chore(library): Move Common and Common test to seperate Repo

This commit is contained in:
kjeld Schouten-Lebbing
2022-03-26 11:40:11 +01:00
parent f535ede564
commit ac891376bc
90 changed files with 0 additions and 7509 deletions

View File

@@ -1,130 +0,0 @@
# Changelog<br>
<a name="common-test-3.3.8"></a>
### [common-test-3.3.8](https://github.com/truecharts/apps/compare/common-test-3.3.7...common-test-3.3.8) (2022-03-07)
#### Chore
* update docker general non-major ([#2046](https://github.com/truecharts/apps/issues/2046))
<a name="common-test-3.3.7"></a>
### [common-test-3.3.7](https://github.com/truecharts/apps/compare/common-test-3.3.6...common-test-3.3.7) (2021-12-08)
#### Fix
* correct common version reference
<a name="common-test-3.3.6"></a>
### common-test-3.3.6 (2021-12-05)
#### Chore
* move all container references to TCCR ([#1448](https://github.com/truecharts/apps/issues/1448))
* retrigger common release
* bump common
* update non-major ([#1466](https://github.com/truecharts/apps/issues/1466))
* update non-major ([#1449](https://github.com/truecharts/apps/issues/1449))
* update common
#### Fix
* use version-range
* move deps back to ghcr for now.
<a name="common-test-3.3.4"></a>
### [common-test-3.3.4](https://github.com/truecharts/apps/compare/common-test-3.3.2...common-test-3.3.4) (2021-12-05)
#### Chore
* update non-major ([#1466](https://github.com/truecharts/apps/issues/1466))
#### Fix
* move deps back to ghcr for now.
<a name="common-test-3.3.2"></a>
### [common-test-3.3.2](https://github.com/truecharts/apps/compare/common-test-3.3.1...common-test-3.3.2) (2021-12-05)
#### Fix
* use version-range
<a name="common-test-3.3.1"></a>
### [common-test-3.3.1](https://github.com/truecharts/apps/compare/common-test-3.3.0...common-test-3.3.1) (2021-12-03)
#### Chore
* move all container references to TCCR ([#1448](https://github.com/truecharts/apps/issues/1448))
* update non-major ([#1449](https://github.com/truecharts/apps/issues/1449))
<a name="common-test-3.3.0"></a>
### [common-test-3.3.0](https://github.com/truecharts/apps/compare/common-test-3.2.0...common-test-3.3.0) (2021-10-20)
#### Chore
* Project-Eclipse 5, move app-readme to automatic generation script ([#1181](https://github.com/truecharts/apps/issues/1181))
* Project-Eclipse part 2, adapting and cleaning changelog ([#1173](https://github.com/truecharts/apps/issues/1173))
#### Security
* Improve Snyk hardening advisory ([#1208](https://github.com/truecharts/apps/issues/1208))
<a name="common-test-3.2.0"></a>
### [common-test-3.2.0](https://github.com/truecharts/apps/compare/common-test-3.1.5...common-test-3.2.0) (2021-09-28)
<a name="common-test-3.1.5"></a>
### [common-test-3.1.5](https://github.com/truecharts/apps/compare/common-test-3.1.4...common-test-3.1.5) (2021-09-28)
#### Chore
* update non-major ([#1046](https://github.com/truecharts/apps/issues/1046))
<a name="common-test-3.1.4"></a>
### [common-test-3.1.4](https://github.com/truecharts/apps/compare/common-test-3.1.3...common-test-3.1.4) (2021-09-25)
<a name="common-test-3.1.3"></a>
### [common-test-3.1.3](https://github.com/truecharts/apps/compare/common-test-3.1.2...common-test-3.1.3) (2021-09-21)
#### Chore
* update non-major ([#1013](https://github.com/truecharts/apps/issues/1013))
<a name="common-test-3.1.2"></a>
### [common-test-3.1.2](https://github.com/truecharts/apps/compare/common-test-3.1.1...common-test-3.1.2) (2021-09-14)
#### Fix
* make sure autopermissions sets the group owner correctly ([#994](https://github.com/truecharts/apps/issues/994))
<a name="common-test-3.1.1"></a>
### [common-test-3.1.1](https://github.com/truecharts/apps/compare/common-test-3.1.0...common-test-3.1.1) (2021-09-14)
#### Chore
* Use bitnami instead of stock postgresql container ([#960](https://github.com/truecharts/apps/issues/960))
* update non-major ([#987](https://github.com/truecharts/apps/issues/987))

View File

@@ -1,8 +0,0 @@
# Configuration Options
##### Connecting to other apps
If you need to connect this App to other Apps on TrueNAS SCALE, please refer to our "Linking Apps Internally" quick-start guide:
https://truecharts.org/manual/Quick-Start%20Guides/14-linking-apps/
##### Available config options
In the future this page is going to contain an automated list of options available in the installation/edit UI.

View File

@@ -1,25 +0,0 @@
apiVersion: v2
appVersion: "1.8.0"
dependencies:
- name: common
repository: file://../common
version: '>=0.0.1'
deprecated: false
description: Helper chart to test different use cases of the common library
home: https://github.com/truecharts/apps/tree/master/charts/library/common-test
icon: https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
keywords:
- common-test
- truecharts
- common
- test
kubeVersion: '>=1.16.0-0'
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: common-test
sources:
- https://github.com/truecharts/apps/tree/master/charts/library/common-test
type: application
version: 3.3.8

View File

@@ -1,37 +0,0 @@
# Introduction
Helper chart to test different use cases of the common library
TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation.
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)**
## Source Code
* <https://github.com/truecharts/apps/tree/master/charts/library/common-test>
## Requirements
Kubernetes: `>=1.16.0-0`
## Dependencies
| Repository | Name | Version |
|------------|------|---------|
| file://../common | common | >=0.0.1 |
## Installing the Chart
To install this App on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/03-Installing-an-App/).
## Uninstalling the Chart
To remove this App from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/07-Deleting-an-App/).
## Support
- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Open-Apps/) first.
- See the [Wiki](https://truecharts.org)
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
---
All Rights Reserved - The TrueCharts Project

View File

@@ -1,81 +0,0 @@
image:
repository: ghcr.io/truecharts/whoami
pullPolicy: IfNotPresent
tag: v1.8.0@sha256:057b682b74eae04bdfc994050bc3a9c1ba5c13cb6f415464828f9d4219e7331f
service:
main:
ports:
main:
port: 8080
args:
- --port
- '8080'
ingress:
main:
enabled: true
probes:
liveness:
enabled: true
readiness:
enabled: true
startup:
enabled: true
"ixCertificateAuthorities": {}
"ixCertificates":
"1":
"CA_type_existing": false
"CA_type_intermediate": false
"CA_type_internal": false
"CSR": ""
"DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost"
"cert_type": "CERTIFICATE"
"cert_type_CSR": false
"cert_type_existing": true
"cert_type_internal": false
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
"certificate_path": "/etc/certificates/freenas_default.crt"
"chain": false
"chain_list": [
"-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
]
"city": "Maryville"
"common": "localhost"
"country": "US"
"csr_path": "/etc/certificates/freenas_default.csr"
"digest_algorithm": "SHA256"
"email": "info@ixsystems.com"
"extensions":
"ExtendedKeyUsage": "TLS Web Server Authentication"
"SubjectAltName": "DNS:localhost"
"fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B"
"from": "Fri Sep 25 16:05:38 2020"
"id": 1
"internal": "NO"
"issuer": "external"
"key_length": 2048
"key_type": "RSA"
"lifetime": 825
"name": "freenas_default"
"organization": "iXsystems"
"organizational_unit": ""
"parsed": true
"privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n"
"privatekey_path": "/etc/certificates/freenas_default.key"
"revoked": false
"revoked_date": ""
"root_path": "/etc/certificates"
"san": [
"DNS:localhost"
]
"serial": 1
"signedby": ""
"state": "Tennessee"
"subject_name_hash": 3193428416
"type": 8
"until": "Thu Dec 29 15:05:38 2022"

View File

@@ -1,89 +0,0 @@
image:
repository: ghcr.io/truecharts/whoami
pullPolicy: IfNotPresent
tag: v1.8.0@sha256:057b682b74eae04bdfc994050bc3a9c1ba5c13cb6f415464828f9d4219e7331f
service:
main:
ports:
main:
port: 8080
args:
- --port
- '8080'
ingress:
main:
enabled: true
probes:
liveness:
enabled: true
readiness:
enabled: true
startup:
enabled: true
addons:
codeserver:
enabled: true
service:
type: NodePort
ports:
codeserver:
nodePort: 30067
"ixCertificateAuthorities": {}
"ixCertificates":
"1":
"CA_type_existing": false
"CA_type_intermediate": false
"CA_type_internal": false
"CSR": ""
"DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost"
"cert_type": "CERTIFICATE"
"cert_type_CSR": false
"cert_type_existing": true
"cert_type_internal": false
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
"certificate_path": "/etc/certificates/freenas_default.crt"
"chain": false
"chain_list": [
"-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
]
"city": "Maryville"
"common": "localhost"
"country": "US"
"csr_path": "/etc/certificates/freenas_default.csr"
"digest_algorithm": "SHA256"
"email": "info@ixsystems.com"
"extensions":
"ExtendedKeyUsage": "TLS Web Server Authentication"
"SubjectAltName": "DNS:localhost"
"fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B"
"from": "Fri Sep 25 16:05:38 2020"
"id": 1
"internal": "NO"
"issuer": "external"
"key_length": 2048
"key_type": "RSA"
"lifetime": 825
"name": "freenas_default"
"organization": "iXsystems"
"organizational_unit": ""
"parsed": true
"privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n"
"privatekey_path": "/etc/certificates/freenas_default.key"
"revoked": false
"revoked_date": ""
"root_path": "/etc/certificates"
"san": [
"DNS:localhost"
]
"serial": 1
"signedby": ""
"state": "Tennessee"
"subject_name_hash": 3193428416
"type": 8
"until": "Thu Dec 29 15:05:38 2022"

View File

@@ -1,95 +0,0 @@
image:
repository: ghcr.io/truecharts/whoami
pullPolicy: IfNotPresent
tag: v1.8.0@sha256:057b682b74eae04bdfc994050bc3a9c1ba5c13cb6f415464828f9d4219e7331f
service:
main:
ports:
main:
port: 8080
args:
- --port
- '8080'
ingress:
main:
enabled: true
probes:
liveness:
enabled: true
readiness:
enabled: true
startup:
enabled: true
configmap:
configmap-example:
enabled: true
data:
test.yaml: "testfile content"
persistence:
configmap:
enabled: true
type: configMap
objectName: '{{ include "common.names.fullname" . -}}-configmap-example'
mountPath: /configmapmount
"ixCertificateAuthorities": {}
"ixCertificates":
"1":
"CA_type_existing": false
"CA_type_intermediate": false
"CA_type_internal": false
"CSR": ""
"DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost"
"cert_type": "CERTIFICATE"
"cert_type_CSR": false
"cert_type_existing": true
"cert_type_internal": false
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
"certificate_path": "/etc/certificates/freenas_default.crt"
"chain": false
"chain_list": [
"-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
]
"city": "Maryville"
"common": "localhost"
"country": "US"
"csr_path": "/etc/certificates/freenas_default.csr"
"digest_algorithm": "SHA256"
"email": "info@ixsystems.com"
"extensions":
"ExtendedKeyUsage": "TLS Web Server Authentication"
"SubjectAltName": "DNS:localhost"
"fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B"
"from": "Fri Sep 25 16:05:38 2020"
"id": 1
"internal": "NO"
"issuer": "external"
"key_length": 2048
"key_type": "RSA"
"lifetime": 825
"name": "freenas_default"
"organization": "iXsystems"
"organizational_unit": ""
"parsed": true
"privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n"
"privatekey_path": "/etc/certificates/freenas_default.key"
"revoked": false
"revoked_date": ""
"root_path": "/etc/certificates"
"san": [
"DNS:localhost"
]
"serial": 1
"signedby": ""
"state": "Tennessee"
"subject_name_hash": 3193428416
"type": 8
"until": "Thu Dec 29 15:05:38 2022"

View File

@@ -1,190 +0,0 @@
image:
repository: ghcr.io/truecharts/whoami
pullPolicy: IfNotPresent
tag: v1.8.0@sha256:057b682b74eae04bdfc994050bc3a9c1ba5c13cb6f415464828f9d4219e7331f
service:
main:
ports:
main:
port: 8080
autolink:
enabled: true
ports:
autolink:
enabled: true
port: 8081
args:
- --port
- '8080'
probes:
liveness:
enabled: true
readiness:
enabled: true
startup:
enabled: true
# -- Configure the ingresses for the chart here.
# Additional ingresses can be added by adding a dictionary key similar to the 'main' ingress.
# @default -- See below
ingress:
main:
enabled: true
primary: true
nameOverride:
fixedMiddlewares:
- chain-basic
middlewares: []
annotationsList: []
annotations: {}
labelsList: []
labels: {}
ingressClassName: # "nginx"
hosts:
- host: chart-example.local
paths:
- path: /
pathType: Prefix
service:
name:
port:
tls: []
label:
enabled: true
nameOverride:
fixedMiddlewares:
- chain-basic
middlewares: []
annotationsList: []
annotations: {}
labelsList: []
labels:
labelexample1: labelvalue2
ingressClassName: # "nginx"
hosts:
- host: label.chart-example.local
paths:
- path: /
pathType: Prefix
service:
name:
port:
tls: []
autolink:
enabled: true
fixedMiddlewares:
- chain-basic
hosts:
- host: label.chart-example.local
paths:
- path: /
pathType: Prefix
service:
name:
port:
tls: []
autoLink: true
labellist:
enabled: true
nameOverride:
fixedMiddlewares:
- chain-basic
middlewares: []
annotationsList: []
annotations: {}
labelsList:
- name: labelexample
value: labelcontent
labels: {}
ingressClassName: # "nginx"
hosts:
- host: labellist.chart-example.local
paths:
- path: /
pathType: Prefix
service:
name:
port:
tls: []
notls:
enabled: true
nameOverride:
fixedMiddlewares:
- chain-basic
middlewares: []
annotationsList: []
annotations: {}
labelsList: []
labels: {}
ingressClassName: # "nginx"
hosts:
- host: notls.chart-example.local
paths:
- path: /
pathType: Prefix
service:
name:
port:
"ixCertificateAuthorities": {}
"ixCertificates":
"1":
"CA_type_existing": false
"CA_type_intermediate": false
"CA_type_internal": false
"CSR": ""
"DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost"
"cert_type": "CERTIFICATE"
"cert_type_CSR": false
"cert_type_existing": true
"cert_type_internal": false
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
"certificate_path": "/etc/certificates/freenas_default.crt"
"chain": false
"chain_list": [
"-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
]
"city": "Maryville"
"common": "localhost"
"country": "US"
"csr_path": "/etc/certificates/freenas_default.csr"
"digest_algorithm": "SHA256"
"email": "info@ixsystems.com"
"extensions":
"ExtendedKeyUsage": "TLS Web Server Authentication"
"SubjectAltName": "DNS:localhost"
"fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B"
"from": "Fri Sep 25 16:05:38 2020"
"id": 1
"internal": "NO"
"issuer": "external"
"key_length": 2048
"key_type": "RSA"
"lifetime": 825
"name": "freenas_default"
"organization": "iXsystems"
"organizational_unit": ""
"parsed": true
"privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n"
"privatekey_path": "/etc/certificates/freenas_default.key"
"revoked": false
"revoked_date": ""
"root_path": "/etc/certificates"
"san": [
"DNS:localhost"
]
"serial": 1
"signedby": ""
"state": "Tennessee"
"subject_name_hash": 3193428416
"type": 8
"until": "Thu Dec 29 15:05:38 2022"

View File

@@ -1,84 +0,0 @@
image:
repository: ghcr.io/truecharts/whoami
pullPolicy: IfNotPresent
tag: v1.8.0@sha256:057b682b74eae04bdfc994050bc3a9c1ba5c13cb6f415464828f9d4219e7331f
service:
main:
ports:
main:
port: 8080
args:
- --port
- '8080'
ingress:
main:
enabled: true
probes:
liveness:
enabled: true
readiness:
enabled: true
startup:
enabled: true
addons:
netshoot:
enabled: true
"ixCertificateAuthorities": {}
"ixCertificates":
"1":
"CA_type_existing": false
"CA_type_intermediate": false
"CA_type_internal": false
"CSR": ""
"DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost"
"cert_type": "CERTIFICATE"
"cert_type_CSR": false
"cert_type_existing": true
"cert_type_internal": false
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
"certificate_path": "/etc/certificates/freenas_default.crt"
"chain": false
"chain_list": [
"-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
]
"city": "Maryville"
"common": "localhost"
"country": "US"
"csr_path": "/etc/certificates/freenas_default.csr"
"digest_algorithm": "SHA256"
"email": "info@ixsystems.com"
"extensions":
"ExtendedKeyUsage": "TLS Web Server Authentication"
"SubjectAltName": "DNS:localhost"
"fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B"
"from": "Fri Sep 25 16:05:38 2020"
"id": 1
"internal": "NO"
"issuer": "external"
"key_length": 2048
"key_type": "RSA"
"lifetime": 825
"name": "freenas_default"
"organization": "iXsystems"
"organizational_unit": ""
"parsed": true
"privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n"
"privatekey_path": "/etc/certificates/freenas_default.key"
"revoked": false
"revoked_date": ""
"root_path": "/etc/certificates"
"san": [
"DNS:localhost"
]
"serial": 1
"signedby": ""
"state": "Tennessee"
"subject_name_hash": 3193428416
"type": 8
"until": "Thu Dec 29 15:05:38 2022"

View File

@@ -1,127 +0,0 @@
image:
repository: ghcr.io/truecharts/whoami
pullPolicy: IfNotPresent
tag: v1.8.0@sha256:057b682b74eae04bdfc994050bc3a9c1ba5c13cb6f415464828f9d4219e7331f
service:
main:
ports:
main:
port: 8080
args:
- --port
- '8080'
ingress:
main:
enabled: true
probes:
liveness:
enabled: true
readiness:
enabled: true
startup:
enabled: true
"ixCertificateAuthorities": {}
"ixCertificates":
"1":
"CA_type_existing": false
"CA_type_intermediate": false
"CA_type_internal": false
"CSR": ""
"DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost"
"cert_type": "CERTIFICATE"
"cert_type_CSR": false
"cert_type_existing": true
"cert_type_internal": false
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
"certificate_path": "/etc/certificates/freenas_default.crt"
"chain": false
"chain_list": [
"-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
]
"city": "Maryville"
"common": "localhost"
"country": "US"
"csr_path": "/etc/certificates/freenas_default.csr"
"digest_algorithm": "SHA256"
"email": "info@ixsystems.com"
"extensions":
"ExtendedKeyUsage": "TLS Web Server Authentication"
"SubjectAltName": "DNS:localhost"
"fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B"
"from": "Fri Sep 25 16:05:38 2020"
"id": 1
"internal": "NO"
"issuer": "external"
"key_length": 2048
"key_type": "RSA"
"lifetime": 825
"name": "freenas_default"
"organization": "iXsystems"
"organizational_unit": ""
"parsed": true
"privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n"
"privatekey_path": "/etc/certificates/freenas_default.key"
"revoked": false
"revoked_date": ""
"root_path": "/etc/certificates"
"san": [
"DNS:localhost"
]
"serial": 1
"signedby": ""
"state": "Tennessee"
"subject_name_hash": 3193428416
"type": 8
"until": "Thu Dec 29 15:05:38 2022"
networkPolicy:
enabled: true
ingress:
- from:
- ipBlock:
cidr: 172.17.0.0/16
except:
- 172.17.1.0/24
- namespaceSelector:
matchLabels:
project: myproject
- podSelector:
matchLabels:
role: frontend
- namespaceSelector:
matchLabels:
project: myproject2
podSelector:
matchLabels:
role: frontend2
ports:
- protocol: TCP
port: 6379
egress:
- to:
- ipBlock:
cidr: 172.17.2.0/16
except:
- 172.17.2.0/24
- namespaceSelector:
matchLabels:
project: myproject3
- podSelector:
matchLabels:
role: frontend3
- namespaceSelector:
matchLabels:
project: myproject4
podSelector:
matchLabels:
role: frontend4
ports:
- protocol: TCP
port: 5978

