .Values.mysql.passwordKey }}
|
||||
name: {{ .Values.database.secretName }}
|
||||
key: {{ .Values.database.passwordKey }}
|
||||
- name: FLEET_MYSQL_MAX_OPEN_CONNS
|
||||
value: "{{ .Values.mysql.maxOpenConns }}"
|
||||
value: "{{ .Values.database.maxOpenConns }}"
|
||||
- name: FLEET_MYSQL_MAX_IDLE_CONNS
|
||||
value: "{{ .Values.mysql.maxIdleConns }}"
|
||||
value: "{{ .Values.database.maxIdleConns }}"
|
||||
- name: FLEET_MYSQL_CONN_MAX_LIFETIME
|
||||
value: "{{ .Values.mysql.connMaxLifetime }}"
|
||||
{{- if .Values.mysql.tls.enabled }}
|
||||
{{- if .Values.mysql.tls.caCertKey }}
|
||||
value: "{{ .Values.database.connMaxLifetime }}"
|
||||
{{- if .Values.database.tls.enabled }}
|
||||
{{- if .Values.database.tls.caCertKey }}
|
||||
- name: FLEET_MYSQL_TLS_CA
|
||||
value: "/secrets/mysql/{{ .Values.mysql.tls.caCertKey }}"
|
||||
value: "/secrets/mysql/{{ .Values.database.tls.caCertKey }}"
|
||||
{{- end }}
|
||||
{{- if .Values.mysql.tls.certKey }}
|
||||
{{- if .Values.database.tls.certKey }}
|
||||
- name: FLEET_MYSQL_TLS_CERT
|
||||
value: "/secrets/mysql/{{ .Values.mysql.tls.certKey }}"
|
||||
value: "/secrets/mysql/{{ .Values.database.tls.certKey }}"
|
||||
{{- end }}
|
||||
{{- if .Values.mysql.tls.keyKey }}
|
||||
{{- if .Values.database.tls.keyKey }}
|
||||
- name: FLEET_MYSQL_TLS_KEY
|
||||
value: "/secrets/mysql/{{ .Values.mysql.tls.keyKey }}"
|
||||
value: "/secrets/mysql/{{ .Values.database.tls.keyKey }}"
|
||||
{{- end }}
|
||||
- name: FLEET_MYSQL_TLS_CONFIG
|
||||
value: "{{ .Values.mysql.tls.config }}"
|
||||
value: "{{ .Values.database.tls.config }}"
|
||||
- name: FLEET_MYSQL_TLS_SERVER_NAME
|
||||
value: "{{ .Values.mysql.tls.serverName }}"
|
||||
value: "{{ .Values.database.tls.serverName }}"
|
||||
{{- end }}
|
||||
## END MYSQL SECTION
|
||||
## BEGIN REDIS SECTION
|
||||
- name: FLEET_REDIS_ADDRESS
|
||||
value: "{{ .Values.redis.address }}"
|
||||
value: "{{ .Values.cache.address }}"
|
||||
- name: FLEET_REDIS_DATABASE
|
||||
value: "{{ .Values.redis.database }}"
|
||||
{{- if .Values.redis.usePassword }}
|
||||
value: "{{ .Values.cache.database }}"
|
||||
{{- if .Values.cache.usePassword }}
|
||||
- name: FLEET_REDIS_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.redis.secretName }}"
|
||||
key: "{{ .Values.redis.passwordKey }}"
|
||||
name: "{{ .Values.cache.secretName }}"
|
||||
key: "{{ .Values.cache.passwordKey }}"
|
||||
{{- end }}
|
||||
## END REDIS SECTION
|
||||
## BEGIN OSQUERY SECTION
|
||||
@ -290,7 +290,7 @@ spec:
|
||||
{{- if .Values.fleet.tls.enabled }}
|
||||
scheme: HTTPS
|
||||
{{- end }}
|
||||
{{- if or (.Values.fleet.tls.enabled) (.Values.mysql.tls.enabled) (eq .Values.osquery.logging.statusPlugin "filesystem") (eq .Values.osquery.logging.resultPlugin "filesystem") }}
|
||||
{{- if or (.Values.fleet.tls.enabled) (.Values.database.tls.enabled) (eq .Values.osquery.logging.statusPlugin "filesystem") (eq .Values.osquery.logging.resultPlugin "filesystem") }}
|
||||
volumeMounts:
|
||||
- name: tmp
|
||||
mountPath: /tmp
|
||||
@ -299,7 +299,7 @@ spec:
|
||||
readOnly: true
|
||||
mountPath: /secrets/tls
|
||||
{{- end }}
|
||||
{{- if .Values.mysql.tls.enabled }}
|
||||
{{- if .Values.database.tls.enabled }}
|
||||
- name: mysql-tls
|
||||
readOnly: true
|
||||
mountPath: /secrets/mysql
|
||||
@ -340,7 +340,7 @@ spec:
