Skip to content

Commit

Permalink
fix version
Browse files Browse the repository at this point in the history
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>
  • Loading branch information
jkroepke committed Jan 29, 2024
2 parents 12fcf69 + 674b946 commit 0041267
Show file tree
Hide file tree
Showing 41 changed files with 189 additions and 57 deletions.
10 changes: 5 additions & 5 deletions charts/agent-operator/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,12 @@ apiVersion: v2
name: grafana-agent-operator
description: A Helm chart for Grafana Agent Operator
type: application
version: 0.3.12
appVersion: "0.38.1"
home: https://grafana.com/docs/agent/v0.38/
icon: https://raw.githubusercontent.com/grafana/agent/v0.38.0/docs/sources/assets/logo_and_name.png
version: 0.3.15
appVersion: "0.39.1"
home: https://grafana.com/docs/agent/v0.39/
icon: https://raw.githubusercontent.com/grafana/agent/v0.39.1/docs/sources/assets/logo_and_name.png
sources:
- https://github.com/grafana/agent/tree/v0.38.0/pkg/operator
- https://github.com/grafana/agent/tree/v0.39.1/pkg/operator
maintainers:
- name: Grafana Agent Team
email: grafana-agent-team@googlegroups.com
8 changes: 4 additions & 4 deletions charts/agent-operator/README.md
Original file line number Diff line number Diff line change
@@ -1,22 +1,22 @@
# grafana-agent-operator

![Version: 0.3.12](https://img.shields.io/badge/Version-0.3.12-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.38.1](https://img.shields.io/badge/AppVersion-0.38.1-informational?style=flat-square)
![Version: 0.3.15](https://img.shields.io/badge/Version-0.3.15-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.39.1](https://img.shields.io/badge/AppVersion-0.39.1-informational?style=flat-square)

A Helm chart for Grafana Agent Operator

⚠️ **Please create issues relating to this Helm chart in the [Agent](https://github.com/grafana/agent/issues) repo.**

## Source Code

* <https://github.com/grafana/agent/tree/v0.38.0/pkg/operator>
* <https://github.com/grafana/agent/tree/v0.39.1/pkg/operator>

Note that this chart does not provision custom resources like `GrafanaAgent` and `MetricsInstance` (formerly `PrometheusInstance`) or any `*Monitor` resources.

To learn how to deploy these resources, please see Grafana's [Agent Operator getting started guide](https://grafana.com/docs/agent/latest/operator/getting-started/).

## CRDs

The CRDs are synced into this chart manually (for now) from the Grafana Agent [GitHub repo](https://github.com/grafana/agent/tree/main/production/operator/crds). To learn more about how Helm manages CRDs, please see [Custom Resource Definitions](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/) from the Helm docs.
The CRDs are synced into this chart manually (for now) from the Grafana Agent [GitHub repo](https://github.com/grafana/agent/tree/main/operations/agent-static-operator/crds). To learn more about how Helm manages CRDs, please see [Custom Resource Definitions](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/) from the Helm docs.

## Get Repo Info

Expand Down Expand Up @@ -63,7 +63,7 @@ A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an
| image.pullSecrets | list | `[]` | Image pull secrets |
| image.registry | string | `"docker.io"` | Image registry |
| image.repository | string | `"grafana/agent-operator"` | Image repo |
| image.tag | string | `"v0.37.4"` | Image tag |
| image.tag | string | `"v0.39.1"` | Image tag |
| kubeletService | object | `{"namespace":"default","serviceName":"kubelet"}` | If both are set, Agent Operator will create and maintain a service for scraping kubelets https://grafana.com/docs/agent/latest/operator/getting-started/#monitor-kubelets |
| nameOverride | string | `""` | Overrides the chart's name |
| nodeSelector | object | `{}` | nodeSelector configuration |
Expand Down
2 changes: 1 addition & 1 deletion charts/agent-operator/README.md.gotmpl
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ To learn how to deploy these resources, please see Grafana's [Agent Operator get