View File

@@ -1,205 +0,0 @@
image:
repository: ghcr.io/truecharts/whoami
pullPolicy: IfNotPresent
tag: v1.8.0@sha256:057b682b74eae04bdfc994050bc3a9c1ba5c13cb6f415464828f9d4219e7331f
service:
main:
ports:
main:
port: 8080
args:
- --port
- '8080'
ingress:
main:
enabled: true
probes:
liveness:
enabled: true
readiness:
enabled: true
startup:
enabled: true
persistence:
pvc-stock:
enabled: true
annotationsList: []
annotations: {}
labelsList: []
labels: {}
type: pvc
forceName: ""
mountPath:
readOnly: false
nameOverride:
storageClass:
existingClaim:
subPath:
accessMode: ReadWriteOnce
size: 1Gi
retain: false
pvc-forcedname:
enabled: true
annotationsList: []
annotations: {}
labelsList: []
labels: {}
type: pvc
forceName: "testname"
mountPath:
readOnly: false
nameOverride:
storageClass:
existingClaim:
subPath:
accessMode: ReadWriteOnce
size: 1Gi
retain: false
pvc-readonly:
enabled: true
annotationsList: []
annotations: {}
labelsList: []
labels: {}
type: pvc
forceName: ""
mountPath:
readOnly: true
nameOverride:
storageClass:
existingClaim:
subPath:
accessMode: ReadWriteOnce
size: 1Gi
retain: false
pvc-labeled:
enabled: true
annotationsList: []
annotations: {}
labelsList: []
labels:
labelexample1: labelvalue2
type: pvc
forceName: ""
mountPath:
readOnly: false
nameOverride:
storageClass:
existingClaim:
subPath:
accessMode: ReadWriteOnce
size: 1Gi
retain: false
pvc-labeled-list:
enabled: true
annotationsList: []
annotations: {}
labelsList:
- name: labelexample
value: labelcontent
labels: {}
type: pvc
forceName: ""
mountPath:
readOnly: false
nameOverride:
storageClass:
existingClaim:
subPath:
accessMode: ReadWriteOnce
size: 1Gi
retain: false
emptydir:
enabled: true
type: emptyDir
mountPath: /emptydir
medium:
sizeLimit:
emptydir-mem:
enabled: true
type: emptyDir
mountPath: /emptydirmem
medium: Memory
sizeLimit:
emptydir-size:
enabled: true
type: emptyDir
mountPath: /emptydirsize
medium:
sizeLimit: 1Gi
emptydir-memsize:
enabled: true
type: emptyDir
mountPath: /emptydirmemsize
medium: Memory
sizeLimit: 1Gi
hostpath-stock:
enabled: true
type: hostPath
hostPath: /usr
mountPath:
hostPathType: ""
readOnly: false
"ixCertificateAuthorities": {}
"ixCertificates":
"1":
"CA_type_existing": false
"CA_type_intermediate": false
"CA_type_internal": false
"CSR": ""
"DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost"
"cert_type": "CERTIFICATE"
"cert_type_CSR": false
"cert_type_existing": true
"cert_type_internal": false
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
"certificate_path": "/etc/certificates/freenas_default.crt"
"chain": false
"chain_list": [
"-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
]
"city": "Maryville"
"common": "localhost"
"country": "US"
"csr_path": "/etc/certificates/freenas_default.csr"
"digest_algorithm": "SHA256"
"email": "info@ixsystems.com"
"extensions":
"ExtendedKeyUsage": "TLS Web Server Authentication"
"SubjectAltName": "DNS:localhost"
"fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B"
"from": "Fri Sep 25 16:05:38 2020"
"id": 1
"internal": "NO"
"issuer": "external"
"key_length": 2048
"key_type": "RSA"
"lifetime": 825
"name": "freenas_default"
"organization": "iXsystems"
"organizational_unit": ""
"parsed": true
"privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n"
"privatekey_path": "/etc/certificates/freenas_default.key"
"revoked": false
"revoked_date": ""
"root_path": "/etc/certificates"
"san": [
"DNS:localhost"
]
"serial": 1
"signedby": ""
"state": "Tennessee"
"subject_name_hash": 3193428416
"type": 8
"until": "Thu Dec 29 15:05:38 2022"

View File

@@ -1,64 +0,0 @@
image:
repository: ghcr.io/truecharts/whoami
pullPolicy: IfNotPresent
tag: v1.8.0@sha256:057b682b74eae04bdfc994050bc3a9c1ba5c13cb6f415464828f9d4219e7331f
service:
main:
ports:
main:
port: 8080
args:
- --port
- '8080'
rbac:
enabled: true
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- extensions
- networking.k8s.io
resources:
- ingresses
- ingressclasses
verbs:
- get
- list
- watch
- apiGroups:
- extensions
- networking.k8s.io
resources:
- ingresses/status
verbs:
- update
- apiGroups:
- traefik.containo.us
resources:
- ingressroutes
- ingressroutetcps
- ingressrouteudps
- middlewares
- middlewaretcps
- tlsoptions
- tlsstores
- traefikservices
- serverstransports
verbs:
- get
- list
- watch
serviceAccount:
create: true

View File

@@ -1,91 +0,0 @@
image:
repository: ghcr.io/truecharts/whoami
pullPolicy: IfNotPresent
tag: v1.8.0@sha256:057b682b74eae04bdfc994050bc3a9c1ba5c13cb6f415464828f9d4219e7331f
service:
main:
ports:
main:
port: 8080
args:
- --port
- '8080'
ingress:
main:
enabled: true
probes:
liveness:
enabled: true
readiness:
enabled: true
startup:
enabled: true
persistence:
simple-pvc:
enabled: true
type: simplePVC
simple-hostpath:
enabled: true
type: simpleHP
hostPathSimple: /usr
setPermissionsSimple: false
"ixCertificateAuthorities": {}
"ixCertificates":
"1":
"CA_type_existing": false
"CA_type_intermediate": false
"CA_type_internal": false
"CSR": ""
"DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost"
"cert_type": "CERTIFICATE"
"cert_type_CSR": false
"cert_type_existing": true
"cert_type_internal": false
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
"certificate_path": "/etc/certificates/freenas_default.crt"
"chain": false
"chain_list": [
"-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
]
"city": "Maryville"
"common": "localhost"
"country": "US"
"csr_path": "/etc/certificates/freenas_default.csr"
"digest_algorithm": "SHA256"
"email": "info@ixsystems.com"
"extensions":
"ExtendedKeyUsage": "TLS Web Server Authentication"
"SubjectAltName": "DNS:localhost"
"fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B"
"from": "Fri Sep 25 16:05:38 2020"
"id": 1
"internal": "NO"
"issuer": "external"
"key_length": 2048
"key_type": "RSA"
"lifetime": 825
"name": "freenas_default"
"organization": "iXsystems"
"organizational_unit": ""
"parsed": true
"privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n"
"privatekey_path": "/etc/certificates/freenas_default.key"
"revoked": false
"revoked_date": ""
"root_path": "/etc/certificates"
"san": [
"DNS:localhost"
]
"serial": 1
"signedby": ""
"state": "Tennessee"
"subject_name_hash": 3193428416
"type": 8
"until": "Thu Dec 29 15:05:38 2022"

View File

@@ -1,82 +0,0 @@
image:
repository: ghcr.io/truecharts/whoami
pullPolicy: IfNotPresent
tag: v1.8.0@sha256:057b682b74eae04bdfc994050bc3a9c1ba5c13cb6f415464828f9d4219e7331f
service:
main:
type: Simple
ports:
main:
port: 8080
args:
- --port
- '8080'
ingress:
main:
enabled: true
probes:
liveness:
enabled: true
readiness:
enabled: true
startup:
enabled: true
"ixCertificateAuthorities": {}
"ixCertificates":
"1":
"CA_type_existing": false
"CA_type_intermediate": false
"CA_type_internal": false
"CSR": ""
"DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost"
"cert_type": "CERTIFICATE"
"cert_type_CSR": false
"cert_type_existing": true
"cert_type_internal": false
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
"certificate_path": "/etc/certificates/freenas_default.crt"
"chain": false
"chain_list": [
"-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
]
"city": "Maryville"
"common": "localhost"
"country": "US"
"csr_path": "/etc/certificates/freenas_default.csr"
"digest_algorithm": "SHA256"
"email": "info@ixsystems.com"
"extensions":
"ExtendedKeyUsage": "TLS Web Server Authentication"
"SubjectAltName": "DNS:localhost"
"fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B"
"from": "Fri Sep 25 16:05:38 2020"
"id": 1
"internal": "NO"
"issuer": "external"
"key_length": 2048
"key_type": "RSA"
"lifetime": 825
"name": "freenas_default"
"organization": "iXsystems"
"organizational_unit": ""
"parsed": true
"privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n"
"privatekey_path": "/etc/certificates/freenas_default.key"
"revoked": false
"revoked_date": ""
"root_path": "/etc/certificates"
"san": [
"DNS:localhost"
]
"serial": 1
"signedby": ""
"state": "Tennessee"
"subject_name_hash": 3193428416
"type": 8
"until": "Thu Dec 29 15:05:38 2022"

View File

@@ -1,19 +0,0 @@
# Default Helm-Values
TrueCharts is primarily build to supply TrueNAS SCALE Apps.
However, we also supply all Apps as standard Helm-Charts. In this document we aim to document the default values in our values.yaml file.
Most of our Apps also consume our "common" Helm Chart.
If this is the case, this means that all values.yaml values are set to the common chart values.yaml by default. This values.yaml file will only contain values that deviate from the common chart.
You will, however, be able to use all values referenced in the common chart here, besides the values listed in this document.
## Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.repository | string | `"ghcr.io/truecharts/whoami"` | |
| image.tag | string | `"v1.8.0@sha256:057b682b74eae04bdfc994050bc3a9c1ba5c13cb6f415464828f9d4219e7331f"` | |
| service.main.ports.main.port | int | `8080` | |
All Rights Reserved - The TrueCharts Project

View File

@@ -1,123 +0,0 @@
---
hide:
- toc
---
# Security Overview
<link href="https://truecharts.org/_static/trivy.css" type="text/css" rel="stylesheet" />
## Helm-Chart
##### Scan Results
#### Chart Object: common-test/templates/common.yaml
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;securityContext.allowPrivilegeEscalation&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;RELEASE-NAME-common-test&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | <details><summary>Expand...</summary> Enforcing CPU limits prevents DoS via resource exhaustion. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;resources.limits.cpu&#39; </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv011">https://avd.aquasec.com/appshield/ksv011</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | <details><summary>Expand...</summary> When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;resources.requests.cpu&#39; </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv015">https://avd.aquasec.com/appshield/ksv015</a><br></details> |
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | <details><summary>Expand...</summary> When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;resources.requests.memory&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv016">https://avd.aquasec.com/appshield/ksv016</a><br></details> |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | <details><summary>Expand...</summary> Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;securityContext.privileged&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv017">https://avd.aquasec.com/appshield/ksv017</a><br></details> |
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | <details><summary>Expand...</summary> Enforcing memory limits prevents DoS via resource exhaustion. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;resources.limits.memory&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv018">https://avd.aquasec.com/appshield/ksv018</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-common-test&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-common-test&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | <details><summary>Expand...</summary> HostPath volumes must be forbidden. <br> <hr> <br> Deployment &#39;RELEASE-NAME-common-test&#39; should not set &#39;spec.template.volumes.hostPath&#39; </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv023">https://avd.aquasec.com/appshield/ksv023</a><br></details> |
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root primary or supplementary GID. <br> <hr> <br> Deployment &#39;RELEASE-NAME-common-test&#39; should set &#39;spec.securityContext.runAsGroup&#39;, &#39;spec.securityContext.supplementalGroups[*]&#39; and &#39;spec.securityContext.fsGroup&#39; to integer greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv029">https://avd.aquasec.com/appshield/ksv029</a><br></details> |
## Containers
##### Detected Containers
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
tccr.io/truecharts/whoami:v1.8.0@sha256:057b682b74eae04bdfc994050bc3a9c1ba5c13cb6f415464828f9d4219e7331f
##### Scan Results
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br></details> |
| busybox | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br></details> |
| ssl_client | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br></details> |
| ssl_client | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br></details> |
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br></details> |
| busybox | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br></details> |
| ssl_client | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br></details> |
| ssl_client | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br></details> |
#### Container: whoami
**gobinary**
| No Vulnerabilities found |
|:---------------------------------|

View File

@@ -1 +0,0 @@
{{ include "common.all" . }}

View File

@@ -1,123 +0,0 @@
image:
repository: b4bz/homer
tag: latest
pullPolicy: IfNotPresent
# -- Configure the ingresses for the chart here.
# Additional ingresses can be added by adding a dictionary key similar to the 'main' ingress.
# @default -- See below
ingress:
main:
# -- Enables or disables the ingress
enabled: true
# -- Make this the primary ingress (used in probes, notes, etc...).
# If there is more than 1 ingress, make sure that only 1 ingress is marked as primary.
primary: true
# -- Override the name suffix that is used for this ingress.
nameOverride:
# -- List of middlewares in the traefikmiddlewares k8s namespace to add automatically
# Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names
# Primarily used for TrueNAS SCALE to add additional (seperate) middlewares without exposing them to the end-user
fixedMiddlewares:
- chain-basic
# -- Additional List of middlewares in the traefikmiddlewares k8s namespace to add automatically
# Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names
middlewares: []
# -- Provide additional annotations which may be required.
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
# -- Provide additional labels which may be required.
labels: {}
# -- Set the ingressClass that is used for this ingress.
# Requires Kubernetes >=1.19
ingressClassName: # "nginx"
## Configure the hosts for the ingress
hosts:
- # -- Host address. Helm template can be passed.
host: chart-example.local
## Configure the paths for the host
paths:
- # -- Path. Helm template can be passed.
path: /
# -- Ignored if not kubeVersion >= 1.14-0
pathType: Prefix
service:
# -- Overrides the service name reference for this path
name:
# -- Overrides the service port reference for this path
port:
# -- Configure TLS for the ingress. Both secretName and hosts can process a Helm template.
tls:
# - secretName: chart-example-tls
# -- Create a secret from a GUI selected TrueNAS SCALE certificate
- scaleCert: 1
hosts:
- chart-example.local
- scaleCert: 1
hosts:
- chart-example2.local
"ixCertificateAuthorities": {}
"ixCertificates":
"1":
"CA_type_existing": false
"CA_type_intermediate": false
"CA_type_internal": false
"CSR": ""
"DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost"
"cert_type": "CERTIFICATE"
"cert_type_CSR": false
"cert_type_existing": true
"cert_type_internal": false
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
"certificate_path": "/etc/certificates/freenas_default.crt"
"chain": false
"chain_list": [
"-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
]
"city": "Maryville"
"common": "localhost"
"country": "US"
"csr_path": "/etc/certificates/freenas_default.csr"
"digest_algorithm": "SHA256"
"email": "info@ixsystems.com"
"extensions":
"ExtendedKeyUsage": "TLS Web Server Authentication"
"SubjectAltName": "DNS:localhost"
"fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B"
"from": "Fri Sep 25 16:05:38 2020"
"id": 1
"internal": "NO"
"issuer": "external"
"key_length": 2048
"key_type": "RSA"
"lifetime": 825
"name": "freenas_default"
"organization": "iXsystems"
"organizational_unit": ""
"parsed": true
"privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n"
"privatekey_path": "/etc/certificates/freenas_default.key"
"revoked": false
"revoked_date": ""
"root_path": "/etc/certificates"
"san": [
"DNS:localhost"
]
"serial": 1
"signedby": ""
"state": "Tennessee"
"subject_name_hash": 3193428416
"type": 8
"until": "Thu Dec 29 15:05:38 2022"

View File

@@ -1,10 +0,0 @@
image:
repository: ghcr.io/truecharts/whoami
pullPolicy: IfNotPresent
tag: v1.8.0@sha256:057b682b74eae04bdfc994050bc3a9c1ba5c13cb6f415464828f9d4219e7331f
service:
main:
ports:
main:
port: 8080

View File

@@ -1,23 +0,0 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

File diff suppressed because it is too large Load Diff

View File

@@ -1,18 +0,0 @@
apiVersion: v2
appVersion: "latest"
description: Function library for TrueCharts
home: https://github.com/truecharts/apps/tree/master/charts/common
icon: https://avatars.githubusercontent.com/u/76400755
keywords:
- truecharts
- library-chart
- common
kubeVersion: '>=1.16.0-0'
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: common
sources: null
type: library
version: 9.1.14

View File

@@ -1,29 +0,0 @@
# Introduction
Function library for TrueCharts
Function library for TrueCharts
Since a lot of the TrueCharts Apps and Charts follow a similar pattern, this library was built to reduce maintenance cost between the charts that use it and try achieve a goal of being DRY.
## Requirements
Kubernetes: `>=1.16.0-0`
## Dependencies
| Repository | Name | Version |
|------------|------|---------|
## Installing the Chart
This is a Helm Library Chart.
WARNING: THIS CHART IS NOT MEANT TO BE INSTALLED DIRECTLY
## Support
- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Adding-TrueCharts/) first.
- See the [Wiki](https://truecharts.org)
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
---
All Rights Reserved - The TrueCharts Project

