Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[xray] 3.102.3 release #1915

Merged
merged 2 commits into from
Aug 22, 2024
Merged

[xray] 3.102.3 release #1915

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ca0bd04
[xray] Fix `volumeMounts` formatting for `panoramic` (#1896)
rhys96 Aug 22, 2024
6e9b8ca
[xray] 3.102.3 release
megha1906 Aug 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion stable/xray/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,11 @@
# JFrog Xray Chart Changelog
All changes to this chart will be documented in this file.

## [103.101.5] - June 18, 2024
## [103.102.3] - July 17, 2024
* Added support of specifying resources constraints for RabbitMQ's pre-upgrade-hook job
* Fixed formatting error associated to the `volumeMounts` for the `panoramic` microservice [GH-1895](https://github.com/jfrog/charts/issues/1895)

## [103.99.0] - June 18, 2024
* Fixed #adding colon in image registry breaks deployment with meta label error. [GH-1892](https://github.com/jfrog/charts/pull/1892)

## [103.97.0] - May 27, 2024
Expand Down
4 changes: 2 additions & 2 deletions stable/xray/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 3.101.5
appVersion: 3.102.3
dependencies:
- condition: postgresql.enabled
name: postgresql
Expand All @@ -24,4 +24,4 @@ name: xray
sources:
- https://github.com/jfrog/charts
type: application
version: 103.101.5
version: 103.102.3
11 changes: 11 additions & 0 deletions stable/xray/ci/default-values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,17 @@ sbom:
cpu: "3"

panoramic:
enabled: false
resources:
requests:
memory: "300Mi"
cpu: "50m"
limits:
memory: "4Gi"
cpu: "3"


policyenforcer:
enabled: false
resources:
requests:
Expand Down
4 changes: 4 additions & 0 deletions stable/xray/files/system.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,10 @@ server:
migrate_msgs_from_other_rabbitmq: {{ toYaml .Values.global.xray.rabbitmq.migrateMessagesFromOtherRabbitMq | nindent 6 }}
{{- end }}
{{- end }}
{{- if .Values.policyenforcer.enabled }}
policyenforcer:
enabled: true
{{- end }}
{{- if (include "xray.imagePullSecretsStrList" .) }}
executionService:
pullSecret:
Expand Down
7 changes: 7 additions & 0 deletions stable/xray/templates/_helpers.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,13 @@ The xray-panoramic name
{{- default .Chart.Name .Values.panoramic.name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}

{{/*
The xray-policyenforcer name
*/}}
{{- define "xray-policyenforcer.name" -}}
{{- default .Chart.Name .Values.panoramic.name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}