## CRDs

The CRDs are synced into this chart manually (for now) from the Grafana Agent [GitHub repo](https://github.com/grafana/agent/tree/main/production/operator/crds). To learn more about how Helm manages CRDs, please see [Custom Resource Definitions](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/) from the Helm docs.
The CRDs are synced into this chart manually (for now) from the Grafana Agent [GitHub repo](https://github.com/grafana/agent/tree/main/operations/agent-static-operator/crds). To learn more about how Helm manages CRDs, please see [Custom Resource Definitions](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/) from the Helm docs.

## Get Repo Info

Expand Down
2 changes: 1 addition & 1 deletion charts/agent-operator/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ image:
# -- Image repo
repository: grafana/agent-operator
# -- Image tag
tag: v0.37.4
tag: v0.39.1
# -- Image pull policy
pullPolicy: IfNotPresent
# -- Image pull secrets
Expand Down
6 changes: 3 additions & 3 deletions charts/grafana/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: v2
name: grafana
version: 7.0.19
appVersion: 10.2.2
version: 7.2.5
appVersion: 10.2.3
kubeVersion: "^1.8.0-0"
description: The leading tool for querying and visualizing time series and metrics.
home: https://grafana.com
Expand All @@ -10,7 +10,7 @@ sources:
- https://github.com/grafana/grafana
- https://github.com/grafana/helm-charts
annotations:
"artifacthub.io/license": AGPL-3.0-only
"artifacthub.io/license": Apache-2.0
"artifacthub.io/links": |
- name: Chart Source
url: https://github.com/grafana/helm-charts
Expand Down
1 change: 1 addition & 0 deletions charts/grafana/templates/_config.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
Generate config map data
*/}}
{{- define "grafana.configData" -}}
{{ include "grafana.assertNoLeakedSecrets" . }}
{{- $files := .Files }}
{{- $root := . -}}
{{- with .Values.plugins }}
Expand Down
51 changes: 51 additions & 0 deletions charts/grafana/templates/_helpers.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -225,3 +225,54 @@ Formats imagePullSecrets. Input is (dict "root" . "imagePullSecrets" .{specific
{{- end }}
{{- $secretFound}}
{{- end -}}
{{/*
Checks whether the user is attempting to store secrets in plaintext
in the grafana.ini configmap
*/}}
{{/* grafana.assertNoLeakedSecrets checks for sensitive keys in values */}}
{{- define "grafana.assertNoLeakedSecrets" -}}
{{- $sensitiveKeysYaml := `
sensitiveKeys:
- path: ["database", "password"]
- path: ["smtp", "password"]
- path: ["security", "secret_key"]
- path: ["security", "admin_password"]
- path: ["auth.basic", "password"]
- path: ["auth.ldap", "bind_password"]
- path: ["auth.google", "client_secret"]
- path: ["auth.github", "client_secret"]
- path: ["auth.gitlab", "client_secret"]
- path: ["auth.generic_oauth", "client_secret"]
- path: ["auth.okta", "client_secret"]
- path: ["auth.azuread", "client_secret"]
- path: ["auth.grafana_com", "client_secret"]
- path: ["auth.grafananet", "client_secret"]
- path: ["azure", "user_identity_client_secret"]
- path: ["unified_alerting", "ha_redis_password"]
- path: ["metrics", "basic_auth_password"]
- path: ["external_image_storage.s3", "secret_key"]
- path: ["external_image_storage.webdav", "password"]
- path: ["external_image_storage.azure_blob", "account_key"]
` | fromYaml -}}
{{- if $.Values.assertNoLeakedSecrets -}}
{{- $grafanaIni := index .Values "grafana.ini" -}}
{{- range $_, $secret := $sensitiveKeysYaml.sensitiveKeys -}}
{{- $currentMap := $grafanaIni -}}
{{- $shouldContinue := true -}}
{{- range $index, $elem := $secret.path -}}
{{- if and $shouldContinue (hasKey $currentMap $elem) -}}
{{- if eq (len $secret.path) (add1 $index) -}}