View File

@@ -1,287 +0,0 @@
# Default Helm-Values
TrueCharts is primarily build to supply TrueNAS SCALE Apps.
However, we also supply all Apps as standard Helm-Charts. In this document we aim to document the default values in our Common Chart.
This chart is used by a lot of our Apps to provide sane defaults and logic.
## Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| TZ | string | `"UTC"` | Set Container Timezone |
| additionalContainers | object | `{}` | Specify any additional containers here as dictionary items. Each additional container should have its own key. Helm templates can be used. |
| addons | object | See below | The common chart supports several add-ons. These can be configured under this key. |
| addons.codeserver | object | See values.yaml | The common library supports adding a code-server add-on to access files. It can be configured under this key. For more info, check out [our docs](http://docs.k8s-at-home.com/our-helm-charts/common-library-add-ons/#code-server) |
| addons.codeserver.args | list | `["--auth","none"]` | Set codeserver command line arguments. Consider setting --user-data-dir to a persistent location to preserve code-server setting changes |
| addons.codeserver.enabled | bool | `false` | Enable running a code-server container in the pod |
| addons.codeserver.env | object | `{}` | Set any environment variables for code-server here |
| addons.codeserver.envList | list | `[]` | All variables specified here will be added to the codeserver sidecar container See the documentation of the codeserver image for all config values |
| addons.codeserver.git | object | See below | Optionally allow access a Git repository by passing in a private SSH key |
| addons.codeserver.git.deployKey | string | `""` | Raw SSH private key |
| addons.codeserver.git.deployKeyBase64 | string | `""` | Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence. |
| addons.codeserver.git.deployKeySecret | string | `""` | Existing secret containing SSH private key The chart expects it to be present under the `id_rsa` key. |
| addons.codeserver.ingress.enabled | bool | `false` | Enable an ingress for the code-server add-on. |
| addons.codeserver.service.enabled | bool | `true` | Enable a service for the code-server add-on. |
| addons.codeserver.workingDir | string | `"/"` | Specify the working dir that will be opened when code-server starts If not given, the app will default to the mountpah of the first specified volumeMount |
| addons.netshoot | object | See values.yaml | The common library supports adding a netshoot add-on to troubleshoot network issues within a Pod. It can be configured under this key. |
| addons.netshoot.enabled | bool | `false` | Enable running a netshoot container in the pod |
| addons.netshoot.env | object | `{}` | Set any environment variables for netshoot here |
| addons.netshoot.envList | list | `[]` | All variables specified here will be added to the netshoot sidecar container See the documentation of the netshoot image for all config values |
| addons.promtail | object | See values.yaml | The common library supports adding a promtail add-on to to access logs and ship them to loki. It can be configured under this key. |
| addons.promtail.args | list | `[]` | Set promtail command line arguments |
| addons.promtail.enabled | bool | `false` | Enable running a promtail container in the pod |
| addons.promtail.env | object | `{}` | Set any environment variables for promtail here |
| addons.promtail.envList | list | `[]` | All variables specified here will be added to the promtail sidecar container See the documentation of the promtail image for all config values |
| addons.promtail.logs | list | `[]` | The paths to logs on the volume |
| addons.promtail.loki | string | `""` | The URL to Loki |
| addons.vpn | object | See values.yaml | The common chart supports adding a VPN add-on. It can be configured under this key. For more info, check out [our docs](http://docs.k8s-at-home.com/our-helm-charts/common-library-add-ons/#wireguard-vpn) |
| addons.vpn.configFile | object | `{"enabled":true,"hostPath":"/vpn/vpn.conf","hostPathType":"File","noMount":true,"type":"hostPath"}` | Provide a customized vpn configuration file to be used by the VPN. |
| addons.vpn.configFile.hostPath | string | `"/vpn/vpn.conf"` | Which path on the host should be mounted. |
| addons.vpn.configFile.hostPathType | string | `"File"` | Specifying a hostPathType adds a check before trying to mount the path. See Kubernetes documentation for options. |
| addons.vpn.env | object | `{}` | All variables specified here will be added to the vpn sidecar container See the documentation of the VPN image for all config values |
| addons.vpn.envList | list | `[]` | All variables specified here will be added to the vpn sidecar container See the documentation of the VPN image for all config values |
| addons.vpn.openvpn | object | See below | OpenVPN specific configuration |
| addons.vpn.openvpn.username | string | `""` | Credentials to connect to the VPN Service (used with -a) Only using password is enough |
| addons.vpn.securityContext | object | See values.yaml | Set the VPN container specific securityContext |
| addons.vpn.type | string | `"disabled"` | Specify the VPN type. Valid options are disabled, openvpn or wireguard |
| affinity | object | `{}` | Defines affinity constraint rules. [[ref]](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) |
| alpineImage | object | See below | alpine specific configuration |
| alpineImage.pullPolicy | string | `"IfNotPresent"` | Specify the Alpine image pull policy |
| alpineImage.repository | string | `"ghcr.io/truecharts/alpine"` | Specify the Alpine image |
| alpineImage.tag | string | `"v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583"` | Specify the Alpine image tag |
| args | list | `[]` | Override the args for the default container |
| autoscaling | object | <disabled> | Add a Horizontal Pod Autoscaler |
| codeserverImage | object | See below | codeserver specific configuration |
| codeserverImage.pullPolicy | string | `"IfNotPresent"` | Specify the code-server image pull policy |
| codeserverImage.repository | string | `"ghcr.io/truecharts/code-server"` | Specify the code-server image |
| codeserverImage.tag | string | `"v4.2.0@sha256:82e2d802e59b26954096529aa08e83bebd2004da664fee9ab6c911e4f5ab6c48"` | Specify the code-server image tag |
| command | list | `[]` | Override the command(s) for the default container |
| configmap | object | See below | Configure configMaps for the chart here. Additional configMaps can be added by adding a dictionary key similar to the 'config' object. |
| configmap.config.annotations | object | `{}` | Annotations to add to the configMap |
| configmap.config.data | object | `{}` | configMap data content. Helm template enabled. |
| configmap.config.enabled | bool | `false` | Enables or disables the configMap |
| configmap.config.labels | object | `{}` | Labels to add to the configMap |
| controller.annotations | object | `{}` | Set annotations on the deployment/statefulset/daemonset |
| controller.annotationsList | list | `[]` | Set additional annotations on the deployment/statefulset/daemonset |
| controller.enabled | bool | `true` | enable the controller. |
| controller.labels | object | `{}` | Set labels on the deployment/statefulset/daemonset |
| controller.labelsList | list | `[]` | Set additional labels on the deployment/statefulset/daemonset |
| controller.replicas | int | `1` | Number of desired pods |
| controller.revisionHistoryLimit | int | `3` | ReplicaSet revision history limit |
| controller.rollingUpdate.partition | string | `nil` | Set statefulset RollingUpdate partition |
| controller.rollingUpdate.surge | string | `nil` | Set deployment RollingUpdate max surge |
| controller.rollingUpdate.unavailable | string | `nil` | Set deployment RollingUpdate max unavailable |
| controller.strategy | string | `nil` | Set the controller upgrade strategy For Deployments, valid values are Recreate (default) and RollingUpdate. For StatefulSets, valid values are OnDelete and RollingUpdate (default). DaemonSets ignore this. |
| controller.type | string | `"deployment"` | Set the controller type. Valid options are deployment, daemonset or statefulset |
| customCapabilities | object | `{"add":[],"drop":[]}` | Can be used to set securityContext.capabilities outside of the GUI on TrueNAS SCALE |
| deviceList | list | [] | Configure persistenceList for the chart here. Used to create an additional GUI element in SCALE for mounting USB devices Additional items can be added by adding a items similar to persistence |
| dnsConfig | object | `{"nameservers":[],"options":[{"name":"ndots","value":"1"}],"searches":[]}` | Optional DNS settings, configuring the ndots option may resolve nslookup issues on some Kubernetes setups. |
| dnsPolicy | string | `nil` | Defaults to "ClusterFirst" if hostNetwork is false and "ClusterFirstWithHostNet" if hostNetwork is true. |
| enableServiceLinks | bool | `false` | Enable/disable the generation of environment variables for services. [[ref]](https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#accessing-the-service) |
| env | object | `{}` | Main environment variables. Template enabled. Syntax options: A) TZ: UTC B) PASSWD: '{{ .Release.Name }}' C) PASSWD: envFrom: ... |
| envFrom | list | `[]` | |
| envTpl | object | `{}` | |
| envValueFrom | object | `{}` | |
| externalInterfaces | list | `[]` | Use this directly attach a pod to a SCALE interface. Please be aware: This bypasses k8s services |
| extraArgs | list | `[]` | Add args in addition to the arguments set by default. Primarily for the SCALE GUI |
| global.fullnameOverride | string | `nil` | Set the entire name definition |
| global.isSCALE | bool | `false` | |
| global.nameOverride | string | `nil` | Set an override for the prefix of the fullname |
| hostAliases | list | `[]` | Use hostAliases to add custom entries to /etc/hosts - mapping IP addresses to hostnames. [[ref]](https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/) |
| hostNetwork | bool | `false` | When using hostNetwork make sure you set dnsPolicy to `ClusterFirstWithHostNet` |
| hostname | string | `nil` | Allows specifying explicit hostname setting |
| image.pullPolicy | string | `nil` | image pull policy |
| image.repository | string | `nil` | image repository |
| image.tag | string | `nil` | image tag |
| imageSelector | string | `"image"` | Image Selector allows for easy picking a different image dict, important for the SCALE GUI |
| ingress | object | See below | Configure the ingresses for the chart here. Additional ingresses can be added by adding a dictionary key similar to the 'main' ingress. |
| ingress.main.annotations | object | `{}` | Provide additional annotations which may be required. |
| ingress.main.autoLink | bool | `false` | Autolink the ingress to a service and port, both with the same name as the ingress. |
| ingress.main.enableFixedMiddlewares | bool | `true` | disable to ignore any default middlwares |
| ingress.main.enabled | bool | `false` | Enables or disables the ingress |
| ingress.main.fixedMiddlewares | list | `["chain-basic"]` | List of middlewares in the traefikmiddlewares k8s namespace to add automatically Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names Primarily used for TrueNAS SCALE to add additional (seperate) middlewares without exposing them to the end-user |
| ingress.main.hosts[0].host | string | `"chart-example.local"` | Host address. Helm template can be passed. |
| ingress.main.hosts[0].paths[0].path | string | `"/"` | Path. Helm template can be passed. |
| ingress.main.hosts[0].paths[0].pathType | string | `"Prefix"` | Ignored if not kubeVersion >= 1.14-0 |
| ingress.main.hosts[0].paths[0].service.name | string | `nil` | Overrides the service name reference for this path |
| ingress.main.hosts[0].paths[0].service.port | string | `nil` | Overrides the service port reference for this path |
| ingress.main.ingressClassName | string | `nil` | Set the ingressClass that is used for this ingress. Requires Kubernetes >=1.19 |
| ingress.main.labels | object | `{}` | Provide additional labels which may be required. |
| ingress.main.middlewares | list | `[]` | Additional List of middlewares in the traefikmiddlewares k8s namespace to add automatically Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names |
| ingress.main.nameOverride | string | `nil` | Override the name suffix that is used for this ingress. |
| ingress.main.primary | bool | `true` | Make this the primary ingress (used in probes, notes, etc...). If there is more than 1 ingress, make sure that only 1 ingress is marked as primary. |
| ingress.main.tls | list | `[]` | Configure TLS for the ingress. Both secretName and hosts can process a Helm template. |
| ingressList | list | [] | Configure ingressList for the chart here. Additional items can be added by adding a items similar to ingress |
| initContainers | object | `{}` | Specify any initContainers here as dictionary items. Each initContainer should have its own key. The dictionary item key will determine the order. Helm templates can be used. |
| installContainers | object | `{}` | These containers will be run, as an initcontainer, a single time at install only. |
| lifecycle | object | `{}` | Configure the lifecycle for the main container |
| mariadb | object | See below | mariadb dependency configuration |
| mariadb.url | object | `{}` | can be used to make an easy accessable note which URLS to use to access the DB. |
| mariadbImage | object | See below | mariadb specific configuration |
| mariadbImage.pullPolicy | string | `"IfNotPresent"` | Specify the mariadb image pull policy |
| mariadbImage.repository | string | `"ghcr.io/truecharts/mariadb"` | Specify the mariadb image |
| mariadbImage.tag | string | `"v10.7.3@sha256:63743b10ac562b8f63abd3dfa246298c6678cfeb9e7559c65265f5066385fcf6"` | Specify the mariadb image tag |
| netshootImage | object | See below | netshoot specific configuration |
| netshootImage.pullPolicy | string | `"Always"` | Specify the netshoot image pull policy |
| netshootImage.repository | string | `"ghcr.io/truecharts/netshoot"` | Specify the netshoot image |
| netshootImage.tag | string | `"latest@sha256:505d3430ed7c1d43fed18dbd1177b76ecb6fc376113bc41d34da230c402a4855"` | Specify the netshoot image tag |
| networkPolicy | object | See below | Configure networkPolicy for the chart here. |
| networkPolicy.egress | list | `[]` | add or remove egress policies |
| networkPolicy.enabled | bool | `false` | Enables or disables the networkPolicy |
| networkPolicy.ingress | list | `[]` | add or remove egress policies |
| networkPolicy.policyType | string | `""` | add or remove Policy types. Options: ingress, egress, ingress-egress |
| nodeSelector | object | `{}` | Node selection constraint [[ref]](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) |
| openvpnImage | object | See below | OpenVPN specific configuration |
| openvpnImage.pullPolicy | string | `"IfNotPresent"` | Specify the openvpn client image pull policy |
| openvpnImage.repository | string | `"ghcr.io/truecharts/openvpn-client"` | Specify the openvpn client image |
| openvpnImage.tag | string | `"latest@sha256:bc3a56b2c195a4b4ce5c67fb0c209f38036521ebd316df2a7d68b425b9c48b30"` | Specify the openvpn client image tag |
| persistence | object | See below | Configure persistence for the chart here. Additional items can be added by adding a dictionary key similar to the 'config' key. |
| persistence.config | object | See below | Default persistence for configuration files. |
| persistence.config.accessMode | string | `"ReadWriteOnce"` | AccessMode for the persistent volume. Make sure to select an access mode that is supported by your storage provider! [[ref]](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) |
| persistence.config.annotations | object | `{}` | Add annotations to PVC object |
| persistence.config.enabled | bool | `false` | Enables or disables the persistence item |
| persistence.config.existingClaim | string | `nil` | If you want to reuse an existing claim, the name of the existing PVC can be passed here. |
| persistence.config.forceName | string | `""` | force the complete PVC name Will not add any prefix or suffix |
| persistence.config.labels | object | `{}` | Add labels to PVC object |
| persistence.config.mountPath | string | `nil` | Where to mount the volume in the main container. Defaults to `/<name_of_the_volume>`, setting to '-' creates the volume but disables the volumeMount. |
| persistence.config.nameOverride | string | `nil` | Override the name suffix that is used for this volume. |
| persistence.config.readOnly | bool | `false` | Specify if the volume should be mounted read-only. |
| persistence.config.size | string | `"999Gi"` | The amount of storage that is requested for the persistent volume. |
| persistence.config.storageClass | string | `nil` | Storage Class for the config volume. If set to `-`, dynamic provisioning is disabled. If set to `SCALE-ZFS`, the default provisioner for TrueNAS SCALE is used. If set to something else, the given storageClass is used. If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. |
| persistence.config.subPath | string | `nil` | Used in conjunction with `existingClaim`. Specifies a sub-path inside the referenced volume instead of its root |
| persistence.config.type | string | `"pvc"` | Sets the persistence type Valid options are: simplePVC, simpleHP, pvc, emptyDir, secret, configMap, hostPath or custom |
| persistence.configmap-example | object | See below | Example of a configmap mount |
| persistence.configmap-example.mountPath | string | `nil` | Where to mount the volume in the main container. Defaults to `/<name_of_the_volume>`, setting to '-' creates the volume but disables the volumeMount. |
| persistence.configmap-example.objectName | string | `"myconfig-map"` | Specify the name of the configmap object to be mounted |
| persistence.configmap-example.readOnly | bool | `false` | Specify if the volume should be mounted read-only. |
| persistence.custom-mount | object | See below | Example of a custom mount |
| persistence.custom-mount.mountPath | string | `nil` | Where to mount the volume in the main container. Defaults to `/<name_of_the_volume>`, setting to '-' creates the volume but disables the volumeMount. |
| persistence.custom-mount.readOnly | bool | `false` | Specify if the volume should be mounted read-only. |
| persistence.custom-mount.volumeSpec | object | `{}` | Define the custom Volume spec here [[ref]](https://kubernetes.io/docs/concepts/storage/volumes/) |
| persistence.host-bin | object | See below | Hostpath mountpoint to allow mounting the /bin folder to disable docker-compose [[ref]]https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) TODO Delete this once iX has blocked docker-compose |
| persistence.host-bin.hostPath | string | `"/bin"` | Which path on the host should be mounted. |
| persistence.host-bin.mountPath | string | `"/host/bin"` | Where to mount the path in the main container. Defaults to the value of `hostPath` |
| persistence.host-dev | object | See below | Example of a hostPath mount [[ref]]https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) |
| persistence.host-dev.hostPath | string | `"/dev"` | Which path on the host should be mounted. |
| persistence.host-dev.hostPathType | string | `""` | Specifying a hostPathType adds a check before trying to mount the path. See Kubernetes documentation for options. |
| persistence.host-dev.mountPath | string | `""` | Where to mount the path in the main container. Defaults to the value of `hostPath` |
| persistence.host-dev.readOnly | bool | `true` | Specify if the path should be mounted read-only. |
| persistence.host-dev.setPermissions | bool | `false` | Automatic set permissions using chown and chmod |
| persistence.host-simple-dev | object | See below | Example of a Simple hostPath mount [[ref]]https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) |
| persistence.host-simple-dev.hostPathSimple | string | `"/dev"` | Which path on the host should be mounted. |
| persistence.host-simple-dev.hostPathType | string | `""` | Specifying a hostPathType adds a check before trying to mount the path. See Kubernetes documentation for options. |
| persistence.host-simple-dev.mountPath | string | `""` | Where to mount the path in the main container. Defaults to the value of `hostPath` |
| persistence.host-simple-dev.readOnly | bool | `true` | Specify if the path should be mounted read-only. |
| persistence.host-simple-dev.setPermissionsSimple | bool | `false` | Automatic set permissions using chown and chmod |
| persistence.host-usr-bin | object | See below | Hostpath mountpoint to allow mounting the /usr/bin folder to disable docker-compose [[ref]]https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) TODO Delete this once iX has blocked docker-compose |
| persistence.host-usr-bin.hostPath | string | `"/usr/bin"` | Which path on the host should be mounted. |
| persistence.host-usr-bin.mountPath | string | `"/host/usr/bin"` | Where to mount the path in the main container. Defaults to the value of `hostPath` |
| persistence.secret-example | object | See below | Example of a secret mount |
| persistence.secret-example.defaultMode | int | `777` | define the default mount mode for the secret |
| persistence.secret-example.items | list | `[{"key":"username","path":"my-group/my-username"}]` | Define the secret items to be mounted |
| persistence.secret-example.mountPath | string | `nil` | Where to mount the volume in the main container. Defaults to `/<name_of_the_volume>`, setting to '-' creates the volume but disables the volumeMount. |
| persistence.secret-example.objectName | string | `"mysecret"` | Specify the name of the secret object to be mounted |
| persistence.secret-example.readOnly | bool | `false` | Specify if the volume should be mounted read-only. |
| persistence.shared | object | See below | Create an emptyDir volume to share between all containers [[ref]]https://kubernetes.io/docs/concepts/storage/volumes/#emptydir) |
| persistence.shared.medium | string | `nil` | Set the medium to "Memory" to mount a tmpfs (RAM-backed filesystem) instead of the storage medium that backs the node. |
| persistence.shared.sizeLimit | string | `nil` | If the `SizeMemoryBackedVolumes` feature gate is enabled, you can specify a size for memory backed volumes. |
| persistence.temp | object | See below | Create an emptyDir volume to share between all containers for temporary storage |
| persistence.temp.medium | string | `"Memory"` | Set the medium to "Memory" to mount a tmpfs (RAM-backed filesystem) instead of the storage medium that backs the node. |
| persistence.temp.sizeLimit | string | `nil` | If the `SizeMemoryBackedVolumes` feature gate is enabled, you can specify a size for memory backed volumes. |
| persistence.varlogs | object | See below | Create an emptyDir volume to share between all containers [[ref]]https://kubernetes.io/docs/concepts/storage/volumes/#emptydir) |
| persistence.varlogs.medium | string | `nil` | Set the medium to "Memory" to mount a tmpfs (RAM-backed filesystem) instead of the storage medium that backs the node. |
| persistence.varlogs.sizeLimit | string | `nil` | If the `SizeMemoryBackedVolumes` feature gate is enabled, you can specify a size for memory backed volumes. |
| persistence.varrun | object | See below | Create an emptyDir volume to share between all containers [[ref]]https://kubernetes.io/docs/concepts/storage/volumes/#emptydir) |
| persistence.varrun.medium | string | `"Memory"` | Set the medium to "Memory" to mount a tmpfs (RAM-backed filesystem) instead of the storage medium that backs the node. |
| persistence.varrun.sizeLimit | string | `nil` | If the `SizeMemoryBackedVolumes` feature gate is enabled, you can specify a size for memory backed volumes. |
| persistenceList | list | [] | Configure persistenceList for the chart here. Additional items can be added by adding a items similar to persistence |
| podAnnotations | object | `{}` | Set annotations on the pod |
| podAnnotationsList | list | `[]` | Set additional annotations on the pod |
| podLabels | object | `{}` | Set labels on the pod |
| podLabelsList | list | `[]` | Set additional labels on the pod |
| podSecurityContext | object | `{"fsGroup":568,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":568,"runAsUser":568,"supplementalGroups":[]}` | Configure the Security Context for the Pod |
| portal | object | `{"enabled":false}` | Set the primary portal for TrueNAS SCALE |
| portal.enabled | bool | `false` | enable generation of the portal configmap |
| postgresql | object | See below | Postgresql dependency configuration |
| postgresql.url | object | `{}` | can be used to make an easy accessable note which URLS to use to access the DB. |
| postgresqlImage | object | See below | postgresql specific configuration |
| postgresqlImage.pullPolicy | string | `"IfNotPresent"` | Specify the postgresql image pull policy |
| postgresqlImage.repository | string | `"ghcr.io/truecharts/postgresql"` | Specify the postgresql image |
| postgresqlImage.tag | string | `"v14.2.0@sha256:1461d3ab670fcc41923c92f330c932082f6653e031eefd1cc12123adb120f0c3"` | Specify the postgresql image tag |
| priorityClassName | string | `nil` | Custom priority class for different treatment by the scheduler |
| probes | object | See below | [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) |
| probes.liveness | object | See below | Liveness probe configuration |
| probes.liveness.custom | bool | `false` | Set this to `true` if you wish to specify your own livenessProbe |
| probes.liveness.enabled | bool | `true` | Enable the liveness probe |
| probes.liveness.path | string | "/" | If a HTTP probe is used (default for HTTP/HTTPS services) this path is used |
| probes.liveness.spec | object | See below | The spec field contains the values for the default livenessProbe. If you selected `custom: true`, this field holds the definition of the livenessProbe. |
| probes.liveness.type | string | "TCP" | sets the probe type when not using a custom probe |
| probes.readiness | object | See below | Redainess probe configuration |
| probes.readiness.custom | bool | `false` | Set this to `true` if you wish to specify your own readinessProbe |
| probes.readiness.enabled | bool | `true` | Enable the readiness probe |
| probes.readiness.path | string | "/" | If a HTTP probe is used (default for HTTP/HTTPS services) this path is used |
| probes.readiness.spec | object | See below | The spec field contains the values for the default readinessProbe. If you selected `custom: true`, this field holds the definition of the readinessProbe. |
| probes.readiness.type | string | "TCP" | sets the probe type when not using a custom probe |
| probes.startup | object | See below | Startup probe configuration |
| probes.startup.custom | bool | `false` | Set this to `true` if you wish to specify your own startupProbe |
| probes.startup.enabled | bool | `true` | Enable the startup probe |
| probes.startup.path | string | "/" | If a HTTP probe is used (default for HTTP/HTTPS services) this path is used |
| probes.startup.spec | object | See below | The spec field contains the values for the default startupProbe. If you selected `custom: true`, this field holds the definition of the startupProbe. |
| probes.startup.type | string | "TCP" | sets the probe type when not using a custom probe |
| promtailImage | object | See below | promtail specific configuration |
| promtailImage.pullPolicy | string | `"IfNotPresent"` | Specify the promtail image pull policy |
| promtailImage.repository | string | `"ghcr.io/truecharts/promtail"` | Specify the promtail image |
| promtailImage.tag | string | `"v2.4.2@sha256:171e08dcdd1d6c09bff949c37ce4f4756b9ee0132f8d84631986faa223562a30"` | Specify the promtail image tag |
| rbac | object | See below | Create a ClusterRole and ClusterRoleBinding |
| rbac.clusterRoleAnnotations | object | `{}` | Set labels on the ClusterRole |
| rbac.clusterRoleBindingAnnotations | object | `{}` | Set labels on the ClusterRoleBinding |
| rbac.clusterRoleBindingLabels | object | `{}` | Set Annotations on the ClusterRoleBinding |
| rbac.clusterRoleLabels | object | `{}` | Set Annotations on the ClusterRole |
| rbac.enabled | bool | `false` | Enables or disables the ClusterRole and ClusterRoleBinding |
| rbac.rules | object | `{}` | Set Rules on the ClusterRole |
| rbac.subjects | object | `{}` | Add subjects to the ClusterRoleBinding. includes the above created serviceaccount |
| redis | object | See below | Redis dependency configuration |
| redis.url | object | `{}` | can be used to make an easy accessable note which URLS to use to access the DB. |
| resources | object | `{"limits":{"cpu":"4000m","memory":"8Gi"},"requests":{"cpu":"10m","memory":"50Mi"}}` | Set the resource requests / limits for the main container. |
| schedulerName | string | `nil` | Allows specifying a custom scheduler name |
| secret | object | `{}` | Use this to populate a secret with the values you specify. Be aware that these values are not encrypted by default, and could therefore visible to anybody with access to the values.yaml file. |
| security | object | `{"PUID":568,"UMASK":2}` | Set the Process User ID (PUID) env-var seperately |
| securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"add":[],"drop":[]},"privileged":false,"readOnlyRootFilesystem":true,"runAsNonRoot":true}` | Configure the Security Context for the main container |
| service | object | See below | Configure the services for the chart here. Additional services can be added by adding a dictionary key similar to the 'main' service. |
| service.main.annotations | object | `{}` | Provide additional annotations which may be required. |
| service.main.enabled | bool | `true` | Enables or disables the service |
| service.main.ipFamilies | list | `[]` | The ip families that should be used. Options: IPv4, IPv6 |
| service.main.ipFamilyPolicy | string | `"SingleStack"` | Specify the ip policy. Options: SingleStack, PreferDualStack, RequireDualStack |
| service.main.labels | object | `{}` | Provide additional labels which may be required. |
| service.main.nameOverride | string | `nil` | Override the name suffix that is used for this service |
| service.main.ports | object | See below | Configure the Service port information here. Additional ports can be added by adding a dictionary key similar to the 'http' service. |
| service.main.ports.main.enabled | bool | `true` | Enables or disables the port |
| service.main.ports.main.nodePort | string | `nil` | Specify the nodePort value for the LoadBalancer and NodePort service types. [[ref]](https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport) |
| service.main.ports.main.port | string | `nil` | The port number |
| service.main.ports.main.primary | bool | `true` | Make this the primary port (used in probes, notes, etc...) If there is more than 1 service, make sure that only 1 port is marked as primary. |
| service.main.ports.main.protocol | string | `"HTTP"` | Port protocol. Support values are `HTTP`, `HTTPS`, `TCP` and `UDP`. HTTPS and HTTPS spawn a TCP service and get used for internal URL and name generation |
| service.main.ports.main.targetPort | string | `nil` | Specify a service targetPort if you wish to differ the service port from the application port. If `targetPort` is specified, this port number is used in the container definition instead of the `port` value. Therefore named ports are not supported for this field. |
| service.main.portsList | list | See below | Configure additional Service port information here. |
| service.main.primary | bool | `true` | Make this the primary service (used in probes, notes, etc...). If there is more than 1 service, make sure that only 1 service is marked as primary. |
| service.main.selector | object | `{}` | Override default selector |
| service.main.type | string | `"ClusterIP"` | Set the service type Options: Simple(Loadbalancer), LoadBalancer, ClusterIP, NodePort |
| serviceAccount | object | See below | Create serviceaccount |
| serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
| serviceAccount.create | bool | `false` | Specifies whether a service account should be created |
| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
| serviceList | list | See below | Configure additional services for the chart here. |
| stdin | bool | `false` | Determines whether containers in a pod runs with stdin enabled. |
| termination.gracePeriodSeconds | int | `10` | [[ref](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#lifecycle)] |
| termination.messagePath | string | `nil` | [[ref](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#lifecycle-1)] |
| termination.messagePolicy | string | `nil` | [[ref](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#lifecycle-1)] |
| tolerations | list | `[]` | Specify taint tolerations [[ref]](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) |
| topologySpreadConstraints | list | `[]` | Defines topologySpreadConstraint rules. [[ref]](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/) |
| tty | bool | `false` | Determines whether containers in a pod runs with TTY enabled. |
| upgradeContainers | object | `{}` | These containers will be run, as an initcontainer, a single time at each edit or update of the chart. |
| volumeClaimTemplates | list | `[]` | Used in conjunction with `controller.type: statefulset` to create individual disks for each instance. |
| wireguardImage | object | See below | WireGuard specific configuration |
| wireguardImage.pullPolicy | string | `"IfNotPresent"` | Specify the WireGuard image pull policy |
| wireguardImage.repository | string | `"ghcr.io/truecharts/wireguard"` | Specify the WireGuard image |
| wireguardImage.tag | string | `"v1.0.20210914@sha256:b7ae4f80183858ed6379b6f8f76f8ef4f1b474b222b8057e091ba0b4e5f62999"` | Specify the WireGuard image tag |
All Rights Reserved - The TrueCharts Project