{{/*
The xray-indexer name
*/}}
Expand Down
4 changes: 4 additions & 0 deletions stable/xray/templates/migration-hook.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,10 @@ spec:
- name: pre-upgrade-container
image: "{{ include "xray.getRegistryByService" (list . "migrationHook") }}/{{ .Values.rabbitmq.migration.image.repository }}:{{ .Values.rabbitmq.migration.image.tag }}"
imagePullPolicy: IfNotPresent
{{- if .Values.rabbitmq.resources }}
resources:
{{- toYaml .Values.rabbitmq.resources | nindent 12 }}
{{- end }}
{{- if .Values.rabbitmq.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.rabbitmq.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
Expand Down
180 changes: 175 additions & 5 deletions stable/xray/templates/xray-ipa-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,10 +27,10 @@ spec:
{{- if not .Values.autoscalingIpa.enabled }}
replicas: {{ .Values.replicaCount }}
{{- end }}
{{- with .Values.deployment.strategy }}
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
{{ toYaml . | indent 4 }}
{{- end }}
selector:
matchLabels:
app: {{ template "xray.name" . }}
Expand Down Expand Up @@ -889,8 +889,8 @@ spec:
- containerPort: {{ .Values.panoramic.internalPort }}
name: http-panoramic
volumeMounts:
- name: data-volume
mountPath: "{{ .Values.xray.persistence.mountPath }}"
- name: data-volume
mountPath: "{{ .Values.xray.persistence.mountPath }}"
{{- if or .Values.common.customVolumeMounts .Values.global.customVolumeMounts }}
{{ tpl (include "xray.customVolumeMounts" .) . | indent 8 }}
{{- end }}
Expand All @@ -907,6 +907,176 @@ spec:
livenessProbe:
{{ tpl .Values.panoramic.livenessProbe.config . | indent 10 }}
{{- end }}
{{- end }}
{{- if .Values.policyenforcer.enabled }}
- name: {{ .Values.policyenforcer.name }}
image: {{ include "xray.getImageInfoByValue" (list . "policyenforcer") }}
imagePullPolicy: {{ .Values.imagePullPolicy }}
{{- if .Values.containerSecurityContext.enabled }}
securityContext: {{- tpl (omit .Values.containerSecurityContext "enabled" | toYaml) . | nindent 10 }}
{{- end }}
command:
- '/bin/bash'
- '-c'
- >
{{- with .Values.common.preStartCommand }}
echo "Running custom common preStartCommand command";
{{ tpl . $ }};
{{- end }}
{{- with .Values.policyenforcer.preStartCommand }}
echo "Running custom policyenforcer preStartCommand command";
{{ tpl . $ }};
{{- end }}
exec /opt/jfrog/xray/app/bin/wrapper.sh;
{{- with .Values.policyenforcer.lifecycle }}
lifecycle:
{{ toYaml . | indent 10 }}
{{- end }}
env:
- name: JF_SKIPENTLICCHECKFORCLOUD
value: "true"
{{ include "xray.envVariables" . | indent 8 }}
{{ include "xray.rabbitmqTlsEnvVariables" . | indent 8 }}
{{- if and .Values.rabbitmq.external.secrets (not .Values.common.rabbitmq.connectionConfigFromEnvironment) }}
- name: JF_SHARED_RABBITMQ_USERNAME
valueFrom:
secretKeyRef:
name: {{ tpl .Values.rabbitmq.external.secrets.username.name . }}
key: {{ tpl .Values.rabbitmq.external.secrets.username.key . }}
- name: JF_SHARED_RABBITMQ_PASSWORD
valueFrom:
secretKeyRef:
name: {{ tpl .Values.rabbitmq.external.secrets.password.name . }}
key: {{ tpl .Values.rabbitmq.external.secrets.password.key . }}
- name: JF_SHARED_RABBITMQ_URL
valueFrom:
secretKeyRef:
name: {{ tpl .Values.rabbitmq.external.secrets.url.name . }}
key: {{ tpl .Values.rabbitmq.external.secrets.url.key . }}
{{- end }}
{{- if or .Values.database.secrets.user .Values.database.user }}
- name: JF_SHARED_DATABASE_USERNAME
valueFrom:
secretKeyRef:
{{- if .Values.database.secrets.user }}
name: {{ tpl .Values.database.secrets.user.name . }}
key: {{ tpl .Values.database.secrets.user.key . }}
{{- else if .Values.database.user }}
{{- if not .Values.xray.unifiedSecretInstallation }}
name: {{ template "xray.fullname" . }}-database-creds
{{- else }}
name: "{{ template "xray.name" . }}-unified-secret"
{{- end }}
key: db-user
{{- end }}
{{- end }}
{{- if or .Values.database.secrets.actualUsername .Values.database.actualUsername }}
- name: JF_SHARED_DATABASE_ACTUALUSERNAME
valueFrom:
secretKeyRef:
{{- if .Values.database.secrets.actualUsername }}
name: {{ tpl .Values.database.secrets.actualUsername.name . }}
key: {{ tpl .Values.database.secrets.actualUsername.key . }}
{{- else if .Values.database.actualUsername }}
{{- if not .Values.xray.unifiedSecretInstallation }}
name: {{ template "xray.fullname" . }}-database-creds
{{- else }}