{{- if not (regexMatch "\\$(?:__(?:env|file|vault))?{[^}]+}" (index $currentMap $elem)) -}}
{{- fail (printf "Sensitive key '%s' should not be defined explicitly in values. Use variable expansion instead. You can disable this client-side validation by changing the value of assertNoLeakedSecrets." (join "." $secret.path)) -}}
{{- end -}}
{{- else -}}
{{- $currentMap = index $currentMap $elem -}}
{{- end -}}
{{- else -}}
{{- $shouldContinue = false -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
14 changes: 14 additions & 0 deletions charts/grafana/templates/_pod.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -434,6 +434,11 @@ containers:
- name: "{{ $key }}"
value: "{{ $value }}"
{{- end }}
{{- range $key, $value := .Values.sidecar.datasources.envValueFrom }}
- name: {{ $key | quote }}
valueFrom:
{{- tpl (toYaml $value) $ | nindent 10 }}
{{- end }}
{{- if .Values.sidecar.dashboards.ignoreAlreadyProcessed }}
- name: IGNORE_ALREADY_PROCESSED
value: "true"
Expand Down Expand Up @@ -1079,11 +1084,17 @@ containers:
- secretRef:
name: {{ tpl .name $ }}
optional: {{ .optional | default false }}
{{- if .prefix }}
prefix: {{ tpl .prefix $ }}
{{- end }}
{{- end }}
{{- range .Values.envFromConfigMaps }}
- configMapRef:
name: {{ tpl .name $ }}
optional: {{ .optional | default false }}
{{- if .prefix }}
prefix: {{ tpl .prefix $ }}
{{- end }}
{{- end }}
{{- end }}
{{- with .Values.livenessProbe }}
Expand Down Expand Up @@ -1268,6 +1279,9 @@ volumes:
{{- else if .configMap }}
configMap:
{{- toYaml .configMap | nindent 6 }}
{{- else if .emptyDir }}
emptyDir:
{{- toYaml .emptyDir | nindent 6 }}
{{- else }}
emptyDir: {}
{{- end }}
Expand Down
6 changes: 3 additions & 3 deletions charts/grafana/templates/configSecret.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -25,13 +25,13 @@ stringData:
{{- range $key, $value := .Values.datasources }}
{{- if (hasKey $value "secret") }}
{{- $key | nindent 2 }}: |
{{- tpl (toYaml $value | nindent 4) $root }}
{{- tpl (toYaml $value.secret | nindent 4) $root }}
{{- end }}
{{- end }}
{{- range $key, $value := .Values.notifiers }}
{{- if (hasKey $value "secret") }}
{{- $key | nindent 2 }}: |
{{- tpl (toYaml $value | nindent 4) $root }}
{{- tpl (toYaml $value.secret | nindent 4) $root }}
{{- end }}
{{- end }}
{{- range $key, $value := .Values.alerting }}
Expand All @@ -40,4 +40,4 @@ stringData:
{{- tpl (toYaml $value.secret | nindent 4) $root }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
2 changes: 1 addition & 1 deletion charts/grafana/templates/ingress.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ spec:
rules:
{{- if .Values.ingress.hosts }}
{{- range .Values.ingress.hosts }}
- host: {{ tpl . $ }}
- host: {{ tpl . $ | quote }}
http:
paths:
{{- with $extraPaths }}
Expand Down
5 changes: 4 additions & 1 deletion charts/grafana/templates/service.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,10 +21,13 @@ spec:
clusterIP: {{ . }}
{{- end }}
{{- else if eq .Values.service.type "LoadBalancer" }}
type: {{ .Values.service.type }}
type: LoadBalancer
{{- with .Values.service.loadBalancerIP }}
loadBalancerIP: {{ . }}
{{- end }}
{{- with .Values.service.loadBalancerClass }}
loadBalancerClass: {{ . }}
{{- end }}
{{- with .Values.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{- toYaml . | nindent 4 }}
Expand Down
16 changes: 16 additions & 0 deletions charts/grafana/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -207,6 +207,9 @@ gossipPortName: gossip
service:
enabled: true
type: ClusterIP
loadBalancerIP: ""
loadBalancerClass: ""
loadBalancerSourceRanges: []
port: 80
targetPort: 3000
# targetPort: 4181 To be used with a proxy extraContainer
Expand Down Expand Up @@ -487,6 +490,7 @@ envRenderSecret: {}
## Name is templated.
envFromSecrets: []
## - name: secret-name
## prefix: prefix
## optional: true