View File

@@ -1,24 +0,0 @@
---
hide:
- toc
---
# Security Overview
<link href="https://truecharts.org/_static/trivy.css" type="text/css" rel="stylesheet" />
## Helm-Chart
##### Scan Results
| No Misconfigurations found |
|:---------------------------------|
## Containers
##### Detected Containers
##### Scan Results

View File

@@ -1,37 +0,0 @@
{{/*
This template serves as a blueprint for horizontal pod autoscaler objects that are created
using the common library.
*/}}
{{- define "common.hpa" -}}
{{- if .Values.autoscaling.enabled -}}
{{- $hpaName := include "common.names.fullname" . -}}
{{- $targetName := include "common.names.fullname" . }}
---
apiVersion: autoscaling/v2beta1
kind: HorizontalPodAutoscaler
metadata:
name: {{ $hpaName }}
labels:
{{- include "common.labels" . | nindent 4 }}
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: {{ include "common.names.controllerType" . }}
name: {{ .Values.autoscaling.target | default $targetName }}
minReplicas: {{ .Values.autoscaling.minReplicas | default 1 }}
maxReplicas: {{ .Values.autoscaling.maxReplicas | default 3 }}
metrics:
{{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
- type: Resource
resource:
name: cpu
targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
{{- end }}
{{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
- type: Resource
resource:
name: memory
targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
{{- end }}
{{- end -}}
{{- end -}}

View File

@@ -1,11 +0,0 @@
{{/*
Main entrypoint for the common library chart. It will render all underlying templates based on the provided values.
*/}}
{{- define "common.all" -}}
{{- /* Generate chart and dependency values */ -}}
{{- include "common.setup" . }}
{{- /* Generate remaining objects */ -}}
{{- include "common.postSetup" . }}
{{- end -}}

View File

@@ -1,19 +0,0 @@
{{/*
Renders the configMap objects required by the chart.
*/}}
{{- define "common.configmap" -}}
{{- /* Generate named configMaps as required */ -}}
{{- range $name, $configmap := .Values.configmap }}
{{- if $configmap.enabled -}}
{{- $configmapValues := $configmap -}}
{{/* set the default nameOverride to the configMap name */}}
{{- if not $configmapValues.nameOverride -}}
{{- $_ := set $configmapValues "nameOverride" $name -}}
{{ end -}}
{{- $_ := set $ "ObjectValues" (dict "configmap" $configmapValues) -}}
{{- include "common.classes.configmap" $ }}
{{- end }}
{{- end }}
{{- end }}

View File

@@ -1,40 +0,0 @@
{{/*
This template serves as the blueprint for the DaemonSet objects that are created
within the common library.
*/}}
{{- define "common.daemonset" }}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ include "common.names.fullname" . }}
labels:
{{- include "common.labels" . | nindent 4 }}
{{- with .Values.controller.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
annotations:
{{- include "common.annotations.workload" . | nindent 4 }}
{{- with .Values.controller.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit }}
selector:
matchLabels:
{{- include "common.labels.selectorLabels" . | nindent 6 }}
template:
metadata:
annotations:
{{- include "common.annotations.workload.spec" . | nindent 8 }}
{{- with .Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "common.labels.selectorLabels" . | nindent 8 }}
{{- with .Values.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- include "common.controller.pod" . | nindent 6 }}
{{- end }}

View File

@@ -1,58 +0,0 @@
{{/*
This template serves as the blueprint for the Deployment objects that are created
within the common library.
*/}}
{{- define "common.deployment" }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "common.names.fullname" . }}
labels:
{{- include "common.labels" . | nindent 4 }}
{{- with .Values.controller.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
annotations:
{{- include "common.annotations.workload" . | nindent 4 }}
{{- with .Values.controller.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit }}
replicas: {{ .Values.controller.replicas }}
{{- $strategy := default "Recreate" .Values.controller.strategy }}
{{- if and (ne $strategy "Recreate") (ne $strategy "RollingUpdate") }}
{{- fail (printf "Not a valid strategy type for Deployment (%s)" $strategy) }}
{{- end }}
strategy:
type: {{ $strategy }}
{{- with .Values.controller.rollingUpdate }}
{{- if and (eq $strategy "RollingUpdate") (or .surge .unavailable) }}
rollingUpdate:
{{- with .unavailable }}
maxUnavailable: {{ . }}
{{- end }}
{{- with .surge }}
maxSurge: {{ . }}
{{- end }}
{{- end }}
{{- end }}
selector:
matchLabels:
{{- include "common.labels.selectorLabels" . | nindent 6 }}
template:
metadata:
annotations:
{{- include "common.annotations.workload.spec" . | nindent 8 }}
{{- with .Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "common.labels.selectorLabels" . | nindent 8 }}
{{- with .Values.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- include "common.controller.pod" . | nindent 6 }}
{{- end }}

View File

@@ -1,51 +0,0 @@
{{/* Renders the Ingress objects required by the chart */}}
{{- define "common.ingress" -}}
{{- /* Generate named ingresses as required */ -}}
{{- range $name, $ingress := .Values.ingress }}
{{- if $ingress.enabled -}}
{{- $ingressValues := $ingress -}}
{{/* set defaults */}}
{{- if and (not $ingressValues.nameOverride) (ne $name (include "common.ingress.primary" $)) -}}
{{- $_ := set $ingressValues "nameOverride" $name -}}
{{- end -}}
{{- $_ := set $ "ObjectValues" (dict "ingress" $ingressValues) -}}
{{- include "common.classes.ingress" $ }}
{{- range $index, $tlsValues := $ingressValues.tls }}
{{- if .scaleCert }}
{{- $nameOverride := ( printf "%v-%v" "tls" $index ) -}}
{{- if $ingressValues.nameOverride -}}
{{- $nameOverride = ( printf "%v-%v-%v" $ingressValues.nameOverride "tls" $index ) -}}
{{- end }}
{{- $_ := set $tlsValues "nameOverride" $nameOverride -}}
{{- $_ := set $ "ObjectValues" (dict "certHolder" $tlsValues) -}}
{{- include "common.cert.secret" $ }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{/* Return the name of the primary ingress object */}}
{{- define "common.ingress.primary" -}}
{{- $enabledIngresses := dict -}}
{{- range $name, $ingress := .Values.ingress -}}
{{- if $ingress.enabled -}}
{{- $_ := set $enabledIngresses $name . -}}
{{- end -}}
{{- end -}}
{{- $result := "" -}}
{{- range $name, $ingress := $enabledIngresses -}}
{{- if and (hasKey $ingress "primary") $ingress.primary -}}
{{- $result = $name -}}
{{- end -}}
{{- end -}}
{{- if not $result -}}
{{- $result = keys $enabledIngresses | first -}}
{{- end -}}
{{- $result -}}
{{- end -}}

View File

@@ -1,162 +0,0 @@
{{/*
Blueprint for the NetworkPolicy object that can be included in the addon.
*/}}
{{- define "common.networkpolicy" -}}
{{- if .Values.networkPolicy.enabled }}
---
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
labels:
{{- include "common.labels" . | nindent 4 }}
name: {{ include "common.names.fullname" . }}
spec:
podSelector:
{{- if .Values.networkPolicy.podSelector }}
{{- with .Values.networkPolicy.podSelector }}
{{- . | toYaml | nindent 4 }}
{{- end -}}
{{- else }}
matchLabels:
{{- include "common.labels.selectorLabels" . | nindent 6 }}
{{- end }}
{{- if .Values.networkPolicy.policyType }}
{{- if eq .Values.networkPolicy.policyType "ingress" }}
policyTypes: ["Ingress"]
{{- else if eq .Values.networkPolicy.policyType "egress" }}
policyTypes: ["Egress"]
{{- else if eq .Values.networkPolicy.policyType "ingress-egress" }}
policyTypes: ["Ingress", "Egress"]
{{- end -}}
{{- end -}}
{{- if .Values.networkPolicy.egress }}
egress:
{{- range .Values.networkPolicy.egress }}
- to:
{{- range .to }}
{{- $nss := false }}
{{- $ipb := false }}
{{- if .ipBlock }}
{{- if .ipBlock.cidr }}
{{- $ipb = true }}
- ipBlock:
cidr: {{ .ipBlock.cidr }}
{{- if .ipBlock.except }}
except:
{{- range .ipBlock.except }}
- {{ . }}
{{- end }}
{{- end -}}
{{- end -}}
{{- end -}}
{{- if and ( .namespaceSelector ) ( not $ipb ) }}
{{- if or ( .namespaceSelector.matchLabels ) ( .namespaceSelector.matchExpressions ) -}}
{{- $nss = true }}
- namespaceSelector:
{{- if .namespaceSelector.matchLabels }}
matchLabels:
{{- .namespaceSelector.matchLabels | toYaml | nindent 12 }}
{{- end -}}
{{- if .namespaceSelector.matchExpressions }}
matchExpressions:
{{- .namespaceSelector.matchExpressions | toYaml | nindent 12 }}
{{- end -}}
{{- end -}}
{{- end -}}
{{- if and ( .podSelector ) ( not $ipb ) }}
{{- if or ( .podSelector.matchLabels ) ( .podSelector.matchExpressions ) }}
{{- if $nss }}
podSelector:
{{- else }}
- podSelector:
{{- end }}
{{- if .podSelector.matchLabels }}
matchLabels:
{{- .podSelector.matchLabels | toYaml | nindent 12 }}
{{- end -}}
{{- if .podSelector.matchExpressions }}
matchExpressions:
{{- .podSelector.matchExpressions | toYaml | nindent 12 }}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- with .ports }}
ports:
{{- . | toYaml | nindent 6 }}
{{- end -}}
{{- end -}}
{{- end -}}
{{- if .Values.networkPolicy.ingress }}
ingress:
{{- range .Values.networkPolicy.ingress }}
- from:
{{- range .from }}
{{- $nss := false }}
{{- $ipb := false }}
{{- if .ipBlock }}
{{- if .ipBlock.cidr }}
{{- $ipb = true }}
- ipBlock:
cidr: {{ .ipBlock.cidr }}
{{- if .ipBlock.except }}
except:
{{- range .ipBlock.except }}
- {{ . }}
{{- end }}
{{- end -}}
{{- end -}}
{{- end -}}
{{- if and ( .namespaceSelector ) ( not $ipb ) }}
{{- if or ( .namespaceSelector.matchLabels ) ( .namespaceSelector.matchExpressions ) -}}
{{- $nss = true }}
- namespaceSelector:
{{- if .namespaceSelector.matchLabels }}
matchLabels:
{{- .namespaceSelector.matchLabels | toYaml | nindent 12 }}
{{- end -}}
{{- if .namespaceSelector.matchExpressions }}
matchExpressions:
{{- .namespaceSelector.matchExpressions | toYaml | nindent 12 }}
{{- end -}}
{{- end -}}
{{- end -}}
{{- if and ( .podSelector ) ( not $ipb ) }}
{{- if or ( .podSelector.matchLabels ) ( .podSelector.matchExpressions ) }}
{{- if $nss }}
podSelector:
{{- else }}
- podSelector:
{{- end }}
{{- if .podSelector.matchLabels }}
matchLabels:
{{- .podSelector.matchLabels | toYaml | nindent 12 }}
{{- end -}}
{{- if .podSelector.matchExpressions }}
matchExpressions:
{{- .podSelector.matchExpressions | toYaml | nindent 12 }}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- with .ports }}
ports:
{{- . | toYaml | nindent 6 }}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}

View File

@@ -1,63 +0,0 @@
{{/*
Secondary entrypoint and primary loader for the common chart
*/}}
{{- define "common.postSetup" -}}
{{- /* Render the externalInterfaces */ -}}
{{ include "common.classes.externalInterfaces" . | nindent 0 }}
{{- /* Enable code-server add-on if required */ -}}
{{- if .Values.addons.codeserver.enabled }}
{{- include "common.addon.codeserver" . }}
{{- end -}}
{{- /* Enable VPN add-on if required */ -}}
{{- if ne "disabled" .Values.addons.vpn.type -}}
{{- include "common.addon.vpn" . }}
{{- end -}}
{{- /* Enable promtail add-on if required */ -}}
{{- if .Values.addons.promtail.enabled }}
{{- include "common.addon.promtail" . }}
{{- end -}}
{{- /* Enable netshoot add-on if required */ -}}
{{- if .Values.addons.netshoot.enabled }}
{{- include "common.addon.netshoot" . }}
{{- end -}}
{{- /* Build the confimap */ -}}
{{ include "common.configmap" . | nindent 0 }}
{{- /* Build the templates */ -}}
{{- include "common.pvc" . }}
{{- include "common.serviceAccount" . }}
{{- if .Values.controller.enabled }}
{{- if eq .Values.controller.type "deployment" }}
{{- include "common.deployment" . | nindent 0 }}
{{ else if eq .Values.controller.type "daemonset" }}
{{- include "common.daemonset" . | nindent 0 }}
{{ else if eq .Values.controller.type "statefulset" }}
{{- include "common.statefulset" . | nindent 0 }}
{{ else }}
{{- fail (printf "Not a valid controller.type (%s)" .Values.controller.type) }}
{{- end -}}
{{- end -}}
{{ include "common.rbac" . | nindent 0 }}
{{ include "common.hpa" . | nindent 0 }}
{{ include "common.service" . | nindent 0 }}
{{ include "common.ingress" . | nindent 0 }}
{{- if .Values.secret -}}
{{ include "common.secret" . | nindent 0 }}
{{- end -}}
{{ include "common.configmap.portal" . | nindent 0 }}
{{ include "common.networkpolicy" . | nindent 0 }}
{{- end -}}

View File

@@ -1,16 +0,0 @@
{{/*
Renders the Persistent Volume Claim objects required by the chart.
*/}}
{{- define "common.pvc" -}}
{{- /* Generate pvc as required */ -}}
{{- range $index, $PVC := .Values.persistence }}
{{- if and $PVC.enabled (eq (default "pvc" $PVC.type) "pvc") (not $PVC.existingClaim) -}}
{{- $persistenceValues := $PVC -}}
{{- if not $persistenceValues.nameOverride -}}
{{- $_ := set $persistenceValues "nameOverride" $index -}}
{{- end -}}
{{- $_ := set $ "ObjectValues" (dict "persistence" $persistenceValues) -}}
{{- include "common.classes.pvc" $ | nindent 0 -}}
{{- end }}
{{- end }}
{{- end }}

View File

@@ -1,52 +0,0 @@
{{/*
This template serves as a blueprint for all PersistentVolumeClaim objects that are created
within the common library.
*/}}
{{- define "common.rbac" -}}
{{- if .Values.rbac.enabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "common.names.fullname" . }}
labels:
{{- include "common.labels" . | nindent 4 }}
{{- with .Values.rbac.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
annotations:
{{- with .Values.rbac.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.rbac.rules }}
rules:
{{- . | toYaml | nindent 4 }}
{{- end}}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "common.names.fullname" . }}
labels:
{{- include "common.labels" . | nindent 4 }}
{{- with .Values.rbac.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
annotations:
{{- with .Values.rbac.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ include "common.names.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ include "common.names.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end }}
{{- with .Values.rbac.subjects }}
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end -}}

View File

@@ -1,17 +0,0 @@
{{/*
The Secret object to be created.
*/}}
{{- define "common.secret" }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}
labels:
{{- include "common.labels" . | nindent 4 }}
type: Opaque
{{- with .Values.secret }}
stringData:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end }}

View File

@@ -1,43 +0,0 @@
{{/*
Renders the Service objects required by the chart.
*/}}
{{- define "common.service" -}}
{{- /* Generate named services as required */ -}}
{{- range $name, $service := .Values.service }}
{{- if $service.enabled -}}
{{- $serviceValues := $service -}}
{{/* set the default nameOverride to the service name */}}
{{- if and (not $serviceValues.nameOverride) (ne $name (include "common.service.primary" $)) -}}
{{- $_ := set $serviceValues "nameOverride" $name -}}
{{ end -}}
{{- $_ := set $ "ObjectValues" (dict "service" $serviceValues) -}}
{{- include "common.classes.service" $ }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Return the primary service object
*/}}
{{- define "common.service.primary" -}}
{{- $enabledServices := dict -}}
{{- range $name, $service := .Values.service -}}
{{- if $service.enabled -}}
{{- $_ := set $enabledServices $name . -}}
{{- end -}}
{{- end -}}
{{- $result := "" -}}
{{- range $name, $service := $enabledServices -}}
{{- if and (hasKey $service "primary") $service.primary -}}
{{- $result = $name -}}
{{- end -}}
{{- end -}}
{{- if not $result -}}
{{- $result = keys $enabledServices | first -}}
{{- end -}}
{{- $result -}}
{{- end -}}

View File

@@ -1,18 +0,0 @@
{{/*
The ServiceAccount object to be created.
*/}}
{{- define "common.serviceAccount" }}
{{- if .Values.serviceAccount.create }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }}
labels:
{{- include "common.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
{{- end }}

View File

@@ -1,68 +0,0 @@
{{/*
This template serves as the blueprint for the StatefulSet objects that are created
within the common library.
*/}}
{{- define "common.statefulset" }}
{{- $values := .Values }}
{{- $releaseName := .Release.Name }}
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "common.names.fullname" . }}
labels:
{{- include "common.labels" . | nindent 4 }}
{{- with .Values.controller.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.controller.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit }}
replicas: {{ .Values.controller.replicas }}
{{- $strategy := default "RollingUpdate" .Values.controller.strategy }}
{{- if and (ne $strategy "OnDelete") (ne $strategy "RollingUpdate") }}
{{- fail (printf "Not a valid strategy type for StatefulSet (%s)" $strategy) }}
{{- end }}
updateStrategy:
type: {{ $strategy }}
{{- if and (eq $strategy "RollingUpdate") .Values.controller.rollingUpdate.partition }}
rollingUpdate:
partition: {{ .Values.controller.rollingUpdate.partition }}
{{- end }}
selector:
matchLabels:
{{- include "common.labels.selectorLabels" . | nindent 6 }}
serviceName: {{ include "common.names.fullname" . }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "common.labels.selectorLabels" . | nindent 8 }}
{{- with .Values.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- include "common.controller.pod" . | nindent 6 }}
volumeClaimTemplates:
{{- range $index, $vct := .Values.volumeClaimTemplates }}
{{- $vctname := $index }}
{{- if $vct.name }}
{{- $vctname := $vct.name }}
{{- end }}
- metadata:
name: {{ $vctname }}
spec:
accessModes:
- {{ ( $vct.accessMode | default "ReadWriteOnce" ) | quote }}
resources:
requests:
storage: {{ $vct.size | default "999Gi" | quote }}
{{ include "common.storage.class" ( dict "persistence" $vct "global" $) }}
{{- end }}
{{- end }}

View File

@@ -1,50 +0,0 @@
{{/*
Template to render code-server addon
It will include / inject the required templates based on the given values.
*/}}
{{- define "common.addon.codeserver" -}}
{{- if .Values.addons.codeserver.enabled -}}
{{/* Append the code-server container to the additionalContainers */}}
{{- $container := include "common.addon.codeserver.container" . | fromYaml -}}
{{- if $container -}}
{{- $_ := set .Values.additionalContainers "addon-codeserver" $container -}}
{{- end -}}
{{/* Include the deployKeySecret if not empty */}}
{{- $secret := include "common.addon.codeserver.deployKeySecret" . -}}
{{- if $secret -}}
{{- $secret | nindent 0 -}}
{{- end -}}
{{/* Append the secret volume to the volumes */}}
{{- $volume := include "common.addon.codeserver.deployKeyVolumeSpec" . | fromYaml -}}
{{- if $volume -}}
{{- $_ := set .Values.persistence "deploykey" (dict "enabled" "true" "mountPath" "-" "type" "custom" "volumeSpec" $volume) -}}
{{- end -}}
{{/* Add the code-server service */}}
{{- if .Values.addons.codeserver.service.enabled -}}
{{- $serviceValues := .Values.addons.codeserver.service -}}
{{- $_ := set $serviceValues "nameOverride" "codeserver" -}}
{{- $_ := set $ "ObjectValues" (dict "service" $serviceValues) -}}
{{- include "common.classes.service" $ -}}
{{- $_ := unset $ "ObjectValues" -}}
{{- end -}}
{{/* Add the code-server ingress */}}
{{- if .Values.addons.codeserver.ingress.enabled -}}
{{- $ingressValues := .Values.addons.codeserver.ingress -}}
{{- $_ := set $ingressValues "nameOverride" "codeserver" -}}
{{/* Determine the target service name & port */}}
{{- $svcName := printf "%v-codeserver" (include "common.names.fullname" .) -}}
{{- $svcPort := .Values.addons.codeserver.service.ports.codeserver.port -}}
{{- range $_, $host := $ingressValues.hosts -}}
{{- $_ := set (index $host.paths 0) "service" (dict "name" $svcName "port" $svcPort) -}}
{{- end -}}
{{- $_ := set $ "ObjectValues" (dict "ingress" $ingressValues) -}}
{{- include "common.classes.ingress" $ -}}
{{- $_ := unset $ "ObjectValues" -}}
{{- end -}}
{{- end -}}
{{- end -}}