|
||||
hostNetwork: false
|
||||
hostIPC: false
|
||||
serviceAccountName: fleet
|
||||
{{- if or (.Values.fleet.tls.enabled) (.Values.mysql.tls.enabled) (eq .Values.osquery.logging.statusPlugin "filesystem") (eq .Values.osquery.logging.resultPlugin "filesystem") }}
|
||||
{{- if or (.Values.fleet.tls.enabled) (.Values.database.tls.enabled) (eq .Values.osquery.logging.statusPlugin "filesystem") (eq .Values.osquery.logging.resultPlugin "filesystem") }}
|
||||
volumes:
|
||||
- name: tmp
|
||||
emptyDir:
|
||||
@ -353,10 +353,10 @@ spec:
|
||||
secretName: "{{ .Values.fleet.secretName }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.mysql.tls.enabled }}
|
||||
{{- if .Values.database.tls.enabled }}
|
||||
- name: mysql-tls
|
||||
secret:
|
||||
secretName: "{{ .Values.mysql.secretName }}"
|
||||
secretName: "{{ .Values.database.secretName }}"
|
||||
{{- end }}
|
||||
{{- if or (eq .Values.osquery.logging.statusPlugin "filesystem") (eq .Values.osquery.logging.resultPlugin "filesystem") }}
|
||||
- name: osquery-logs
|
||||
|
@ -10,9 +10,13 @@ metadata:
|
||||
name: fleet-migration
|
||||
namespace: {{ .Release.Namespace }}
|
||||
annotations:
|
||||
{{- if .Values.mysql.enabled }}
|
||||
{}
|
||||
{{- else }}
|
||||
"helm.sh/hook": pre-install,pre-upgrade
|
||||
"helm.sh/hook-weight": "1"
|
||||
"helm.sh/hook-delete-policy": hook-succeeded
|
||||
{{- end }}
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
@ -73,39 +77,39 @@ spec:
|
||||
## END FLEET SECTION
|
||||
## BEGIN MYSQL SECTION
|
||||
- name: FLEET_MYSQL_ADDRESS
|
||||
value: "{{ .Values.mysql.address }}"
|
||||
value: "{{ .Values.database.address }}"
|
||||
- name: FLEET_MYSQL_DATABASE
|
||||
value: "{{ .Values.mysql.database }}"
|
||||
value: "{{ .Values.database.database }}"
|
||||
- name: FLEET_MYSQL_USERNAME
|
||||
value: "{{ .Values.mysql.username }}"
|
||||
value: "{{ .Values.database.username }}"
|
||||
- name: FLEET_MYSQL_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.mysql.secretName }}
|
||||
key: {{ .Values.mysql.passwordKey }}
|
||||
name: {{ .Values.database.secretName }}
|
||||
key: {{ .Values.database.passwordKey }}
|
||||
- name: FLEET_MYSQL_MAX_OPEN_CONNS
|
||||
value: "{{ .Values.mysql.maxOpenConns }}"
|
||||
value: "{{ .Values.database.maxOpenConns }}"
|
||||
- name: FLEET_MYSQL_MAX_IDLE_CONNS
|
||||
value: "{{ .Values.mysql.maxIdleConns }}"
|
||||
value: "{{ .Values.database.maxIdleConns }}"
|
||||
- name: FLEET_MYSQL_CONN_MAX_LIFETIME
|
||||
value: "{{ .Values.mysql.connMaxLifetime }}"
|
||||
{{- if .Values.mysql.tls.enabled }}
|
||||
{{- if .Values.mysql.tls.caCertKey }}
|
||||
value: "{{ .Values.database.connMaxLifetime }}"
|
||||
{{- if .Values.database.tls.enabled }}
|
||||
{{- if .Values.database.tls.caCertKey }}
|
||||
- name: FLEET_MYSQL_TLS_CA
|
||||
value: "/secrets/mysql/{{ .Values.mysql.tls.caCertKey }}"
|
||||
value: "/secrets/mysql/{{ .Values.database.tls.caCertKey }}"
|
||||
{{- end }}
|
||||
{{- if .Values.mysql.tls.certKey }}
|
||||
{{- if .Values.database.tls.certKey }}
|
||||
- name: FLEET_MYSQL_TLS_CERT
|
||||
value: "/secrets/mysql/{{ .Values.mysql.tls.certKey }}"
|
||||
value: "/secrets/mysql/{{ .Values.database.tls.certKey }}"
|
||||
{{- end }}
|
||||
{{- if .Values.mysql.tls.keyKey }}
|
||||
{{- if .Values.database.tls.keyKey }}
|
||||
- name: FLEET_MYSQL_TLS_KEY