name: "{{ template "xray.name" . }}-unified-secret"
{{- end }}
key: db-actualUsername
{{- end }}
{{- end }}
{{ if or .Values.database.secrets.password .Values.database.password .Values.postgresql.enabled }}
- name: JF_SHARED_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.database.secrets.password }}
name: {{ tpl .Values.database.secrets.password.name . }}
key: {{ tpl .Values.database.secrets.password.key . }}
{{- else if .Values.database.password }}
{{- if not .Values.xray.unifiedSecretInstallation }}
name: {{ template "xray.fullname" . }}-database-creds
{{- else }}
name: "{{ template "xray.name" . }}-unified-secret"
{{- end }}
key: db-password
{{- else if .Values.postgresql.enabled }}
name: {{ .Release.Name }}-postgresql
key: postgresql-password
{{- end }}
{{- end }}
{{- if or .Values.database.secrets.url .Values.database.url }}
- name: JF_SHARED_DATABASE_URL
valueFrom:
secretKeyRef:
{{- if .Values.database.secrets.url }}
name: {{ tpl .Values.database.secrets.url.name . }}
key: {{ tpl .Values.database.secrets.url.key . }}
{{- else if .Values.database.url }}
{{- if not .Values.xray.unifiedSecretInstallation }}
name: {{ template "xray.fullname" . }}-database-creds
{{- else }}
name: "{{ template "xray.name" . }}-unified-secret"
{{- end }}
key: db-url
{{- end }}
{{- end }}
{{- if .Values.common.rabbitmq.connectionConfigFromEnvironment }}
- name: JF_SHARED_RABBITMQ_USERNAME
value: {{ include "rabbitmq.user" .}}
- name: JF_SHARED_RABBITMQ_URL
value: {{ include "rabbitmq.url" .}}
- name: JF_SHARED_RABBITMQ_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "rabbitmq.passwordSecretName" .}}
key: rabbitmq-password
{{- end }}
- name: XRAY_HA_NODE_ID
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: XRAY_K8S_ENV
value: "true"
- name: EXECUTION_JOB_AES_KEY
valueFrom:
secretKeyRef:
{{- if not .Values.xray.unifiedSecretInstallation }}
name: {{ template "xray.executionServiceAesKeySecretName" . }}
{{- else if and .Values.xray.unifiedSecretInstallation (or .Values.xray.executionServiceAesKeySecretName .Values.global.executionServiceAesKeySecretName) }}
name: {{ template "xray.executionServiceAesKeySecretName" . }}
{{- else }}
name: "{{ template "xray.name" . }}-unified-secret"
{{- end }}
key: execution-service-aes-key
{{- if .Values.common.extraEnvVars }}
{{- tpl .Values.common.extraEnvVars . | nindent 8 }}
{{- end }}
{{- if .Values.policyenforcer.extraEnvVars }}
{{- tpl .Values.policyenforcer.extraEnvVars . | nindent 8 }}
{{- end }}
ports:
- containerPort: {{ .Values.policyenforcer.internalPort }}
name: http-polenf
volumeMounts:
- name: data-volume
mountPath: "{{ .Values.xray.persistence.mountPath }}"
{{- if or .Values.common.customVolumeMounts .Values.global.customVolumeMounts }}
{{ tpl (include "xray.customVolumeMounts" .) . | indent 8 }}
{{- end }}
{{- with .Values.policyenforcer.customVolumeMounts }}
{{ tpl . $ | indent 8 }}
{{- end }}
resources:
{{ toYaml .Values.policyenforcer.resources | indent 10 }}
{{- if .Values.policyenforcer.startupProbe.enabled }}
startupProbe:
{{ tpl .Values.policyenforcer.startupProbe.config . | indent 10 }}
{{- end }}
{{- if .Values.policyenforcer.livenessProbe.enabled }}
livenessProbe:
{{ tpl .Values.policyenforcer.livenessProbe.config . | indent 10 }}
{{- end }}
{{- end }}
- name: {{ .Values.indexer.name }}
image: {{ include "xray.getImageInfoByValue" (list . "indexer") }}
Expand Down
6 changes: 6 additions & 0 deletions stable/xray/templates/xray-ipa-svc.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,12 @@ spec:
port: {{ .Values.panoramic.externalPort }}
protocol: TCP
targetPort: {{ .Values.panoramic.internalPort }}
{{- end }}
{{- if .Values.policyenforcer.enabled }}
- name: http-polenf
port: {{ .Values.policyenforcer.externalPort }}
protocol: TCP
targetPort: {{ .Values.policyenforcer.internalPort }}
{{- end }}
selector:
app: {{ template "xray.name" . }}
Expand Down
6 changes: 3 additions & 3 deletions stable/xray/templates/xray-server-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,10 +27,10 @@ spec:
{{- if not .Values.autoscalingServer.enabled }}
replicas: {{ .Values.replicaCountServer }}
{{- end }}
{{- with .Values.deployment.strategy }}
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
{{ toYaml . | indent 4 }}
{{- end }}
selector:
matchLabels:
app: {{ template "xray.name" . }}
Expand Down
Loading
Loading