View File

@@ -1,50 +0,0 @@
{{/*
The code-server sidecar container to be inserted.
*/}}
{{- define "common.addon.codeserver.container" -}}
name: codeserver
image: "{{ .Values.codeserverImage.repository }}:{{ .Values.codeserverImage.tag }}"
imagePullPolicy: {{ .Values.codeserverImage.pullPolicy }}
securityContext:
runAsUser: 0
runAsGroup: 0
env:
{{- range $envList := .Values.addons.codeserver.envList }}
{{- if and $envList.name $envList.value }}
- name: {{ $envList.name }}
value: {{ $envList.value | quote }}
{{- else }}
{{- fail "Please specify name/value for codeserver environment variable" }}
{{- end }}
{{- end}}
{{- with .Values.addons.codeserver.env }}
{{- range $k, $v := . }}
- name: {{ $k }}
value: {{ $v | quote }}
{{- end }}
{{- end }}
ports:
- name: codeserver
containerPort: {{ .Values.addons.codeserver.service.ports.codeserver.port }}
protocol: TCP
args:
{{- range .Values.addons.codeserver.args }}
- {{ . | quote }}
{{- end }}
- "--port"
- "{{ .Values.addons.codeserver.service.ports.codeserver.port }}"
- {{ .Values.addons.codeserver.workingDir | default "/" }}
{{- with (include "common.controller.volumeMounts" . | trim) }}
volumeMounts:
{{ nindent 2 . }}
{{- end }}
{{- if or .Values.addons.codeserver.git.deployKey .Values.addons.codeserver.git.deployKeyBase64 .Values.addons.codeserver.git.deployKeySecret }}
- name: deploykey
mountPath: /root/.ssh/id_rsa
subPath: id_rsa
{{- end }}
{{- with .Values.addons.codeserver.resources }}
resources:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end -}}

View File

@@ -1,22 +0,0 @@
{{/*
The OpenVPN credentials secrets to be included.
*/}}
{{- define "common.addon.codeserver.deployKeySecret" -}}
{{- if or .Values.addons.codeserver.git.deployKey .Values.addons.codeserver.git.deployKeyBase64 }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ template "common.names.fullname" . }}-deploykey
labels:
{{- include "common.labels" . | nindent 4 }}
type: Opaque
{{- if .Values.addons.codeserver.git.deployKey }}
stringData:
id_rsa: {{ .Values.addons.codeserver.git.deployKey | quote }}
{{- else }}
data:
id_rsa: {{ .Values.addons.codeserver.git.deployKeyBase64 | quote }}
{{- end }}
{{- end }}
{{- end -}}

View File

@@ -1,17 +0,0 @@
{{/*
The volume (referencing git deploykey) to be inserted into additionalVolumes.
*/}}
{{- define "common.addon.codeserver.deployKeyVolumeSpec" -}}
{{- if or .Values.addons.codeserver.git.deployKey .Values.addons.codeserver.git.deployKeyBase64 .Values.addons.codeserver.git.deployKeySecret }}
secret:
{{- if .Values.addons.codeserver.git.deployKeySecret }}
secretName: {{ .Values.addons.codeserver.git.deployKeySecret }}
{{- else }}
secretName: {{ include "common.names.fullname" . }}-deploykey
{{- end }}
defaultMode: 256
items:
- key: id_rsa
path: id_rsa
{{- end -}}
{{- end -}}

View File

@@ -1,39 +0,0 @@
{{/*
The netshoot sidecar container to be inserted.
*/}}
{{- define "common.addon.netshoot.container" -}}
name: netshoot
image: "{{ .Values.netshootImage.repository }}:{{ .Values.netshootImage.tag }}"
imagePullPolicy: {{ .Values.netshootImage.pullPolicy }}
securityContext:
runAsUser: 0
runAsGroup: 0
capabilities:
add:
- NET_ADMIN
env:
{{- range $envList := .Values.addons.netshoot.envList }}
{{- if and $envList.name $envList.value }}
- name: {{ $envList.name }}
value: {{ $envList.value | quote }}
{{- else }}
{{- fail "Please specify name/value for netshoot environment variable" }}
{{- end }}
{{- end}}
{{- with .Values.addons.netshoot.env }}
{{- range $k, $v := . }}
- name: {{ $k }}
value: {{ $v | quote }}
{{- end }}
{{- end }}
command:
- /bin/sh
- -c
- sleep infinity
{{- with .Values.addons.netshoot.resources }}
resources:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end -}}

View File

@@ -1,13 +0,0 @@
{{/*
Template to render netshoot addon
It will include / inject the required templates based on the given values.
*/}}
{{- define "common.addon.netshoot" -}}
{{- if .Values.addons.netshoot.enabled -}}
{{/* Append the netshoot container to the additionalContainers */}}
{{- $container := include "common.addon.netshoot.container" . | fromYaml -}}
{{- if $container -}}
{{- $_ := set .Values.additionalContainers "addon-netshoot" $container -}}
{{- end -}}
{{- end -}}
{{- end -}}

View File

@@ -1,35 +0,0 @@
{{/*
The promtail config to be included.
*/}}
{{- define "common.addon.promtail.configmap" -}}
{{- if .Values.addons.promtail.enabled }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "common.names.fullname" . }}-promtail
labels:
{{- include "common.labels" . | nindent 4 }}
data:
promtail.yaml: |
server:
http_listen_port: 9080
grpc_listen_port: 0
positions:
filename: /tmp/positions.yaml
{{- with .Values.addons.promtail.loki }}
client:
url: {{ . }}
{{- end }}
scrape_configs:
{{- range .Values.addons.promtail.logs }}
- job_name: {{ .name }}
static_configs:
- targets:
- localhost
labels:
job: {{ .name }}
__path__: "{{ .path }}"
{{- end }}
{{- end -}}
{{- end -}}

View File

@@ -1,45 +0,0 @@
{{/*
The promtail sidecar container to be inserted.
*/}}
{{- define "common.addon.promtail.container" -}}
name: promtail
image: "{{ .Values.promtailImage.repository }}:{{ .Values.promtailImage.tag }}"
imagePullPolicy: {{ .Values.promtailImage.pullPolicy }}
securityContext:
runAsUser: 0
runAsGroup: 0
env:
{{- range $envList := .Values.addons.promtail.envList }}
{{- if and $envList.name $envList.value }}
- name: {{ $envList.name }}
value: {{ $envList.value | quote }}
{{- else }}
{{- fail "Please specify name/value for promtail environment variable" }}
{{- end }}
{{- end}}
{{- with .Values.addons.promtail.env }}
{{- range $k, $v := . }}
- name: {{ $k }}
value: {{ $v | quote }}
{{- end }}
{{- end }}
args:
{{- range .Values.addons.promtail.args }}
- {{ . | quote }}
{{- end }}
- "-config.file=/etc/promtail/promtail.yaml"
volumeMounts:
- name: promtail-config
mountPath: /etc/promtail/promtail.yaml
subPath: promtail.yaml
readOnly: true
{{- with (include "common.controller.volumeMounts" . | trim) }}
{{ nindent 2 . }}
{{- end }}
{{- with .Values.addons.promtail.resources }}
resources:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end -}}

View File

@@ -1,25 +0,0 @@
{{/*
Template to render promtail addon
It will include / inject the required templates based on the given values.
*/}}
{{- define "common.addon.promtail" -}}
{{- if .Values.addons.promtail.enabled -}}
{{/* Append the promtail container to the additionalContainers */}}
{{- $container := include "common.addon.promtail.container" . | fromYaml -}}
{{- if $container -}}
{{- $_ := set .Values.additionalContainers "addon-promtail" $container -}}
{{- end -}}
{{/* Include the configmap if not empty */}}
{{- $configmap := include "common.addon.promtail.configmap" . -}}
{{- if $configmap -}}
{{- $configmap | nindent 0 -}}
{{- end -}}
{{/* Append the promtail config volume to the volumes */}}
{{- $volume := include "common.addon.promtail.volumeSpec" . | fromYaml -}}
{{- if $volume -}}
{{- $_ := set .Values.persistence "promtail-config" (dict "enabled" "true" "mountPath" "-" "type" "custom" "volumeSpec" $volume) -}}
{{- end -}}
{{- end -}}
{{- end -}}

View File

@@ -1,7 +0,0 @@
{{/*
The volume (referencing config) to be inserted into additionalVolumes.
*/}}
{{- define "common.addon.promtail.volumeSpec" -}}
configMap:
name: {{ include "common.names.fullname" . }}-promtail
{{- end -}}

View File

@@ -1,20 +0,0 @@
{{/*
Template to render VPN addon
It will include / inject the required templates based on the given values.
*/}}
{{- define "common.addon.vpn" -}}
{{- if ne "disabled" .Values.addons.vpn.type -}}
{{- if eq "openvpn" .Values.addons.vpn.type -}}
{{- include "common.addon.openvpn" . }}
{{- end -}}
{{- if eq "wireguard" .Values.addons.vpn.type -}}
{{- include "common.addon.wireguard" . }}
{{- end -}}
{{- $_ := set .Values.persistence "vpnconfig" .Values.addons.vpn.configFile -}}
{{- end -}}
{{- end -}}

View File

@@ -1,17 +0,0 @@
{{/*
Template to render OpenVPN addon. It will add the container to the list of additionalContainers
and add a credentials secret if speciffied.
*/}}
{{- define "common.addon.openvpn" -}}
{{/* Append the openVPN container to the additionalContainers */}}
{{- $container := include "common.addon.openvpn.container" . | fromYaml -}}
{{- if $container -}}
{{- $_ := set .Values.additionalContainers "addon-openvpn" $container -}}
{{- end -}}
{{/* Include the secret if not empty */}}
{{- $secret := include "common.addon.openvpn.secret" . -}}
{{- if $secret -}}
{{- $secret | nindent 0 -}}
{{- end -}}
{{- end -}}

View File

@@ -1,72 +0,0 @@
{{/*
The OpenVPN sidecar container to be inserted.
*/}}
{{- define "common.addon.openvpn.container" -}}
name: openvpn
image: "{{ .Values.openvpnImage.repository }}:{{ .Values.openvpnImage.tag }}"
imagePullPolicy: {{ .Values.openvpnImage.pullPolicy }}
securityContext:
runAsUser: 0
runAsGroup: 0
capabilities:
add:
- NET_ADMIN
- SYS_MODULE
env:
{{- range $envList := .Values.addons.vpn.envList }}
{{- if and $envList.name $envList.value }}
- name: {{ $envList.name }}
value: {{ $envList.value | quote }}
{{- else }}
{{- fail "Please specify name/value for VPN environment variable" }}
{{- end }}
{{- end}}
{{- with .Values.addons.vpn.env }}
{{- range $k, $v := . }}
- name: {{ $k }}
value: {{ $v | quote }}
{{- end }}
{{- end }}
{{- if .Values.addons.vpn.killSwitch }}
- name: FIREWALL
value: "ON"
- name: ROUTE_1
value: "172.16.0.0/12"
{{- range $index, $value := .Values.addons.vpn.excludedNetworks_IPv4 }}
- name: ROUTE_{{ add $index 2 }}
value: {{ $value | quote }}
{{- end}}
{{- if .Values.addons.vpn.excludedNetworks_IPv6 }}
{{- $excludednetworksv6 := ""}}
{{- range .Values.addons.vpn.excludedNetworks_IPv4 }}
{{- $excludednetworksv6 = ( printf "%v;%v" $excludednetworksv6 . ) }}
{{- end}}
{{- range $index, $value := .Values.addons.vpn.excludedNetworks_IPv6 }}
- name: ROUTE6_{{ add $index 1 }}
value: {{ $value | quote }}
{{- end}}
{{- end }}
{{- end }}
{{- if or ( .Values.addons.vpn.openvpn.username ) ( .Values.addons.vpn.openvpn.password ) }}
envFrom:
- secretRef:
name: {{ include "common.names.fullname" . }}-openvpn
{{- end }}
volumeMounts:
- mountPath: {{ .Values.persistence.shared.mountPath }}
name: shared
{{- if .Values.addons.vpn.configFile }}
- name: vpnconfig
mountPath: /vpn/vpn.conf
{{- end }}
{{- with .Values.addons.vpn.livenessProbe }}
livenessProbe:
{{- toYaml . | nindent 2 }}
{{- end -}}
{{- with .Values.addons.vpn.resources }}
resources:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end -}}

View File

@@ -1,14 +0,0 @@
{{/*
The OpenVPN credentials secrets to be included.
*/}}
{{- define "common.addon.openvpn.secret" -}}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" $ }}-openvpn
labels:
{{- include "common.labels" $ | nindent 4 }}
data:
VPN_AUTH: {{ ( printf "%v;%v" .Values.addons.vpn.openvpn.username .Values.addons.vpn.openvpn.password ) | b64enc }}
{{- end -}}

View File

@@ -1,11 +0,0 @@
{{/*
Template to render Wireguard addon. It will add the container to the list of additionalContainers.
*/}}
*/}}
{{- define "common.addon.wireguard" -}}
{{/* Append the Wireguard container to the additionalContainers */}}
{{- $container := fromYaml (include "common.addon.wireguard.container" .) -}}
{{- if $container -}}
{{- $_ := set .Values.additionalContainers "addon-wireguard" $container -}}
{{- end -}}
{{- end -}}

View File

@@ -1,68 +0,0 @@
{{/*
The Wireguard sidecar container to be inserted.
*/}}
{{- define "common.addon.wireguard.container" -}}
name: wireguard
image: "{{ .Values.wireguardImage.repository }}:{{ .Values.wireguardImage.tag }}"
imagePullPolicy: {{ .Values.wireguardImage.pullPolicy }}
securityContext:
runAsUser: 568
runAsGroup: 568
capabilities:
add:
- NET_ADMIN
- SYS_MODULE
env:
- name: SEPARATOR
value: ";"
{{- range $envList := .Values.addons.vpn.envList }}
{{- if and $envList.name $envList.value }}
- name: {{ $envList.name }}
value: {{ $envList.value | quote }}
{{- else }}
{{- fail "Please specify name/value for VPN environment variable" }}
{{- end }}
{{- end}}
{{- with .Values.addons.vpn.env }}
{{- range $k, $v := . }}
- name: {{ $k }}
value: {{ $v | quote }}
{{- end }}
{{- end }}
{{- if .Values.addons.vpn.killSwitch }}
- name: KILLSWITCH
value: "true"
{{- $excludednetworksv4 := "172.16.0.0/12"}}
{{- range .Values.addons.vpn.excludedNetworks_IPv4 }}
{{- $excludednetworksv4 = ( printf "%v;%v" $excludednetworksv4 . ) }}
{{- end}}
- name: KILLSWITCH_EXCLUDEDNETWORKS_IPV4
value: {{ $excludednetworksv4 | quote }}
{{- if .Values.addons.vpn.excludedNetworks_IPv6 }}
{{- $excludednetworksv6 := ""}}
{{- range .Values.addons.vpn.excludedNetworks_IPv4 }}
{{- $excludednetworksv6 = ( printf "%v;%v" $excludednetworksv6 . ) }}
{{- end}}
- name: KILLSWITCH_EXCLUDEDNETWORKS_IPV6
value: {{ .Values.addons.vpn.excludedNetworks_IPv6 | quote }}
{{- end }}
{{- end }}
volumeMounts:
- mountPath: {{ .Values.persistence.shared.mountPath }}
name: shared
{{- if .Values.addons.vpn.configFile }}
- name: vpnconfig
mountPath: /etc/wireguard/wg0.conf
{{- end }}
{{- with .Values.addons.vpn.livenessProbe }}
livenessProbe:
{{- toYaml . | nindent 2 }}
{{- end -}}
{{- with .Values.addons.vpn.resources }}
resources:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end -}}

View File

@@ -1,37 +0,0 @@
{{/*
This template serves as a blueprint for all configMap objects that are created
within the common library.
*/}}
{{- define "common.classes.configmap" -}}
{{- $fullName := include "common.names.fullname" . -}}
{{- $configMapName := $fullName -}}
{{- $values := .Values.configmap -}}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.configmap -}}
{{- $values = . -}}
{{- end -}}
{{ end -}}
{{- if and (hasKey $values "nameOverride") $values.nameOverride -}}
{{- $configMapName = printf "%v-%v" $configMapName $values.nameOverride -}}
{{- end }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ $configMapName }}
labels:
{{- include "common.labels" . | nindent 4 }}
{{- with $values.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with $values.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
data:
{{- with $values.data }}
{{- tpl (toYaml .) $ | nindent 2 }}
{{- end }}
{{- end }}

View File

@@ -1,15 +0,0 @@
{{/*
This template serves as a blueprint for External Interface objects that are created
using the SCALE GUI.
*/}}
{{- define "common.classes.externalInterfaces" -}}
{{- range $index, $iface := .Values.ixExternalInterfacesConfiguration }}
---
apiVersion: "k8s.cni.cncf.io/v1"
kind: NetworkAttachmentDefinition
metadata:
name: ix-{{ $.Release.Name }}-{{ $index }}
spec:
config: '{{ $iface }}'
{{- end }}
{{- end -}}

View File

@@ -1,130 +0,0 @@
{{/*
This template serves as a blueprint for all Ingress objects that are created
within the common library.
*/}}
{{- define "common.classes.ingress" -}}
{{- $fullName := include "common.names.fullname" . -}}
{{- $ingressName := $fullName -}}
{{- $values := .Values.ingress -}}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.ingress -}}
{{- $values = . -}}
{{- end -}}
{{ end -}}
{{- if and (hasKey $values "nameOverride") $values.nameOverride -}}
{{- $ingressName = printf "%v-%v" $ingressName $values.nameOverride -}}
{{- end -}}
{{- $primaryService := get .Values.service (include "common.service.primary" .) -}}
{{- $autoLinkService := get .Values.service (include "common.service.primary" .) -}}
{{- $defaultServiceName := $fullName -}}
{{- if and (hasKey $primaryService "nameOverride") $primaryService.nameOverride -}}
{{- $defaultServiceName = printf "%v-%v" $defaultServiceName $primaryService.nameOverride -}}
{{- end -}}
{{- $defaultServicePort := get $primaryService.ports (include "common.classes.service.ports.primary" (dict "values" $primaryService)) -}}
{{- if and (hasKey $values "nameOverride") ( $values.nameOverride ) ( $values.autoLink ) -}}
{{- $autoLinkService = get .Values.service $values.nameOverride -}}
{{- $defaultServiceName = $ingressName -}}
{{- $defaultServicePort = get $autoLinkService.ports $values.nameOverride -}}
{{- end -}}
{{- $isStable := include "common.capabilities.ingress.isStable" . }}
{{- $mddwrNamespace := "default" }}
{{- if $values.ingressClassName }}
{{- $mddwrNamespace := ( printf "ix-%s" $values.ingressClassName ) }}
{{- end }}
{{- $fixedMiddlewares := "" }}
{{- if $values.enableFixedMiddlewares }}
{{ range $index, $fixedMiddleware := $values.fixedMiddlewares }}
{{- if $index }}
{{ $fixedMiddlewares = ( printf "%v, %v-%v@%v" $fixedMiddlewares $mddwrNamespace $fixedMiddleware "kubernetescrd" ) }}
{{- else }}
{{ $fixedMiddlewares = ( printf "%v-%v@%v" $mddwrNamespace $fixedMiddleware "kubernetescrd" ) }}
{{- end }}
{{ end }}
{{- end }}
{{- $middlewares := "" }}
{{ range $index, $middleware := $values.middlewares }}
{{- if $index }}
{{ $middlewares = ( printf "%v, %v-%v@%v" $middlewares $mddwrNamespace $middleware "kubernetescrd" ) }}
{{- else }}
{{ $middlewares = ( printf "%v-%v@%v" $mddwrNamespace $middleware "kubernetescrd" ) }}
{{- end }}
{{ end }}
{{- if and ( $fixedMiddlewares ) ( $middlewares ) }}
{{ $middlewares = ( printf "%v, %v" $fixedMiddlewares $middlewares ) }}
{{- else if $fixedMiddlewares }}
{{ $middlewares = ( printf "%s" $fixedMiddlewares ) }}
{{ end }}
---
apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }}
kind: Ingress
metadata:
name: {{ $ingressName }}
labels:
{{- include "common.labels" . | nindent 4 }}
{{- with $values.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
annotations:
"traefik.ingress.kubernetes.io/router.entrypoints": {{ $values.entrypoint | default "websecure" }}
"traefik.ingress.kubernetes.io/router.middlewares": {{ $middlewares | quote }}
{{- with $values.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if and $isStable $values.ingressClassName }}
ingressClassName: {{ $values.ingressClassName }}
{{- end }}
{{- if $values.tls }}
tls:
{{- range $index, $tlsValues := $values.tls }}
- hosts:
{{- range $tlsValues.hosts }}
- {{ tpl . $ | quote }}
{{- end }}
{{- if $tlsValues.scaleCert }}
secretName: {{ ( printf "%v-%v-%v-%v-%v-%v" $ingressName "tls" $index "ixcert" $tlsValues.scaleCert $.Release.Revision ) }}
{{- else if .secretName }}
secretName: {{ tpl .secretName $ | quote}}
{{- end }}
{{- end }}
{{- end }}
rules:
{{- range $values.hosts }}
- host: {{ tpl .host $ | quote }}
http:
paths:
{{- range .paths }}
{{- $service := $defaultServiceName -}}
{{- $port := $defaultServicePort.port -}}
{{- if .service -}}
{{- $service = default $service .service.name -}}
{{- $port = default $port .service.port -}}
{{- end }}
- path: {{ tpl .path $ | quote }}
{{- if $isStable }}
pathType: {{ default "Prefix" .pathType }}
{{- end }}
backend:
{{- if $isStable }}
service:
name: {{ $service }}
port:
number: {{ $port }}
{{- else }}
serviceName: {{ $service }}
servicePort: {{ $port }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