## The names of conifgmaps in the same kubernetes namespace which contain values to be added to the environment
Expand All @@ -495,6 +499,7 @@ envFromSecrets: []
## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#configmapenvsource-v1-core
envFromConfigMaps: []
## - name: configmap-name
## prefix: prefix
## optional: true

# Inject Kubernetes services as environment variables.
Expand Down Expand Up @@ -961,6 +966,7 @@ sidecar:
enabled: false
# Additional environment variables for the datasourcessidecar
env: {}
envValueFrom: {}
# Do not reprocess already processed unchanged resources on k8s API reconnect.
# ignoreAlreadyProcessed: true
# label that the configmaps with datasources are marked with
Expand Down Expand Up @@ -1297,3 +1303,13 @@ extraObjects: []
# data:
# - key: grafana-admin-password
# name: adminPassword

# assertNoLeakedSecrets is a helper function defined in _helpers.tpl that checks if secret
# values are not exposed in the rendered grafana.ini configmap. It is enabled by default.
#
# To pass values into grafana.ini without exposing them in a configmap, use variable expansion:
# https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#variable-expansion
#
# Alternatively, if you wish to allow secret values to be exposed in the rendered grafana.ini configmap,
# you can disable this check by setting assertNoLeakedSecrets to false.
assertNoLeakedSecrets: true
9 changes: 8 additions & 1 deletion charts/lgtm-distributed/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: v2
name: lgtm-distributed
description: Umbrella chart for a distributed Loki, Grafana, Tempo and Mimir stack
type: application
version: 1.0.0
version: 1.0.1
appVersion: "6.59.4"

home: https://grafana.com/oss/
Expand All @@ -16,7 +16,14 @@ sources:
- https://github.com/grafana/mimir
- https://github.com/grafana/tempo

keywords:
- monitoring
- traces
- metrics
- logs

annotations:
"artifacthub.io/license": Apache-2.0
"artifacthub.io/links": |
- name: Chart Source
url: https://github.com/grafana/helm-charts
Expand Down
2 changes: 1 addition & 1 deletion charts/lgtm-distributed/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# lgtm-distributed

![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 6.59.4](https://img.shields.io/badge/AppVersion-6.59.4-informational?style=flat-square)
![Version: 1.0.1](https://img.shields.io/badge/Version-1.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 6.59.4](https://img.shields.io/badge/AppVersion-6.59.4-informational?style=flat-square)

Umbrella chart for a distributed Loki, Grafana, Tempo and Mimir stack

Expand Down
2 changes: 1 addition & 1 deletion charts/loki-distributed/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ name: loki-distributed
description: Helm chart for Grafana Loki in microservices mode
type: application
appVersion: 2.9.2
version: 0.78.0
version: 0.78.2
home: https://grafana.github.io/helm-charts
sources:
- https://github.com/grafana/loki
Expand Down
4 changes: 3 additions & 1 deletion charts/loki-distributed/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# loki-distributed

![Version: 0.78.0](https://img.shields.io/badge/Version-0.78.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.9.2](https://img.shields.io/badge/AppVersion-2.9.2-informational?style=flat-square)
![Version: 0.78.2](https://img.shields.io/badge/Version-0.78.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.9.2](https://img.shields.io/badge/AppVersion-2.9.2-informational?style=flat-square)

