add current deployed charts (without pw)

2025-06-22 03:53:56 +02:00 · 2023-07-24 08:54:15 +00:00
parent ebedf7c630
commit d4dc6837dd
4 changed files with 355 additions and 8 deletions
--- a/k8s/mongo/values.yaml
+++ b/k8s/mongo/values.yaml
@ -0,0 +1,187 @@
+### helm upgrade --cleanup-on-fail --install aki-transparenzregister-mongo bitnami/mongodb --namespace transparenzregister --create-namespace --values values.yaml
+
+global:
+  storageClass: "csi-beegfs-dynhot-sc"
+  namespaceOverride: ""
+
+namespaceOverride: ""
+clusterDomain: kicluster.local
+
+## @param extraDeploy Array of extra objects to deploy with the release
+## extraDeploy:
+## - apiVersion: v1
+##   kind: Service
+##   metadata:
+##     ...
+##   spec:
+##     ...
+extraDeploy: []
+
+## @param commonLabels Add labels to all the deployed resources (sub-charts are not considered). Evaluated as a template
+##
+commonLabels: {}
+## @param commonAnnotations Common annotations to add to all Mongo resources (sub-charts are not considered). Evaluated as a template
+##
+commonAnnotations: {}
+
+## @section MongoDB(&reg;) parameters
+##
+image:
+  registry: docker.io
+  repository: bitnami/mongodb
+  tag: 6.0.8-debian-11-r0
+  debug: false
+
+## @param architecture MongoDB(&reg;) architecture (`standalone` or `replicaset`)
+## note replicaset needs more configuration
+architecture: standalone
+useStatefulSet: false # StatefulSet instead of a Deployment (only when `architecture=standalone`)
+
+## MongoDB(&reg;) Authentication parameters
+## ref: https://docs.mongodb.com/manual/tutorial/enable-authentication/
+auth:
+  enabled: true
+  rootUser: root
+  ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mongodb#setting-the-root-user-and-password-on-first-run
+  rootPassword: <some pw>
+  ## MongoDB(&reg;) custom users and databases
+  ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mongodb#creating-a-user-and-database-on-first-run
+  ## @param auth.usernames List of custom users to be created during the initialization
+  ## @param auth.passwords List of passwords for the custom users set at `auth.usernames`
+  ## @param auth.databases List of custom databases to be created during the initialization
+  ##
+  usernames: ["aki_transparenzregister"]
+  passwords: <[some pw]>
+  databases: ["transparenzregister"]
+  ## @param auth.username DEPRECATED: use `auth.usernames` instead
+  ## @param auth.password DEPRECATED: use `auth.passwords` instead
+  ## @param auth.database DEPRECATED: use `auth.databases` instead
+  username: ""
+  password: ""
+  database: ""
+
+  ## @param auth.existingSecret Existing secret with MongoDB(&reg;) credentials (keys: `mongodb-passwords`, `mongodb-root-password`, `mongodb-metrics-password`, `mongodb-replica-set-key`)
+  ## NOTE: When it's set the previous parameters are ignored.
+  existingSecret: ""
+
+tls:
+  ## @param tls.enabled Enable MongoDB(&reg;) TLS support between nodes in the cluster as well as between mongo clients and nodes
+  ##
+  enabled: false
+  ## @param tls.autoGenerated Generate a custom CA and self-signed certificates
+  ##
+  autoGenerated: true
+  ## @param tls.existingSecret Existing secret with TLS certificates (keys: `mongodb-ca-cert`, `mongodb-ca-key`)
+  ## NOTE: When it's set it will disable secret creation.
+  ##
+  existingSecret: ""
+  ## Add Custom CA certificate
+  ## @param tls.caCert Custom CA certificated (base64 encoded)
+  ## @param tls.caKey CA certificate private key (base64 encoded)
+  ##
+  caCert: ""
+  caKey: ""
+  ## @param tls.pemChainIncluded Flag to denote that the Certificate Authority (CA) certificates are bundled with the endpoint cert.
+  ## Certificates must be in proper order, where the top certificate is the leaf and the bottom certificate is the top-most intermediate CA.
+  ##
+  pemChainIncluded: false
+  standalone:
+    ## @param tls.standalone.existingSecret Existing secret with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled.
+    ## NOTE: When it's set it will disable certificate self-generation from existing CA.
+    ##
+    existingSecret: ""
+  
+  image:
+    registry: docker.io
+    repository: bitnami/nginx
+    tag: 1.25.1-debian-11-r9
+  ## @param tls.extraDnsNames Add extra dns names to the CA, can solve x509 auth issue for pod clients
+  ## extraDnsNames
+  ##   "DNS.6": "$my_host"
+  ##   "DNS.7": "$test"
+  extraDnsNames: []
+  ## @param tls.mode Allows to set the tls mode which should be used when tls is enabled (options: `allowTLS`, `preferTLS`, `requireTLS`)
+  mode: requireTLS
+
+
+## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
+hostAliases: []
+## mongo db general settings:
+directoryPerDB: false # not sure whatperformance gains/impact this would have
+disableJavascript: false # should probably be disabled when not needed. Required for serverside map reduce.
+
+## overwrite config file for mongo db http://docs.mongodb.org/manual/reference/configuration-options/
+configuration: "" 
+
+extraFlags: []
+extraEnvVars: []
+## @param extraEnvVarsSecret Name of existing Secret containing extra env vars (in case of sensitive data)
+extraEnvVarsSecret: ""
+
+affinity: {}
+nodeSelector: {}
+tolerations: []
+
+podLabels: {}
+podAnnotations: {}
+
+containerSecurityContext:
+  enabled: true
+  runAsUser: 1001
+  runAsGroup: 0
+  runAsNonRoot: true
+  allowPrivilegeEscalation: false
+  seccompProfile:
+    type: RuntimeDefault
+  capabilities:
+    drop:
+      - ALL
+
+resources:
+  limits: {}
+  requests: {}
+
+containerPorts:
+  mongodb: 27017
+
+sidecars: []
+extraVolumeMounts: []
+extraVolumes: []
+
+service:
+  nameOverride: ""  # service name
+  type: NodePort   # others are NodePort and LoadBalancer ( only for standalone architecture)
+  portName: mongodb # (only for standalone architecture)
+  ports:
+    mongodb: 27017 
+
+  nodePorts:
+    mongodb: 30217
+
+  ## @param service.externalIPs Specify the externalIP value ClusterIP service type (only for standalone architecture)
+  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips
+  ##
+  externalIPs: []
+  ## @param service.extraPorts Extra ports to expose (normally used with the `sidecar` value)
+  extraPorts: []
+  ## @param service.annotations Provide any additional annotations that may be required
+  annotations: {}
+  ## @param service.externalTrafficPolicy service external traffic policy (only for standalone architecture)
+  ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
+  externalTrafficPolicy: Local
+
+persistence:
+  enabled: true
+  ## @param persistence.existingClaim Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`)
+  ## Requires persistence.enabled: true
+  ## If defined, PVC must be created manually before volume will be bound
+  ## Ignored when mongodb.architecture=replicaset
+  existingClaim: ""
+  ## @param persistence.resourcePolicy Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted
+  resourcePolicy: ""
+  storageClass: "csi-beegfs-dynhot-sc"
+  ## @param persistence.accessModes PV Access Mode
+  ##
+  accessModes:
+    - ReadWriteOnce
+  annotations: {}
--- a/k8s/mongo/values.yml
+++ b/k8s/mongo/values.yml
@ -1,3 +0,0 @@
-auth: 
-  usernames: [aki_transparenzregister]
-  passwords: [n&Q%hcB4plTvPOCif8A0]