View File

@@ -1,50 +0,0 @@
{{/*
This template serves as a blueprint for all PersistentVolumeClaim objects that are created
within the common library.
*/}}
{{- define "common.classes.pvc" -}}
{{- $values := .Values.persistence -}}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.persistence -}}
{{- $values = . -}}
{{- end -}}
{{ end -}}
{{- $pvcName := include "common.names.fullname" . -}}
{{- if and (hasKey $values "nameOverride") $values.nameOverride -}}
{{- if not (eq $values.nameOverride "-") -}}
{{- $pvcName = printf "%v-%v" $pvcName $values.nameOverride -}}
{{ end -}}
{{ end }}
{{- if $values.forceName -}}
{{- $pvcName = $values.forceName -}}
{{ end }}
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ $pvcName }}
{{- if or $values.retain $values.annotations }}
annotations:
{{- if $values.retain }}
"helm.sh/resource-policy": keep
{{- end }}
{{- with $values.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
labels:
{{- include "common.labels" . | nindent 4 }}
{{- with $values.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
accessModes:
- {{ ( $values.accessMode | default "ReadWriteOnce" ) | quote }}
resources:
requests:
storage: {{ $values.size | default "999Gi" | quote }}
{{ include "common.storage.class" ( dict "persistence" $values "global" $ ) }}
{{- if $values.volumeName }}
volumeName: {{ $values.volumeName | quote }}
{{- end }}
{{- end -}}

View File

@@ -1,134 +0,0 @@
{{/*
This template serves as a blueprint for all Service objects that are created
within the common library.
*/}}
{{- define "common.classes.service" -}}
{{- $values := .Values.service -}}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.service -}}
{{- $values = . -}}
{{- end -}}
{{ end -}}
{{- $serviceName := include "common.names.fullname" . -}}
{{- if and (hasKey $values "nameOverride") $values.nameOverride -}}
{{- $serviceName = printf "%v-%v" $serviceName $values.nameOverride -}}
{{ end -}}
{{- $svcType := $values.type | default "" -}}
{{- $primaryPort := get $values.ports (include "common.classes.service.ports.primary" (dict "values" $values)) }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ $serviceName }}
labels:
{{- include "common.labels" . | nindent 4 }}
{{- if $values.labels }}
{{ toYaml $values.labels | nindent 4 }}
{{- end }}
annotations:
{{- if eq ( $primaryPort.protocol | default "" ) "HTTPS" }}
traefik.ingress.kubernetes.io/service.serversscheme: https
{{- end }}
{{- if eq ( $svcType | default "" ) "LoadBalancer" }}
metallb.universe.tf/allow-shared-ip: {{ include "common.names.fullname" . }}
{{- end }}
{{- with $values.annotations }}
{{ toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if (or (eq $svcType "ClusterIP") (empty $svcType)) }}
type: ClusterIP
{{- if $values.clusterIP }}
clusterIP: {{ $values.clusterIP }}
{{end}}
{{- else if eq $svcType "ExternalName" }}
type: {{ $svcType }}
externalName: {{ $values.externalName }}
{{- else if eq $svcType "ExternalIP" }}
{{- else if eq $svcType "LoadBalancer" }}
type: {{ $svcType }}
{{- if $values.loadBalancerIP }}
loadBalancerIP: {{ $values.loadBalancerIP }}
{{- end }}
{{- if $values.externalTrafficPolicy }}
externalTrafficPolicy: {{ $values.externalTrafficPolicy }}
{{- end }}
{{- if $values.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml $values.loadBalancerSourceRanges | nindent 4 }}
{{- end -}}
{{- else }}
type: {{ $svcType }}
{{- end }}
{{- if $values.sessionAffinity }}
sessionAffinity: {{ $values.sessionAffinity }}
{{- if $values.sessionAffinityConfig }}
sessionAffinityConfig:
{{ toYaml $values.sessionAffinityConfig | nindent 4 }}
{{- end -}}
{{- end }}
{{- with $values.externalIPs }}
externalIPs:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- if $values.publishNotReadyAddresses }}
publishNotReadyAddresses: {{ $values.publishNotReadyAddresses }}
{{- end }}
{{- if $values.ipFamilyPolicy }}
ipFamilyPolicy: {{ $values.ipFamilyPolicy }}
{{- end }}
{{- with $values.ipFamilies }}
ipFamilies:
{{ toYaml . | nindent 4 }}
{{- end }}
ports:
{{- range $name, $port := $values.ports }}
{{- if $port.enabled }}
- port: {{ $port.port }}
targetPort: {{ $port.targetPort | default $name }}
{{- if $port.protocol }}
{{- if or ( eq $port.protocol "HTTP" ) ( eq $port.protocol "HTTPS" ) ( eq $port.protocol "TCP" ) }}
protocol: TCP
{{- else }}
protocol: {{ $port.protocol }}
{{- end }}
{{- else }}
protocol: TCP
{{- end }}
name: {{ $name }}
{{- if (and (eq $svcType "NodePort") (not (empty $port.nodePort))) }}
nodePort: {{ $port.nodePort }}
{{ end }}
{{- end }}
{{- end }}
{{- if and ( ne $svcType "ExternalName" ) ( ne $svcType "ExternalIP" )}}
selector:
{{- if $values.selector }}
{{- with $values.selector }}
{{- tpl (toYaml .) $ | nindent 4 }}
{{- end }}
{{- else }}
{{- include "common.labels.selectorLabels" . | nindent 4 }}
{{- end }}
{{- end }}
{{- if eq $svcType "ExternalIP" }}
---
apiVersion: v1
kind: Endpoints
metadata:
name: {{ $serviceName }}
labels:
{{- include "common.labels" $ | nindent 4 }}
subsets:
- addresses:
- ip: {{ $values.externalIP }}
ports:
{{- range $name, $port := $values.ports }}
{{- if $port.enabled }}
- port: {{ $port.port | default 80 }}
name: {{ $name }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

View File

@@ -1,27 +0,0 @@
{{/*
Return the primary port for a given Service object.
*/}}
{{- define "common.classes.service.ports.primary" -}}
{{- $enabledPorts := dict -}}
{{- range $name, $port := .values.ports -}}
{{- if $port.enabled -}}
{{- $_ := set $enabledPorts $name . -}}
{{- end -}}
{{- end -}}
{{- if eq 0 (len $enabledPorts) }}
{{- fail (printf "No ports are enabled for service \"%s\"!" .serviceName) }}
{{- end }}
{{- $result := "" -}}
{{- range $name, $port := $enabledPorts -}}
{{- if and (hasKey $port "primary") $port.primary -}}
{{- $result = $name -}}
{{- end -}}
{{- end -}}
{{- if not $result -}}
{{- $result = keys $enabledPorts | first -}}
{{- end -}}
{{- $result -}}
{{- end -}}

View File

@@ -1,94 +0,0 @@
{{- define "common.configmap.portal" -}}
{{- if .Values.portal }}
{{- if .Values.portal.enabled }}
{{- $primaryService := get .Values.service (include "common.service.primary" .) }}
{{- $primaryPort := get $primaryService.ports (include "common.classes.service.ports.primary" (dict "values" $primaryService)) -}}
{{- $ingr := index .Values.ingress (keys .Values.ingress | first) -}}
{{- $host := "$node_ip" }}
{{- $port := 443 }}
{{- $protocol := "https" }}
{{- $path := "/" }}
{{- $ingressport := 443 }}
{{- if $ingr }}
{{- if $ingr.enabled }}
{{- range $ingr.hosts }}
{{- if .hostTpl }}
{{ $host = ( tpl .hostTpl $ ) }}
{{- else if .host }}
{{ $host = .host }}
{{- else }}
{{ $host = "$node_ip" }}
{{- end }}
{{- if .paths }}
{{- $path = (first .paths).path }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- $namespace := "default" }}
{{- if $ingr.ingressClassName }}
{{- $namespace := ( printf "ix-%s" $ingr.ingressClassName ) }}
{{- end }}
{{- $traefikportalhook := lookup "v1" "ConfigMap" $namespace "portalhook" }}
{{- $entrypoint := "websecure" }}
{{- if $ingr.entrypoint }}
{{- $entrypoint = $ingr.entrypoint }}
{{- end }}
{{- if .Values.portal.ingressPort }}
{{- $ingressport = .Values.portal.ingressPort }}
{{- else if $traefikportalhook }}
{{- if ( index $traefikportalhook.data $entrypoint ) }}
{{- $ingressport = ( index $traefikportalhook.data $entrypoint ) }}
{{- end }}
{{- end }}
{{- if eq $host "$node_ip" }}
{{- if eq $primaryService.type "NodePort" }}
{{- $port = $primaryPort.nodePort }}
{{- end }}
{{- if eq $primaryService.type "LoadBalancer" }}
{{- $port = $primaryPort.port }}
{{- end }}
{{- if eq $primaryPort.protocol "HTTP" }}
{{- $protocol = "http" }}
{{- end }}
{{- else }}
{{- $port = $ingressport }}
{{- if $ingr.tls }}
{{- $protocol = "https" }}
{{- end }}
{{- end }}
{{- if and ( .Values.portal.host ) ( eq $host "$node_ip" ) }}
{{- $host = ( tpl .Values.portal.host $ ) }}
{{- end }}
{{- if .Values.portal.path }}
{{- $path = ( tpl .Values.portal.path $ ) }}
{{- end }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: portal
labels:
{{ include "common.labels" . | nindent 4 }}
annotations:
rollme: {{ randAlphaNum 5 | quote }}
data:
protocol: {{ $protocol }}
host: {{ $host | quote }}
port: {{ $port | quote }}
path: {{ $path | quote }}
url: {{ ( printf "%v://%v:%v%v" $protocol $host $port $path ) | quote }}
{{- end }}
{{- end }}
{{- end -}}

View File

@@ -1,30 +0,0 @@
{{- define "common.cert.secret" -}}
{{- $secretName := include "common.names.fullname" . -}}
{{- if .ObjectValues.certHolder -}}
{{- if hasKey .ObjectValues.certHolder "nameOverride" -}}
{{- $secretName = ( printf "%v-%v-%v-%v" $secretName .ObjectValues.certHolder.nameOverride "ixcert" .ObjectValues.certHolder.scaleCert ) -}}
{{- else }}
{{- $secretName = ( printf "%v-%v-%v" $secretName "ixcert" .ObjectValues.certHolder.scaleCert ) -}}
{{ end -}}
{{ else }}
{{- $_ := set $ "ObjectValues" (dict "certHolder" .Values) -}}
{{- $secretName = ( printf "%v-%v-%v-%v" $secretName "scalecert" "ixcert" .Values.scaleCert ) -}}
{{ end -}}
{{- if eq (include "common.cert.available" $ ) "true" -}}
{{- printf "\n%s\n" "---" }}
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}-{{ .Release.Revision }}
labels: {{ include "common.labels" . | nindent 4 }}
type: kubernetes.io/tls
data:
tls.crt: {{ (include "common.cert.publicKey" $ ) | toString | b64enc | quote }}
tls.key: {{ (include "common.cert.privateKey" $ ) | toString | b64enc | quote }}
{{- end -}}
{{- end -}}

View File

@@ -1,57 +0,0 @@
{{/*
Retrieve true/false if certificate is configured
*/}}
{{- define "common.cert.available" -}}
{{- if .ObjectValues.certHolder.scaleCert -}}
{{- $values := (. | mustDeepCopy) -}}
{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.ObjectValues.certHolder.scaleCert) -}}
{{- template "common.cert_present" $values -}}
{{- else -}}
{{- false -}}
{{- end -}}
{{- end -}}
{{/*
Retrieve public key of certificate
*/}}
{{- define "common.cert.publicKey" -}}
{{- $values := (. | mustDeepCopy) -}}
{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.ObjectValues.certHolder.scaleCert "publicKey" true) -}}
{{ include "common.cert" $values }}
{{- end -}}
{{/*
Retrieve private key of certificate
*/}}
{{- define "common.cert.privateKey" -}}
{{- $values := (. | mustDeepCopy) -}}
{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.ObjectValues.certHolder.scaleCert) -}}
{{ include "common.cert" $values }}
{{- end -}}
{{/*
Retrieve true/false if certificate is available in ixCertificates
*/}}
{{- define "common.cert_present" -}}
{{- $values := . -}}
{{- hasKey $values.Values.ixCertificates ($values.commonCertOptions.certKeyName | toString) -}}
{{- end -}}
{{/*
Retrieve certificate from variable name
*/}}
{{- define "common.cert" -}}
{{- $values := . -}}
{{- $certKey := ($values.commonCertOptions.certKeyName | toString) -}}
{{- if hasKey $values.Values.ixCertificates $certKey -}}
{{- $cert := get $values.Values.ixCertificates $certKey -}}
{{- if $values.commonCertOptions.publicKey -}}
{{ $cert.certificate }}
{{- else -}}
{{ $cert.privatekey }}
{{- end -}}
{{- end -}}
{{- end -}}

View File

@@ -1,11 +0,0 @@
{{/* Common annotations shared across objects */}}
{{- define "common.annotations.workload.spec" -}}
rollme: {{ randAlphaNum 5 | quote }}
{{- if .Values.ixExternalInterfacesConfigurationNames }}
k8s.v1.cni.cncf.io/networks: {{ join ", " .Values.ixExternalInterfacesConfigurationNames }}
{{- end }}
{{- end -}}
{{- define "common.annotations.workload" -}}
rollme: {{ randAlphaNum 5 | quote }}
{{- end -}}

View File

@@ -1,19 +0,0 @@
{{/* Allow KubeVersion to be overridden. */}}
{{- define "common.capabilities.ingress.kubeVersion" -}}
{{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride -}}
{{- end -}}
{{/* Return the appropriate apiVersion for Ingress objects */}}
{{- define "common.capabilities.ingress.apiVersion" -}}
{{- print "networking.k8s.io/v1" -}}
{{- if semverCompare "<1.19" (include "common.capabilities.ingress.kubeVersion" .) -}}
{{- print "beta1" -}}
{{- end -}}
{{- end -}}
{{/* Check Ingress stability */}}
{{- define "common.capabilities.ingress.isStable" -}}
{{- if eq (include "common.capabilities.ingress.apiVersion" .) "networking.k8s.io/v1" -}}
{{- true -}}
{{- end -}}
{{- end -}}

View File

@@ -1,15 +0,0 @@
{{/* Common labels shared across objects */}}
{{- define "common.labels" -}}
helm.sh/chart: {{ include "common.names.chart" . }}
{{ include "common.labels.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{/* Selector labels shared across objects */}}
{{- define "common.labels.selectorLabels" -}}
app.kubernetes.io/name: {{ include "common.names.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}

View File

@@ -1,65 +0,0 @@
{{/* Expand the name of the chart */}}
{{- define "common.names.name" -}}
{{- $globalNameOverride := "" -}}
{{- if hasKey .Values "global" -}}
{{- $globalNameOverride = (default $globalNameOverride .Values.global.nameOverride) -}}
{{- end -}}
{{- default .Chart.Name (default .Values.nameOverride $globalNameOverride) | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "common.names.fullname" -}}
{{- $name := include "common.names.name" . -}}
{{- $globalFullNameOverride := "" -}}
{{- if hasKey .Values "global" -}}
{{- $globalFullNameOverride = (default $globalFullNameOverride .Values.global.fullnameOverride) -}}
{{- end -}}
{{- if or .Values.fullnameOverride $globalFullNameOverride -}}
{{- $name = default .Values.fullnameOverride $globalFullNameOverride -}}
{{- else -}}
{{- if contains $name .Release.Name -}}
{{- $name = .Release.Name -}}
{{- else -}}
{{- $name = printf "%s-%s" .Release.Name $name -}}
{{- end -}}
{{- end -}}
{{- trunc 63 $name | trimSuffix "-" -}}
{{- end -}}
{{/* Create chart name and version as used by the chart label */}}
{{- define "common.names.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/* Create the name of the ServiceAccount to use */}}
{{- define "common.names.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{- default (include "common.names.fullname" .) .Values.serviceAccount.name -}}
{{- else -}}
{{- default "default" .Values.serviceAccount.name -}}
{{- end -}}
{{- end -}}
{{/* Return the properly cased version of the controller type */}}
{{- define "common.names.controllerType" -}}
{{- if eq .Values.controller.type "deployment" -}}
{{- print "Deployment" -}}
{{- else if eq .Values.controller.type "daemonset" -}}
{{- print "DaemonSet" -}}
{{- else if eq .Values.controller.type "statefulset" -}}
{{- print "StatefulSet" -}}
{{- else -}}
{{- fail (printf "Not a valid controller.type (%s)" .Values.controller.type) -}}
{{- end -}}
{{- end -}}
{{/*
Create the "name" + "." + "namespace" fqdn
*/}}
{{- define "common.names.fqdn" -}}
{{- printf "%s.%s" (include "common.names.fullname" .) .Release.Namespace | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

View File

@@ -1,14 +0,0 @@
{{- define "common.setup" -}}
{{- /* Merge the local chart values and the common chart defaults */ -}}
{{- include "common.values" . }}
{{- /* Autogenerate postgresql passwords if needed */ -}}
{{- include "common.dependencies.postgresql.injector" . }}
{{- /* Autogenerate redis passwords if needed */ -}}
{{- include "common.dependencies.redis.injector" . }}
{{- /* Autogenerate mariadb passwords if needed */ -}}
{{- include "common.dependencies.mariadb.injector" . }}
{{- end -}}