Helm chart for Grafana Loki in microservices mode

Expand Down Expand Up @@ -333,6 +333,8 @@ kubectl delete statefulset RELEASE_NAME-loki-distributed-querier -n LOKI_NAMESPA
| loki.command | string | `nil` | Common command override for all pods (except gateway) |
| loki.config | string | See values.yaml | Config file contents for Loki |
| loki.configAsSecret | bool | `false` | Store the loki configuration as a secret. |
| loki.configSecretAnnotations | object | `{}` | Annotations for the secret with loki configuration. |
| loki.configSecretLabels | object | `{}` | Additional labels for the secret with loki configuration. |
| loki.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true}` | The SecurityContext for Loki containers |
| loki.existingSecretForConfig | string | `""` | Specify an existing secret containing loki configuration. If non-empty, overrides `loki.config` |
| loki.image.pullPolicy | string | `"IfNotPresent"` | Docker image pull policy |
Expand Down
7 changes: 7 additions & 0 deletions charts/loki-distributed/templates/config-secret.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,13 @@ metadata:
namespace: {{ .Release.Namespace }}
labels:
{{- include "loki.labels" . | nindent 4 }}
{{- with .Values.loki.configSecretLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.loki.configSecretAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
stringData:
config.yaml: |
{{- tpl (mergeOverwrite (tpl .Values.loki.config . | fromYaml) .Values.loki.structuredConfig | toYaml) . | nindent 4 }}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if gt (int .Values.distributor.replicas) 1 }}
{{- if not .Values.distributor.maxUnavailable }}
{{- if kindIs "invalid" .Values.distributor.maxUnavailable }}
{{- fail "`.Values.distributor.maxUnavailable` must be set when `.Values.distributor.replicas` is greater than 1." }}
{{- else }}
apiVersion: {{ include "loki.pdb.apiVersion" . }}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if and .Values.gateway.enabled (gt (int .Values.gateway.replicas) 1) }}
{{- if not .Values.gateway.maxUnavailable }}
{{- if kindIs "invalid" .Values.gateway.maxUnavailable }}
{{- fail "`.Values.gateway.maxUnavailable` must be set when `.Values.gateway.replicas` is greater than 1." }}
{{- else }}
apiVersion: {{ include "loki.pdb.apiVersion" . }}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if and .Values.indexGateway.enabled (gt (int .Values.indexGateway.replicas) 1) }}
{{- if not .Values.indexGateway.maxUnavailable }}
{{- if kindIs "invalid" .Values.indexGateway.maxUnavailable }}
{{- fail "`.Values.indexGateway.maxUnavailable` must be set when `.Values.indexGateway.replicas` is greater than 1." }}
{{- else }}
apiVersion: {{ include "loki.pdb.apiVersion" . }}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if gt (int .Values.ingester.replicas) 1 }}
{{- if not .Values.ingester.maxUnavailable }}
{{- if kindIs "invalid" .Values.ingester.maxUnavailable }}
{{- fail "`.Values.ingester.maxUnavailable` must be set when `.Values.ingester.replicas` is greater than 1." }}
{{- else }}
apiVersion: {{ include "loki.pdb.apiVersion" . }}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if and .Values.memcachedChunks.enabled (gt (int .Values.memcachedChunks.replicas) 1) }}
{{- if not .Values.memcachedChunks.maxUnavailable }}
{{- if kindIs "invalid" .Values.memcachedChunks.maxUnavailable }}
{{- fail "`.Values.memcachedChunks.maxUnavailable` must be set when `.Values.memcachedChunks.replicas` is greater than 1." }}
{{- else }}
apiVersion: {{ include "loki.pdb.apiVersion" . }}
Expand Down
Loading

0 comments on commit 0041267

Please sign in to comment.