|
||||
value: "/secrets/mysql/{{ .Values.mysql.tls.keyKey }}"
|
||||
value: "/secrets/mysql/{{ .Values.database.tls.keyKey }}"
|
||||
{{- end }}
|
||||
- name: FLEET_MYSQL_TLS_CONFIG
|
||||
value: "{{ .Values.mysql.tls.config }}"
|
||||
value: "{{ .Values.database.tls.config }}"
|
||||
- name: FLEET_MYSQL_TLS_SERVER_NAME
|
||||
value: "{{ .Values.mysql.tls.serverName }}"
|
||||
value: "{{ .Values.database.tls.serverName }}"
|
||||
{{- end }}
|
||||
## END MYSQL SECTION
|
||||
securityContext:
|
||||
@ -118,16 +122,16 @@ spec:
|
||||
runAsUser: 3333
|
||||
runAsNonRoot: true
|
||||
volumeMounts:
|
||||
{{- if .Values.mysql.tls.enabled }}
|
||||
{{- if .Values.database.tls.enabled }}
|
||||
- name: mysql-tls
|
||||
readOnly: true
|
||||
mountPath: /secrets/mysql
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- if .Values.mysql.tls.enabled }}
|
||||
{{- if .Values.database.tls.enabled }}
|
||||
- name: mysql-tls
|
||||
secret:
|
||||
secretName: "{{ .Values.mysql.secretName }}"
|
||||
secretName: "{{ .Values.database.secretName }}"
|
||||
{{- end }}
|
||||
{{- with .Values.nodeSelector }}
|
||||
nodeSelector:
|
||||
|
@ -14,8 +14,8 @@ rules:
|
||||
resources:
|
||||
- secrets
|
||||
resourceNames:
|
||||
- {{ .Values.mysql.secretName }}
|
||||
- {{ .Values.redis.secretName }}
|
||||
- {{ .Values.database.secretName }}
|
||||
- {{ .Values.cache.secretName }}
|
||||
- {{ .Values.fleet.secretName }}
|
||||
- {{ .Values.osquery.secretName }}
|
||||
verbs:
|
||||
|
@ -39,17 +39,19 @@ ingress:
|
||||
enabled: false
|
||||
className: ""
|
||||
annotations: {}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
# nginx.ingress.kubernetes.io/proxy-body-size: 10m
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# cert-manager.io/cluster-issuer: letsencrypt
|
||||
hosts:
|
||||
- host: chart-example.local
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls: []
|
||||
# - secretName: chart-example-tls
|
||||
# hosts:
|
||||
# - chart-example.local
|
||||
tls:
|
||||
- secretName: chart-example-tls
|
||||
hosts:
|
||||
- chart-example.local
|
||||
|
||||
## Section: Fleet
|
||||
# All of the settings relating to configuring the Fleet server
|
||||
@ -146,9 +148,9 @@ osquery:
|
||||
statusTopic: ""
|
||||
resultTopic: ""
|
||||
|
||||
## Section: MySQL
|
||||
## Section: database
|
||||
# All of the connection settings for MySQL
|
||||
mysql:
|
||||
database:
|
||||
# Name of the Secret resource containing MySQL password and TLS secrets
|
||||
secretName: mysql
|
||||
address: 127.0.0.1:3306
|
||||
@ -168,9 +170,9 @@ mysql:
|
||||
config: ""
|
||||
serverName: ""
|
||||
|
||||
## Section: Redis
|
||||
## Section: cache
|
||||
# All of the connection settings for Redis
|
||||
redis:
|
||||
cache:
|
||||
address: 127.0.0.1:6379
|
||||
database: "0"
|
||||
usePassword: false
|
||||
@ -204,3 +206,9 @@ environments:
|
||||
FLEET_MDM_APPLE_APNS_KEY_BYTES: ""
|
||||
FLEET_MDM_APPLE_SCEP_CERT_BYTES: ""
|
||||
FLEET_MDM_APPLE_SCEP_KEY_BYTES: ""
|
||||
|
||||
mysql:
|
||||
enabled: false
|
||||
|
||||
redis:
|
||||
enabled: false
|
||||
|
@ -100,7 +100,7 @@ osquery:
|
||||
|
||||
## Section: MySQL
|
||||
# All of the connection settings for MySQL
|
||||
mysql:
|
||||
database:
|
||||
# Name of the Secret resource containing MySQL password and TLS secrets
|
||||
secretName: mysql