View File

@@ -1,283 +0,0 @@
{{/* Merge the local chart values and the common chart defaults */}}
{{- define "common.values" -}}
{{- if .Values.common -}}
{{- $defaultValues := deepCopy .Values.common -}}
{{- $userValues := deepCopy (omit .Values "common") -}}
{{- $mergedValues := mustMergeOverwrite $defaultValues $userValues -}}
{{- $_ := set . "Values" (deepCopy $mergedValues) -}}
{{- end -}}
{{/* merge podAnnotationsList with podAnnotations */}}
{{- $podAnnotationsDict := dict }}
{{- range .Values.podAnnotationsList }}
{{- $_ := set $podAnnotationsDict .name .value }}
{{- end }}
{{- $podanno := merge .Values.podAnnotations $podAnnotationsDict }}
{{- $_ := set .Values "podAnnotations" (deepCopy $podanno) -}}
{{/* merge podLabelsList with podLabels */}}
{{- $podLabelsDict := dict }}
{{- range .Values.controller.labelsList }}
{{- $_ := set $podLabelsDict .name .value }}
{{- end }}
{{- $podlab := merge .Values.controller.labels $podLabelsDict }}
{{- $_ := set .Values.controller "labels" (deepCopy $podlab) -}}
{{/* merge controllerAnnotationsList with controllerAnnotations */}}
{{- $controllerAnnotationsDict := dict }}
{{- range .Values.controller.annotationsList }}
{{- $_ := set $controllerAnnotationsDict .name .value }}
{{- end }}
{{- $controlleranno := merge .Values.controller.annotations $controllerAnnotationsDict }}
{{- $_ := set .Values.controller "annotations" (deepCopy $controlleranno) -}}
{{/* merge controllerLabelsList with controllerLabels */}}
{{- $controllerLabelsDict := dict }}
{{- range .Values.controller.labelsList }}
{{- $_ := set $controllerLabelsDict .name .value }}
{{- end }}
{{- $controllerlab := merge .Values.controller.labels $controllerLabelsDict }}
{{- $_ := set .Values "labels" (deepCopy $controllerlab) -}}
{{/* merge persistenceList with Persitence */}}
{{- $perDict := dict }}
{{- range $index, $item := .Values.persistenceList -}}
{{- $name := ( printf "list-%s" ( $index | toString ) ) }}
{{- if $item.name }}
{{- $name = $item.name }}
{{- end }}
{{- $_ := set $perDict $name $item }}
{{- end }}
{{/* merge deviceList with Persitence */}}
{{- range $index, $item := .Values.deviceList -}}
{{- $name := ( printf "device-%s" ( $index | toString ) ) }}
{{- if $item.name }}
{{- $name = $item.name }}
{{- end }}
{{- $_ := set $perDict $name $item }}
{{- end }}
{{- $per := merge .Values.persistence $perDict }}
{{- $_ := set .Values "persistence" (deepCopy $per) -}}
{{/* merge persistenceAnnotationsList with persistenceAnnotations */}}
{{- range $index, $item := .Values.persistence }}
{{- if $item.enabled }}
{{- $persistenceAnnotationsDict := dict }}
{{- range $item.annotationsList }}
{{- $_ := set $persistenceAnnotationsDict .name .value }}
{{- end }}
{{- $tmp := $item.annotations }}
{{- $persistenceanno := merge $tmp $persistenceAnnotationsDict }}
{{- $_ := set $item "annotations" (deepCopy $persistenceanno) -}}
{{- end }}
{{- end }}
{{/* merge persistenceLabelsList with persistenceLabels */}}
{{- range $index, $item := .Values.persistence }}
{{- if $item.enabled }}
{{- $persistenceLabelsDict := dict }}
{{- range $item.labelsList }}
{{- $_ := set $persistenceLabelsDict .name .value }}
{{- end }}
{{- $tmp := $item.labels }}
{{- $persistencelab := merge $tmp $persistenceLabelsDict }}
{{- $_ := set $item "labels" (deepCopy $persistencelab) -}}
{{- end }}
{{- end }}
{{/* merge ingressList with ingress */}}
{{- $ingDict := dict }}
{{- range $index, $item := .Values.ingressList -}}
{{- $name := ( printf "list-%s" ( $index | toString ) ) }}
{{- if $item.name }}
{{- $name = $item.name }}
{{- end }}
{{- $_ := set $ingDict $name $item }}
{{- end }}
{{- $ing := merge .Values.ingress $ingDict }}
{{- $_ := set .Values "ingress" (deepCopy $ing) -}}
{{/* merge ingressAnnotationsList with ingressAnnotations */}}
{{- range $index, $item := .Values.ingress }}
{{- if $item.enabled }}
{{- $ingressAnnotationsDict := dict }}
{{- range $item.annotationsList }}
{{- $_ := set $ingressAnnotationsDict .name .value }}
{{- end }}
{{- $tmp := $item.annotations }}
{{- $ingressanno := merge $tmp $ingressAnnotationsDict }}
{{- $_ := set $item "annotations" (deepCopy $ingressanno) -}}
{{- end }}
{{- end }}
{{/* merge ingressLabelsList with ingressLabels */}}
{{- range $index, $item := .Values.ingress }}
{{- if $item.enabled }}
{{- $ingressLabelsDict := dict }}
{{- range $item.labelsList }}
{{- $_ := set $ingressLabelsDict .name .value }}
{{- end }}
{{- $tmp := $item.labels }}
{{- $ingresslab := merge $tmp $ingressLabelsDict }}
{{- $_ := set $item "labels" (deepCopy $ingresslab) -}}
{{- end }}
{{- end }}
{{/* Enable privileged securitycontext when deviceList is used */}}
{{- if .Values.securityContext.privileged }}
{{- else if .Values.deviceList }}
{{- $_ := set .Values.securityContext "privileged" true -}}
{{- $_ := set .Values.securityContext "allowPrivilegeEscalation" true -}}
{{- end }}
{{/* save supplementalGroups to placeholder variables */}}
{{- $fixedGroups := list 568 }}
{{- $valuegroups := list }}
{{- $devGroups := list }}
{{- $gpuGroups := list }}
{{/* put user-entered supplementalgroups in placeholder variable */}}
{{- if .Values.podSecurityContext.supplementalGroups }}
{{- $valuegroups = .Values.podSecurityContext.supplementalGroups }}
{{- end }}
{{/* Append requered groups to supplementalGroups when deviceList is used */}}
{{- if .Values.deviceList}}
{{- $devGroups = list 5 10 20 24 }}
{{- end }}
{{/* Append requered groups to supplementalGroups when scaleGPU is used */}}
{{- if .Values.scaleGPU }}
{{- $gpuGroups = list 44 107 }}
{{- end }}
{{/* combine and write all supplementalGroups to .Values */}}
{{- $supGroups := concat $fixedGroups $valuegroups $devGroups $gpuGroups }}
{{- $_ := set .Values.podSecurityContext "supplementalGroups" $supGroups -}}
{{/* merge serviceList with service */}}
{{- $portsDict := dict }}
{{- range $index, $item := .Values.serviceList -}}
{{- if $item.enabled }}
{{- $name := ( printf "list-%s" ( $index | toString ) ) }}
{{- if $item.name }}
{{- $name = $item.name }}
{{- end }}
{{- $_ := set $portsDict $name $item }}
{{- end }}
{{- end }}
{{- $srv := merge .Values.service $portsDict }}
{{- $_ := set .Values "service" (deepCopy $srv) -}}
{{/* merge portsList with ports */}}
{{- range $index, $item := .Values.service -}}
{{- if $item.enabled }}
{{- $portsDict := dict }}
{{- range $index2, $item2 := $item.portsList -}}
{{- if $item2.enabled }}
{{- $name := ( printf "list-%s" ( $index2 | toString ) ) }}
{{- if $item2.name }}
{{- $name = $item2.name }}
{{- end }}
{{- $_ := set $portsDict $name $item2 }}
{{- end }}
{{- $tmp := $item.ports }}
{{- $ports := merge $tmp $portsDict }}
{{- $_ := set $item "ports" (deepCopy $ports) -}}
{{- end }}
{{- end }}
{{- end }}
{{/* automatically set CAP_NET_BIND_SERVICE */}}
{{- $fixedCapAdd := list }}
{{- $customCapAdd := list }}
{{- $valueCapAdd := list }}
{{- $dynamicCapAdd := list }}
{{- $fixedCapDrop := list }}
{{- $customCapDrop := list }}
{{- $valueCapDrop := list }}
{{- $dynamicCapDrop := list }}
{{- if .Values.securityContext.capabilities.add }}
{{- $valueCapAdd = .Values.securityContext.capabilities.add }}
{{- end }}
{{- if .Values.securityContext.capabilities.drop }}
{{- $valueCapDrop = .Values.securityContext.capabilities.drop }}
{{- end }}
{{- if .Values.customCapabilities.add }}
{{- $customCapAdd = .Values.customCapabilities.add }}
{{- end }}
{{- if .Values.customCapabilities.drop }}
{{- $customCapDrop = .Values.customCapabilities.drop }}
{{- end }}
{{- $privPort := false }}
{{- range .Values.service }}
{{- range $name, $values := .ports }}
{{- if and ( $values.targetPort ) ( kindIs "int" $values.targetPort ) }}
{{- if ( semverCompare "<= 1024" ( toString $values.targetPort ) ) }}
{{- $privPort = true }}
{{- end }}
{{- else if and ( $values.port ) ( kindIs "int" $values.port ) }}
{{- if ( semverCompare "<= 1024" ( toString $values.port ) ) }}
{{- $privPort = true }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- if $privPort }}
{{- $dynamicCapAdd = list "NET_BIND_SERVICE" }}
{{- end }}
{{/* combine and write all capabilities to .Values */}}
{{- $CapAdd := concat $fixedCapAdd $valueCapAdd $dynamicCapAdd }}
{{- $CapDrop := concat $fixedCapDrop $valueCapDrop $dynamicCapDrop }}
{{- if $CapDrop }}
{{- $_ := set .Values.securityContext.capabilities "drop" $CapDrop -}}
{{- end }}
{{- if $CapAdd }}
{{- $_ := set .Values.securityContext.capabilities "add" $CapAdd -}}
{{- end }}
{{- range .Values.persistence }}
{{- if .type }}
{{- if eq .type "simplePVC" }}
{{- $_ := set . "type" "pvc" }}
{{- end }}
{{- if eq .type "simpleHP" }}
{{- $_ := set . "type" "hostPath" }}
{{- if .setPermissionsSimple }}
{{- $_ := set . "setPermissions" .setPermissionsSimple }}
{{- end }}
{{- if .hostPathSimple }}
{{- $_ := set . "hostPath" .hostPathSimple }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- range .Values.volumeClaimTemplates }}
{{- if .type }}
{{- if eq .type "simplePVC" }}
{{- $_ := set . "type" "pvc" }}
{{- end }}
{{- end }}
{{- end }}
{{- range .Values.service }}
{{- if .type }}
{{- if eq .type "Simple" }}
{{- $_ := set . "type" "LoadBalancer" }}
{{- end }}
{{- end }}
{{- end }}
{{- end -}}

View File

@@ -1,43 +0,0 @@
{{/*
This template serves as the blueprint for the mountPermissions job that is run
before chart installation.
*/}}
{{- define "common.controller.autopermissions" -}}
{{- $group := .Values.podSecurityContext.fsGroup -}}
{{- $hostPathMounts := dict -}}
{{- range $name, $mount := .Values.persistence -}}
{{- if and $mount.enabled $mount.setPermissions -}}
{{- $name = default ( $name| toString ) $mount.name -}}
{{- $_ := set $hostPathMounts $name $mount -}}
{{- end -}}
{{- end }}
- name: autopermissions
image: {{ .Values.alpineImage.repository }}:{{ .Values.alpineImage.tag }}
securityContext:
runAsUser: 0
privileged: false
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
resources:
{{- with .Values.resources }}
{{- toYaml . | nindent 4 }}
{{- end }}
command:
- "/bin/sh"
- "-c"
- "echo 'Automatically correcting permissions...';{{ if and ( .Values.addons.vpn.configFile.enabled ) ( not ( eq .Values.addons.vpn.type "disabled" )) }}chown -R 568:568 /vpn/vpn.conf; chmod -R g+w /vpn/vpn.conf || echo 'chmod failed for vpn config, are you running NFSv4 ACLs?';{{ end }}{{ range $_, $hpm := $hostPathMounts }}chown -R :{{ $group }} {{ $hpm.mountPath | squote }}; chmod -R g+w || echo 'chmod failed for {{ $hpm.mountPath }}, are you running NFSv4 ACLs?' {{ $hpm.mountPath | squote }};{{ end }}"
volumeMounts:
{{- if and ( .Values.addons.vpn.configFile.enabled ) ( not ( eq .Values.addons.vpn.type "disabled" )) }}
- name: vpnconfig
mountPath: /vpn/vpn.conf
{{- end }}
{{- range $name, $hpm := $hostPathMounts }}
- name: {{ $name }}
mountPath: {{ $hpm.mountPath }}
{{- if $hpm.subPath }}
subPath: {{ $hpm.subPath }}
{{- end }}
{{- end }}
{{- end -}}

View File

@@ -1,161 +0,0 @@
{{- /* The main container included in the controller */ -}}
{{- define "common.controller.mainContainer" -}}
- name: {{ include "common.names.fullname" . }}
image: {{ include "common.images.selector" . }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- with .Values.command }}
command:
{{- if kindIs "string" . }}
- {{ . }}
{{- else }}
{{ toYaml . | nindent 4 }}
{{- end }}
{{- end }}
{{- if or ( .Values.extraArgs ) ( .Values.args ) }}
args:
{{- with .Values.args }}
{{- if kindIs "string" . }}
- {{ . }}
{{- else }}
{{ toYaml . | nindent 4 }}
{{- end }}
{{- end }}
{{- with .Values.extraArgs }}
{{- if kindIs "string" . }}
- {{ . }}
{{- else }}
{{ toYaml . | nindent 4 }}
{{- end }}
{{- end }}
{{- end }}
tty: {{ .Values.tty }}
stdin: {{ .Values.stdin }}
{{- with .Values.securityContext }}
securityContext:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.lifecycle }}
lifecycle:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.termination.messagePath }}
terminationMessagePath: {{ . }}
{{- end }}
{{- with .Values.termination.messagePolicy }}
terminationMessagePolicy: {{ . }}
{{- end }}
env:
- name: PUID
value: {{ .Values.security.PUID | quote }}
- name: USER_ID
value: {{ .Values.security.PUID | quote }}
- name: UID
value: {{ .Values.security.PUID | quote }}
- name: UMASK
value: {{ .Values.security.UMASK | quote }}
- name: UMASK_SET
value: {{ .Values.security.UMASK | quote }}
- name: PGID
value: {{ .Values.podSecurityContext.fsGroup | quote }}
- name: GROUP_ID
value: {{ .Values.podSecurityContext.fsGroup | quote }}
- name: GID
value: {{ .Values.podSecurityContext.fsGroup | quote }}
{{- if or ( .Values.securityContext.readOnlyRootFilesystem ) ( .Values.securityContext.runAsNonRoot ) }}
- name: S6_READ_ONLY_ROOT
value: "1"
{{- end }}
{{- if not ( .Values.scaleGPU ) }}
- name: NVIDIA_VISIBLE_DEVICES
value: "void"
{{- else }}
- name: NVIDIA_DRIVER_CAPABILITIES
value: "all"
{{- end }}
- name: TZ
value: {{ .Values.TZ | quote }}
{{- with .Values.env }}
{{- range $k, $v := . }}
{{- $name := $k }}
{{- $value := $v }}
{{- if kindIs "int" $name }}
{{- $name = required "environment variables as a list of maps require a name field" $value.name }}
{{- end }}
- name: {{ quote $name }}
{{- if kindIs "map" $value -}}
{{- if hasKey $value "value" }}
{{- $value = $value.value -}}
{{- else if hasKey $value "valueFrom" }}
{{- toYaml $value | nindent 6 }}
{{- else }}
{{- dict "valueFrom" $value | toYaml | nindent 6 }}
{{- end }}
{{- end }}
{{- if not (kindIs "map" $value) }}
{{- if kindIs "string" $value }}
{{- $value = tpl $value $ }}
{{- end }}
value: {{ quote $value }}
{{- end }}
{{- end }}
{{- end }}
{{- range $key, $value := .Values.envTpl }}
- name: {{ $key }}
value: {{ tpl $value $ | quote }}
{{- end }}
{{- range $key, $value := .Values.envValueFrom }}
- name: {{ $key }}
valueFrom:
{{- if $value.secretKeyRef }}
secretKeyRef:
name: {{ tpl $value.secretKeyRef.name $ | quote }}
key: {{ tpl $value.secretKeyRef.key $ | quote }}
{{- else if $value.configMapRef }}
configMapRef:
name: {{ tpl $value.configMapRef.name $ | quote }}
key: {{ tpl $value.configMapRef.key $ | quote }}
{{- else }}
{{- $value | toYaml | nindent 8 }}
{{- end }}
{{- end }}
{{- range $envList := .Values.envList }}
{{- if and $envList.name $envList.value }}
- name: {{ $envList.name }}
value: {{ $envList.value | quote }}
{{- else }}
{{- fail "Please specify name/value for environment variable" }}
{{- end }}
{{- end}}
envFrom:
{{- range .Values.envFrom -}}
{{- if .secretRef }}
- secretRef:
name: {{ tpl .secretRef.name $ | quote }}
{{- else if .configMapRef }}
- configMapRef:
name: {{ tpl .configMapRef.name $ | quote }}
{{- else }}
{{- end }}
{{- end -}}
{{- if .Values.secret }}
- secretRef:
name: {{ include "common.names.fullname" . }}
{{- end }}
ports:
{{- include "common.controller.ports" . | trim | nindent 4 }}
{{- with (include "common.controller.volumeMounts" . | trim) }}
volumeMounts:
{{ nindent 4 . }}
{{- end }}
{{- include "common.controller.probes" . | trim | nindent 2 }}
{{/*
Merges the TrueNAS SCALE generated GPU info with the .Values.resources dict
*/}}
{{- $resources := dict "limits" ( .Values.scaleGPU | default dict ) }}
{{- $resources = merge $resources .Values.resources }}
resources:
{{- with $resources }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end -}}

View File

@@ -1,21 +0,0 @@
{{/*
This template serves as the blueprint for the mountPermissions job that is run
before chart installation.
TODO: delete docker compose deletion once iX has disabled it
*/}}
{{- define "common.controller.hostpatch" -}}
- name: hostpatch
image: {{ .Values.alpineImage.repository }}:{{ .Values.alpineImage.tag }}
securityContext:
runAsUser: 0
privileged: true
command:
- "/bin/sh"
- "-c"
- ( sysctl -w fs.inotify.max_user_watches=524288 || echo "error setting inotify") && ( sysctl -w fs.inotify.max_user_instances=512 || echo "error setting inotify") && ( chmod -x /host/usr/bin/docker-compose || echo "error locking docker-compose") && ( chmod -x /host/bin/docker-compose || echo "error locking docker-compose")
volumeMounts:
- mountPath: /host/usr/bin
name: host-usr-bin
- mountPath: /host/bin
name: host-bin
{{- end -}}

View File

@@ -1,130 +0,0 @@
{{- /*
The pod definition included in the controller.
*/ -}}
{{- define "common.controller.pod" -}}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 2 }}
{{- end }}
serviceAccountName: {{ include "common.names.serviceAccountName" . }}
{{- with .Values.podSecurityContext }}
securityContext:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
{{- with .Values.schedulerName }}
schedulerName: {{ . }}
{{- end }}
{{- with .Values.hostNetwork }}
hostNetwork: {{ . }}
{{- end }}
{{- with .Values.hostname }}
hostname: {{ . }}
{{- end }}
{{- if .Values.dnsPolicy }}
dnsPolicy: {{ .Values.dnsPolicy }}
{{- else if .Values.hostNetwork }}
dnsPolicy: ClusterFirstWithHostNet
{{- else }}
dnsPolicy: ClusterFirst
{{- end }}
{{- if or .Values.dnsConfig.options .Values.dnsConfig.nameservers .Values.dnsConfig.searches }}
dnsConfig:
{{- with .Values.dnsConfig.options }}
options:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.dnsConfig.nameservers }}
nameservers: []
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.dnsConfig.searches }}
searches: []
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
enableServiceLinks: {{ .Values.enableServiceLinks }}
{{- with .Values.termination.gracePeriodSeconds }}
terminationGracePeriodSeconds: {{ . }}
{{- end }}
initContainers:
{{- include "common.controller.autopermissions" . | nindent 2 }}
{{- include "common.controller.hostpatch" . | nindent 2 }}
{{- include "common.dependencies.postgresql.init" . | nindent 2 }}
{{- include "common.dependencies.mariadb.init" . | nindent 2 }}
{{- if .Release.IsInstall }}
{{- if .Values.installContainers }}
{{- $installContainers := list }}
{{- range $index, $key := (keys .Values.installContainers | uniq | sortAlpha) }}
{{- $container := get $.Values.installContainers $key }}
{{- if not $container.name -}}
{{- $_ := set $container "name" $key }}
{{- end }}
{{- $installContainers = append $installContainers $container }}
{{- end }}
{{- tpl (toYaml $installContainers) $ | nindent 2 }}
{{- end }}
{{- end }}
{{- if .Release.IsUpgrade }}
{{- if .Values.upgradeContainers }}
{{- $upgradeContainers := list }}
{{- range $index, $key := (keys .Values.upgradeContainers | uniq | sortAlpha) }}
{{- $container := get $.Values.upgradeContainers $key }}
{{- if not $container.name -}}
{{- $_ := set $container "name" $key }}
{{- end }}
{{- $upgradeContainers = append $upgradeContainers $container }}
{{- end }}
{{- tpl (toYaml $upgradeContainers) $ | nindent 2 }}
{{- end }}
{{- end }}
{{- if .Values.initContainers }}
{{- $initContainers := list }}
{{- range $index, $key := (keys .Values.initContainers | uniq | sortAlpha) }}
{{- $container := get $.Values.initContainers $key }}
{{- if not $container.name -}}
{{- $_ := set $container "name" $key }}
{{- end }}
{{- $initContainers = append $initContainers $container }}
{{- end }}
{{- tpl (toYaml $initContainers) $ | nindent 2 }}
{{- end }}
containers:
{{- include "common.controller.mainContainer" . | nindent 2 }}
{{- with .Values.additionalContainers }}
{{- $additionalContainers := list }}
{{- range $name, $container := . }}
{{- if not $container.name -}}
{{- $_ := set $container "name" $name }}
{{- end }}
{{- $additionalContainers = append $additionalContainers $container }}
{{- end }}
{{- tpl (toYaml $additionalContainers) $ | nindent 2 }}
{{- end }}
{{- with (include "common.controller.volumes" . | trim) }}
volumes:
{{- nindent 2 . }}
{{- end }}
{{- with .Values.hostAliases }}
hostAliases:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.topologySpreadConstraints }}
topologySpreadConstraints:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end -}}

View File

@@ -1,36 +0,0 @@
{{/*
Ports included by the controller.
*/}}
{{- define "common.controller.ports" -}}
{{- $ports := list -}}
{{- range .Values.service -}}
{{- if .enabled -}}
{{- range $name, $port := .ports -}}
{{- $_ := set $port "name" $name -}}
{{- $ports = mustAppend $ports $port -}}
{{- end }}
{{- end }}
{{- end }}
{{/* export/render the list of ports */}}
{{- if $ports -}}
{{- range $_ := $ports }}
{{- if .enabled }}
- name: {{ .name }}
{{- if and .targetPort (kindIs "string" .targetPort) }}
{{- fail (printf "Our charts do not support named ports for targetPort. (port name %s, targetPort %s)" .name .targetPort) }}
{{- end }}
containerPort: {{ .targetPort | default .port }}
{{- if .protocol }}
{{- if or ( eq .protocol "HTTP" ) ( eq .protocol "HTTPS" ) ( eq .protocol "TCP" ) }}
protocol: TCP
{{- else }}
protocol: {{ .protocol }}
{{- end }}
{{- else }}
protocol: TCP
{{- end }}
{{- end}}
{{- end -}}
{{- end -}}
{{- end -}}

View File

@@ -1,50 +0,0 @@
{{/*
Probes selection logic.
*/}}
{{- define "common.controller.probes" -}}
{{- $primaryService := get .Values.service (include "common.service.primary" .) -}}
{{- $primaryPort := "" -}}
{{- if $primaryService -}}
{{- $primaryPort = get $primaryService.ports (include "common.classes.service.ports.primary" (dict "serviceName" (include "common.service.primary" .) "values" $primaryService)) -}}
{{- end -}}
{{- $probeType := "TCP" -}}
{{- range $probeName, $probe := .Values.probes }}
{{- if $probe.enabled -}}
{{- $probeType = "TCP" -}}
{{- "" | nindent 0 }}
{{- $probeName }}Probe:
{{- if $probe.custom -}}
{{- $probe.spec | toYaml | nindent 2 }}
{{- else }}
{{- if and $primaryService $primaryPort -}}
{{- if $probe.type -}}
{{- if eq $probe.type "AUTO" -}}
{{- $probeType = $primaryPort.protocol -}}
{{- else -}}
{{- $probeType := $probe.type -}}
{{- end }}
{{- end }}
{{- if or ( eq $probeType "HTTPS" ) ( eq $probeType "HTTP" ) -}}
{{- "httpGet:" | nindent 2 }}
{{- printf "path: %v" $probe.path | nindent 4 }}
{{- printf "scheme: %v" $probeType | nindent 4 }}
{{- else -}}
{{- "tcpSocket:" | nindent 2 }}
{{- end }}
{{- if $primaryPort.targetPort }}
{{- printf "port: %v" $primaryPort.targetPort | nindent 4 }}
{{- else}}
{{- printf "port: %v" $primaryPort.port | nindent 4 }}
{{- end }}
{{- printf "initialDelaySeconds: %v" $probe.spec.initialDelaySeconds | nindent 2 }}
{{- printf "failureThreshold: %v" $probe.spec.failureThreshold | nindent 2 }}
{{- printf "timeoutSeconds: %v" $probe.spec.timeoutSeconds | nindent 2 }}
{{- printf "periodSeconds: %v" $probe.spec.periodSeconds | nindent 2 }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