|
||||
address: 127.0.0.1:3306
|
||||
@ -120,7 +120,7 @@ mysql:
|
||||
|
||||
## Section: Redis
|
||||
# All of the connection settings for Redis
|
||||
redis:
|
||||
cache:
|
||||
address: 127.0.0.1:6379
|
||||
database: "0"
|
||||
usePassword: false
|
||||
|
@ -97,7 +97,7 @@ osquery:
|
||||
|
||||
## Section: MySQL
|
||||
# All of the connection settings for MySQL
|
||||
mysql:
|
||||
database:
|
||||
# Name of the Secret resource containing MySQL password and TLS secrets
|
||||
secretName: mysql
|
||||
address: 127.0.0.1:3306
|
||||
@ -117,7 +117,7 @@ mysql:
|
||||
|
||||
## Section: Redis
|
||||
# All of the connection settings for Redis
|
||||
redis:
|
||||
cache:
|
||||
address: 127.0.0.1:6379
|
||||
database: "0"
|
||||
usePassword: false
|
||||
|
@ -97,7 +97,7 @@ osquery:
|
||||
|
||||
## Section: MySQL
|
||||
# All of the connection settings for MySQL
|
||||
mysql:
|
||||
database:
|
||||
# Name of the Secret resource containing MySQL password and TLS secrets
|
||||
secretName: mysql
|
||||
address: 127.0.0.1:3306
|
||||
@ -117,7 +117,7 @@ mysql:
|
||||
|
||||
## Section: Redis
|
||||
# All of the connection settings for Redis
|
||||
redis:
|
||||
cache:
|
||||
address: 127.0.0.1:6379
|
||||
database: "0"
|
||||
usePassword: false
|
||||
|
@ -97,7 +97,7 @@ osquery:
|
||||
|
||||
## Section: MySQL
|
||||
# All of the connection settings for MySQL
|
||||
mysql:
|
||||
database:
|
||||
# Name of the Secret resource containing MySQL password and TLS secrets
|
||||
secretName: mysql
|
||||
address: 127.0.0.1:3306
|
||||
@ -117,7 +117,7 @@ mysql:
|
||||
|
||||
## Section: Redis
|
||||
# All of the connection settings for Redis
|
||||
redis:
|
||||
cache:
|
||||
address: 127.0.0.1:6379
|
||||
database: "0"
|
||||
usePassword: false
|
||||
|
@ -97,7 +97,7 @@ osquery:
|
||||
|
||||
## Section: MySQL
|
||||
# All of the connection settings for MySQL
|
||||
mysql:
|
||||
database:
|
||||
# Name of the Secret resource containing MySQL password and TLS secrets
|
||||
secretName: mysql
|
||||
address: 127.0.0.1:3306
|
||||
@ -117,7 +117,7 @@ mysql:
|
||||
|
||||
## Section: Redis
|
||||
# All of the connection settings for Redis
|
||||
redis:
|
||||
cache:
|
||||
address: 127.0.0.1:6379
|
||||
database: "0"
|
||||
usePassword: false
|
||||
|
@ -97,7 +97,7 @@ osquery:
|
||||
|
||||
## Section: MySQL
|
||||
# All of the connection settings for MySQL
|
||||
mysql:
|
||||
database:
|
||||
# Name of the Secret resource containing MySQL password and TLS secrets
|
||||
secretName: mysql
|
||||
address: 127.0.0.1:3306
|
||||
@ -117,7 +117,7 @@ mysql:
|
||||
|
||||
## Section: Redis
|
||||
# All of the connection settings for Redis
|
||||
redis:
|
||||
cache:
|
||||
address: 127.0.0.1:6379
|
||||
database: "0"
|
||||
usePassword: false
|
||||
|
@ -97,7 +97,7 @@ osquery:
|
||||
|
||||
## Section: MySQL
|
||||
# All of the connection settings for MySQL
|
||||
mysql:
|
||||
database:
|
||||
# Name of the Secret resource containing MySQL password and TLS secrets
|
||||
secretName: mysql
|
||||
address: 127.0.0.1:3306
|
||||
@ -117,7 +117,7 @@ mysql:
|
||||
|
||||
## Section: Redis
|
||||
# All of the connection settings for Redis
|
||||
redis:
|
||||
cache:
|
||||
address: 127.0.0.1:6379
|
||||
database: "0"
|
||||
usePassword: false
|
||||
|
Loading…
Reference in New Issue
Block a user