View File

@@ -1,45 +0,0 @@
{{/* Volumes included by the controller */}}
{{- define "common.controller.volumeMounts" -}}
{{- range $index, $item := .Values.persistence }}
{{- if not $item.noMount }}
{{- $mountPath := (printf "/%v" $index) -}}
{{- if eq "hostPath" (default "pvc" $item.type) -}}
{{- $mountPath = $item.hostPath -}}
{{- end -}}
{{- with $item.mountPath -}}
{{- $mountPath = . -}}
{{- end }}
{{- if and $item.enabled (ne $mountPath "-") }}
- mountPath: {{ $mountPath }}
name: {{ $index }}
{{- with $item.subPath }}
subPath: {{ . }}
{{- end }}
{{- with $item.readOnly }}
readOnly: {{ . }}
{{- end }}
{{- with $item.mountPropagation }}
mountPropagation: {{ . }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- if eq .Values.controller.type "statefulset" }}
{{- range $index, $vct := .Values.volumeClaimTemplates }}
{{- $vctname := $index }}
{{- if $vct.name }}
{{- $vctname := $vct.name }}
{{- end }}
{{- if not $vct.noMount }}
- mountPath: {{ $vct.mountPath }}
name: {{ $vctname }}
{{- if $vct.subPath }}
subPath: {{ $vct.subPath }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end -}}

View File

@@ -1,67 +0,0 @@
{{/*
Volumes included by the controller.
*/}}
{{- define "common.controller.volumes" -}}
{{- range $index, $persistence := .Values.persistence }}
{{- if $persistence.enabled }}
- name: {{ $index }}
{{- if eq (default "pvc" $persistence.type) "pvc" }}
{{- $pvcName := (include "common.names.fullname" $) -}}
{{- if $persistence.existingClaim }}
{{- /* Always prefer an existingClaim if that is set */}}
{{- $pvcName = $persistence.existingClaim -}}
{{- else -}}
{{- /* Otherwise refer to the PVC name */}}
{{- if $persistence.nameOverride -}}
{{- if not (eq $persistence.nameOverride "-") -}}
{{- $pvcName = (printf "%s-%s" (include "common.names.fullname" $) $persistence.nameOverride) -}}
{{- end -}}
{{- else -}}
{{- $pvcName = (printf "%s-%s" (include "common.names.fullname" $) $index) -}}
{{- end -}}
{{- if $persistence.forceName -}}
{{- $pvcName = $persistence.forceName -}}
{{- end -}}
{{- end }}
persistentVolumeClaim:
claimName: {{ $pvcName }}
{{- else if eq $persistence.type "emptyDir" }}
{{- $emptyDir := dict -}}
{{- with $persistence.medium -}}
{{- $_ := set $emptyDir "medium" . -}}
{{- end -}}
{{- with $persistence.sizeLimit -}}
{{- $_ := set $emptyDir "sizeLimit" . -}}
{{- end }}
emptyDir: {{- $emptyDir | toYaml | nindent 4 }}
{{- else if or (eq $persistence.type "configMap") (eq $persistence.type "secret") }}
{{- $objectName := (required (printf "objectName not set for persistence item %s" $index) $persistence.objectName) }}
{{- $objectName = tpl $objectName $ }}
{{- if eq $persistence.type "configMap" }}
configMap:
name: {{ $objectName }}
{{- else }}
secret:
secretName: {{ $objectName }}
{{- end }}
{{- with $persistence.defaultMode }}
defaultMode: {{ . }}
{{- end }}
{{- with $persistence.items }}
items:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- else if eq $persistence.type "hostPath" }}
hostPath:
path: {{ required "hostPath not set" $persistence.hostPath }}
{{- with $persistence.hostPathType }}
type: {{ . }}
{{- end }}
{{- else if eq $persistence.type "custom" }}
{{- toYaml $persistence.volumeSpec | nindent 2 }}
{{- else }}
{{- fail (printf "Not a valid persistence.type (%s)" $persistence.type) }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

View File

@@ -1,37 +0,0 @@
{{/*
This template ensures pods with postgresql dependency have a delayed start
*/}}
{{- define "common.dependencies.mariadb.init" -}}
{{- if .Values.mariadb.enabled }}
- name: mariadb-init
image: "{{ .Values.mariadbImage.repository}}:{{ .Values.mariadbImage.tag }}"
env:
- name: MARIADB_HOST
valueFrom:
secretKeyRef:
name: mariadbcreds
key: plainhost
- name: MARIADB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mariadbcreds
key: mariadb-root-password
securityContext:
capabilities:
drop:
- ALL
resources:
{{- with .Values.resources }}
{{- toYaml . | nindent 4 }}
{{- end }}
command: ["bash", "-ec"]
args:
- >
until
mysqladmin -uroot -h"${MARIADB_HOST}" -p"${MARIADB_ROOT_PASSWORD}" ping \
&& mysqladmin -uroot -h"${MARIADB_HOST}" -p"${MARIADB_ROOT_PASSWORD}" status;
do sleep 2;
done
imagePullPolicy: IfNotPresent
{{- end }}
{{- end -}}

View File

@@ -1,48 +0,0 @@
{{/*
This template generates a random password and ensures it persists across updates/edits to the chart
*/}}
{{- define "common.dependencies.mariadb.injector" -}}
{{- $pghost := printf "%v-%v" .Release.Name "mariadb" }}
{{- if .Values.mariadb.enabled }}
---
apiVersion: v1
kind: Secret
metadata:
labels:
{{- include "common.labels" . | nindent 4 }}
name: mariadbcreds
{{- $dbprevious := lookup "v1" "Secret" .Release.Namespace "mariadbcreds" }}
{{- $dbPass := "" }}
{{- $rootPass := "" }}
data:
{{- if $dbprevious }}
{{- $dbPass = ( index $dbprevious.data "mariadb-password" ) | b64dec }}
{{- $rootPass = ( index $dbprevious.data "mariadb-root-password" ) | b64dec }}
mariadb-password: {{ ( index $dbprevious.data "mariadb-password" ) }}
mariadb-root-password: {{ ( index $dbprevious.data "mariadb-root-password" ) }}
{{- else }}
{{- $dbPass = randAlphaNum 50 }}
{{- $rootPass = randAlphaNum 50 }}
mariadb-password: {{ $dbPass | b64enc | quote }}
mariadb-root-password: {{ $rootPass | b64enc | quote }}
{{- end }}
url: {{ ( printf "sql://%v:%v@%v-mariadb:3306/%v" .Values.mariadb.mariadbUsername $dbPass .Release.Name .Values.mariadb.mariadbDatabase ) | b64enc | quote }}
urlnossl: {{ ( printf "sql://%v:%v@%v-mariadb:3306/%v?sslmode=disable" .Values.mariadb.mariadbUsername $dbPass .Release.Name .Values.mariadb.mariadbDatabase ) | b64enc | quote }}
plainporthost: {{ ( printf "%v-%v:3306" .Release.Name "mariadb" ) | b64enc | quote }}
plainhost: {{ ( printf "%v-%v" .Release.Name "mariadb" ) | b64enc | quote }}
jdbc: {{ ( printf "jdbc:sqlserver://%v-mariadb:3306/%v" .Release.Name .Values.mariadb.mariadbDatabase ) | b64enc | quote }}
jdbc-mysql: {{ ( printf "jdbc:mysql://%v-mariadb:3306/%v" .Release.Name .Values.mariadb.mariadbDatabase ) | b64enc | quote }}
jdbc-mariadb: {{ ( printf "jdbc:mariadb://%v-mariadb:3306/%v" .Release.Name .Values.mariadb.mariadbDatabase ) | b64enc | quote }}
type: Opaque
{{- $_ := set .Values.mariadb "mariadbPassword" ( $dbPass | quote ) }}
{{- $_ := set .Values.mariadb "mariadbRootPassword" ( $rootPass | quote ) }}
{{- $_ := set .Values.mariadb.url "plain" ( ( printf "%v-%v" .Release.Name "mariadb" ) | quote ) }}
{{- $_ := set .Values.mariadb.url "plainhost" ( ( printf "%v-%v" .Release.Name "mariadb" ) | quote ) }}
{{- $_ := set .Values.mariadb.url "plainport" ( ( printf "%v-%v:3306" .Release.Name "mariadb" ) | quote ) }}
{{- $_ := set .Values.mariadb.url "plainporthost" ( ( printf "%v-%v:3306" .Release.Name "mariadb" ) | quote ) }}
{{- $_ := set .Values.mariadb.url "complete" ( ( printf "sql://%v:%v@%v-mariadb:3306/%v" .Values.mariadb.mariadbUsername $dbPass .Release.Name .Values.mariadb.mariadbDatabase ) | quote ) }}
{{- $_ := set .Values.mariadb.url "jdbc" ( ( printf "jdbc:sqlserver://%v-mariadb:3306/%v" .Release.Name .Values.mariadb.mariadbDatabase ) | quote ) }}
{{- end }}
{{- end -}}

View File

@@ -1,23 +0,0 @@
{{/*
This template ensures pods with postgresql dependency have a delayed start
*/}}
{{- define "common.dependencies.postgresql.init" -}}
{{- $pghost := printf "%v-%v" .Release.Name "postgresql" }}
{{- if .Values.postgresql.enabled }}
- name: postgresql-init
image: "{{ .Values.postgresqlImage.repository}}:{{ .Values.postgresqlImage.tag }}"
securityContext:
capabilities:
drop:
- ALL
resources:
{{- with .Values.resources }}
{{- toYaml . | nindent 4 }}
{{- end }}
command:
- "sh"
- "-c"
- "until pg_isready -U {{ .Values.postgresql.postgresqlUsername }} -h {{ $pghost }}; do sleep 2 ; done"
imagePullPolicy: IfNotPresent
{{- end }}
{{- end -}}

View File

@@ -1,48 +0,0 @@
{{/*
This template generates a random password and ensures it persists across updates/edits to the chart
*/}}
{{- define "common.dependencies.postgresql.injector" -}}
{{- $pghost := printf "%v-%v" .Release.Name "postgresql" }}
{{- if .Values.postgresql.enabled }}
---
apiVersion: v1
kind: Secret
metadata:
labels:
{{- include "common.labels" . | nindent 4 }}
name: dbcreds
{{- $dbprevious := lookup "v1" "Secret" .Release.Namespace "dbcreds" }}
{{- $dbPass := "" }}
{{- $pgPass := "" }}
data:
{{- if $dbprevious }}
{{- $dbPass = ( index $dbprevious.data "postgresql-password" ) | b64dec }}
{{- $pgPass = ( index $dbprevious.data "postgresql-postgres-password" ) | b64dec }}
postgresql-password: {{ ( index $dbprevious.data "postgresql-password" ) }}
postgresql-postgres-password: {{ ( index $dbprevious.data "postgresql-postgres-password" ) }}
{{- else }}
{{- $dbPass = randAlphaNum 50 }}
{{- $pgPass = randAlphaNum 50 }}
postgresql-password: {{ $dbPass | b64enc | quote }}
postgresql-postgres-password: {{ $pgPass | b64enc | quote }}
{{- end }}
url: {{ ( printf "postgresql://%v:%v@%v-postgresql:5432/%v" .Values.postgresql.postgresqlUsername $dbPass .Release.Name .Values.postgresql.postgresqlDatabase ) | b64enc | quote }}
url-noql: {{ ( printf "postgres://%v:%v@%v-postgresql:5432/%v" .Values.postgresql.postgresqlUsername $dbPass .Release.Name .Values.postgresql.postgresqlDatabase ) | b64enc | quote }}
urlnossl: {{ ( printf "postgresql://%v:%v@%v-postgresql:5432/%v?sslmode=disable" .Values.postgresql.postgresqlUsername $dbPass .Release.Name .Values.postgresql.postgresqlDatabase ) | b64enc | quote }}
plainporthost: {{ ( printf "%v-%v" .Release.Name "postgresql" ) | b64enc | quote }}
plainhost: {{ ( printf "%v-%v" .Release.Name "postgresql" ) | b64enc | quote }}
jdbc: {{ ( printf "jdbc:postgresql://%v-postgresql:5432/%v" .Release.Name .Values.postgresql.postgresqlDatabase ) | b64enc | quote }}
type: Opaque
{{- $_ := set .Values.postgresql "postgresqlPassword" ( $dbPass | quote ) }}
{{- $_ := set .Values.postgresql "postgrespassword" ( $pgPass | quote ) }}
{{- $_ := set .Values.postgresql.url "plain" ( ( printf "%v-%v" .Release.Name "postgresql" ) | quote ) }}
{{- $_ := set .Values.postgresql.url "plainhost" ( ( printf "%v-%v" .Release.Name "postgresql" ) | quote ) }}
{{- $_ := set .Values.postgresql.url "plainport" ( ( printf "%v-%v:5432" .Release.Name "postgresql" ) | quote ) }}
{{- $_ := set .Values.postgresql.url "plainporthost" ( ( printf "%v-%v:5432" .Release.Name "postgresql" ) | quote ) }}
{{- $_ := set .Values.postgresql.url "complete" ( ( printf "postgresql://%v:%v@%v-postgresql:5432/%v" .Values.postgresql.postgresqlUsername $dbPass .Release.Name .Values.postgresql.postgresqlDatabase ) | quote ) }}
{{- $_ := set .Values.postgresql.url "complete-noql" ( ( printf "postgres://%v:%v@%v-postgresql:5432/%v" .Values.postgresql.postgresqlUsername $dbPass .Release.Name .Values.postgresql.postgresqlDatabase ) | quote ) }}
{{- $_ := set .Values.postgresql.url "jdbc" ( ( printf "jdbc:postgresql://%v-postgresql:5432/%v" .Release.Name .Values.postgresql.postgresqlDatabase ) | quote ) }}
{{- end }}
{{- end -}}

View File

@@ -1,37 +0,0 @@
{{/*
This template generates a random password and ensures it persists across updates/edits to the chart
*/}}
{{- define "common.dependencies.redis.injector" -}}
{{- $pghost := printf "%v-%v" .Release.Name "redis" }}
{{- if .Values.redis.enabled }}
---
apiVersion: v1
kind: Secret
metadata:
labels:
{{- include "common.labels" . | nindent 4 }}
name: rediscreds
{{- $dbprevious := lookup "v1" "Secret" .Release.Namespace "rediscreds" }}
{{- $dbPass := "" }}
{{- $dbIndex := default "0" .Values.redis.redisDatabase }}
data:
{{- if $dbprevious }}
{{- $dbPass = ( index $dbprevious.data "redis-password" ) | b64dec }}
redis-password: {{ ( index $dbprevious.data "redis-password" ) }}
{{- else }}
{{- $dbPass = randAlphaNum 50 }}
redis-password: {{ $dbPass | b64enc | quote }}
{{- end }}
url: {{ ( printf "redis://%v:%v@%v-redis:6379/%v" .Values.redis.redisUsername $dbPass .Release.Name $dbIndex ) | b64enc | quote }}
plainporthost: {{ ( printf "%v-%v" .Release.Name "redis" ) | b64enc | quote }}
plainhost: {{ ( printf "%v-%v" .Release.Name "redis" ) | b64enc | quote }}
type: Opaque
{{- $_ := set .Values.redis "redisPassword" ( $dbPass | quote ) }}
{{- $_ := set .Values.redis.url "plain" ( ( printf "%v-%v" .Release.Name "redis" ) | quote ) }}
{{- $_ := set .Values.redis.url "plainhost" ( ( printf "%v-%v" .Release.Name "redis" ) | quote ) }}
{{- $_ := set .Values.redis.url "plainport" ( ( printf "%v-%v:6379" .Release.Name "redis" ) | quote ) }}
{{- $_ := set .Values.redis.url "plainporthost" ( ( printf "%v-%v:6379" .Release.Name "redis" ) | quote ) }}
{{- end }}
{{- end -}}

View File

@@ -1,102 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return a soft nodeAffinity definition
{{ include "common.affinities.nodes.soft" (dict "key" "FOO" "values" (list "BAR" "BAZ")) -}}
*/}}
{{- define "common.affinities.nodes.soft" -}}
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
- key: {{ .key }}
operator: In
values:
{{- range .values }}
- {{ . | quote }}
{{- end }}
weight: 1
{{- end -}}
{{/*
Return a hard nodeAffinity definition
{{ include "common.affinities.nodes.hard" (dict "key" "FOO" "values" (list "BAR" "BAZ")) -}}
*/}}
{{- define "common.affinities.nodes.hard" -}}
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: {{ .key }}
operator: In
values:
{{- range .values }}
- {{ . | quote }}
{{- end }}
{{- end -}}
{{/*
Return a nodeAffinity definition
{{ include "common.affinities.nodes" (dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")) -}}
*/}}
{{- define "common.affinities.nodes" -}}
{{- if eq .type "soft" }}
{{- include "common.affinities.nodes.soft" . -}}
{{- else if eq .type "hard" }}
{{- include "common.affinities.nodes.hard" . -}}
{{- end -}}
{{- end -}}
{{/*
Return a soft podAffinity/podAntiAffinity definition
{{ include "common.affinities.pods.soft" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}}
*/}}
{{- define "common.affinities.pods.soft" -}}
{{- $component := default "" .component -}}
{{- $extraMatchLabels := default (dict) .extraMatchLabels -}}
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels: {{- (include "common.labels.matchLabels" .context) | nindent 10 }}
{{- if not (empty $component) }}
{{ printf "app.kubernetes.io/component: %s" $component }}
{{- end }}
{{- range $key, $value := $extraMatchLabels }}
{{ $key }}: {{ $value | quote }}
{{- end }}
namespaces:
- {{ .context.Release.Namespace | quote }}
topologyKey: kubernetes.io/hostname
weight: 1
{{- end -}}
{{/*
Return a hard podAffinity/podAntiAffinity definition
{{ include "common.affinities.pods.hard" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}}
*/}}
{{- define "common.affinities.pods.hard" -}}
{{- $component := default "" .component -}}
{{- $extraMatchLabels := default (dict) .extraMatchLabels -}}
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels: {{- (include "common.labels.matchLabels" .context) | nindent 8 }}
{{- if not (empty $component) }}
{{ printf "app.kubernetes.io/component: %s" $component }}
{{- end }}
{{- range $key, $value := $extraMatchLabels }}
{{ $key }}: {{ $value | quote }}
{{- end }}
namespaces:
- {{ .context.Release.Namespace | quote }}
topologyKey: kubernetes.io/hostname
{{- end -}}
{{/*
Return a podAffinity/podAntiAffinity definition
{{ include "common.affinities.pods" (dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")) -}}
*/}}
{{- define "common.affinities.pods" -}}
{{- if eq .type "soft" }}
{{- include "common.affinities.pods.soft" . -}}
{{- else if eq .type "hard" }}
{{- include "common.affinities.pods.hard" . -}}
{{- end -}}
{{- end -}}

View File

@@ -1,39 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the proper image name
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" $) }}
*/}}
{{- define "common.images.image" -}}
{{- $repositoryName := .imageRoot.repository -}}
{{- $tag := .imageRoot.tag | toString -}}
{{- printf "%s:%s" $repositoryName $tag -}}
{{- end -}}
{{/*
Return the image name using the selector
{{ include "common.images.selector" . }}
*/}}
{{- define "common.images.selector" -}}
{{- $imageDict := get .Values "image" }}
{{- $selected := .Values.imageSelector }}
{{- if hasKey .Values $selected }}
{{- $imageDict = get .Values $selected }}
{{- end }}
{{- $repositoryName := $imageDict.repository -}}
{{- $tag :=$imageDict.tag | toString -}}
{{- printf "%s:%s" $repositoryName $tag -}}
{{- end -}}
{{/*
Return the proper Docker Image Registry Secret Names (deprecated: use common.images.renderPullSecrets instead)
{{ include "common.images.pullSecrets" ( dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "global" .Values.global) }}
*/}}
{{- define "common.images.pullSecrets" -}}
{{- end -}}
{{/*
Return the proper Docker Image Registry Secret Names evaluating values as templates
{{ include "common.images.renderPullSecrets" ( dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "context" $) }}
*/}}
{{- define "common.images.renderPullSecrets" -}}
{{- end -}}

View File

@@ -1,14 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Kubernetes standard labels
*/}}
{{- define "common.labels.standard" -}}
{{- include "common.labels" . }}
{{- end -}}
{{/*
Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector
*/}}
{{- define "common.labels.matchLabels" -}}
{{- include "common.labels.selectorLabels" . }}
{{- end -}}

View File

@@ -1,35 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the proper Storage Class
{{ include "common.storage.class" ( dict "persistence" .Values.path.to.the.persistence "global" $ ) }}
*/}}
{{- define "common.storage.class" -}}
{{- $storageClass := .persistence.storageClass -}}
{{- $output := "" -}}
{{- if $storageClass -}}
{{- if (eq "-" $storageClass) -}}
{{- $output = "\"\"" -}}
{{- else if (eq "SCALE-ZFS" $storageClass ) }}
{{- $output = ( printf "ix-storage-class-%s" .global.Release.Name ) -}}
{{- else }}
{{- $output = $storageClass -}}
{{- end -}}
{{- else if .global }}
{{- if .global.Values.storageClass -}}
{{- $output = .global.Values.storageClass -}}
{{- else if .global.Values.ixChartContext }}
{{- $output = ( printf "ix-storage-class-%s" .global.Release.Name ) -}}
{{- else if .global.Values.global -}}
{{- if .global.Values.global.storageClass -}}
{{- $output = .global.Values.global.storageClass -}}
{{- end -}}
{{- if or ( .global.Values.global.ixChartContext ) ( .global.Values.global.isSCALE ) -}}
{{- $output = ( printf "ix-storage-class-%s" .global.Release.Name ) -}}
{{- end }}
{{- end -}}
{{- end -}}
{{- printf "storageClassName: %s" $output -}}
{{- end -}}

View File

@@ -1,13 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Renders a value that contains template.
Usage:
{{ include "common.tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $) }}
*/}}
{{- define "common.tplvalues.render" -}}
{{- if typeIs "string" .value }}
{{- tpl .value .context }}
{{- else }}
{{- tpl (.value | toYaml) .context }}
{{- end }}
{{- end -}}

View File

@@ -1,14 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Warning about using rolling tag.
Usage:
{{ include "common.warnings.rollingTag" .Values.path.to.the.imageRoot }}
*/}}
{{- define "common.warnings.rollingTag" -}}
{{- if not (.tag | toString | regexFind "-r\\d+$|sha256:") }}
WARNING: Rolling tag detected ({{ .repository }}:{{ .tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment.
+info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/
{{- end }}
{{- end -}}

File diff suppressed because it is too large Load Diff