diff --git a/examples/xray/logging/README.md b/examples/xray/logging/README.md
new file mode 100644
index 000000000..31fd79835
--- /dev/null
+++ b/examples/xray/logging/README.md
@@ -0,0 +1,22 @@
+# Setting up a logging sidecar
+Due to the nature of Xray running with many services, each writing multiple logs to the file system, it's hard to collect them all in a Kubernetes based deployment.
+The example in this directory has an example of using a [fluent-bit](https://fluentbit.io/) sidecar that collects all logs from Xray's `log/` directory and writes them to STDOUT in a nice json formatted way
+
+See the [values-logging-fluent-bit.yaml](values-logging-fluent-bit.yaml) for the configuration example
+
+## Deploy
+Install Xray with the following command
+```shell
+helm upgrade --install xray jfrog/xray -f values-logging-fluent-bit.yaml
+```
+
+## Fluent-bit STDOUT
+Once running, the `fluent-bit` sidecar tails the logs in the configured directories and outputs them to the container's STDOUT in a json format.
+Each line had a `"file"` key that lists the source file, which later can be used to separate the sources.
+The actual log line is in the `"log"` key.
+```json
+{"date":1700135001.943258,"file":"/var/opt/jfrog/xray/log/xray-server-service.log","log":"2023-11-16T11:43:21.942Z \u001b[33m[jfxr ]\u001b[0m \u001b[34m[INFO ]\u001b[0m [0e860ce4f1fd6552] [migrate:36 ] [MainServer ] Data migration that should run always: starting for name V1_Update_Features_table"}
+```
+
+## Cluster log collector
+Once this is setup, you need to configure your cluster log collector (probably running as a DaemonSet) to collect logs from this container only.
\ No newline at end of file
diff --git a/examples/xray/logging/values-logging-fluent-bit.yaml b/examples/xray/logging/values-logging-fluent-bit.yaml
new file mode 100644
index 000000000..5025054c6
--- /dev/null
+++ b/examples/xray/logging/values-logging-fluent-bit.yaml
@@ -0,0 +1,68 @@
+common:
+
+ # Create extra config maps with the required fluent-bit configuration
+ configMaps: |
+ fluent-bit-input.conf: |-
+ [INPUT]
+ Name tail
+ Path /var/opt/jfrog/xray/log/*.log
+ DB /var/opt/jfrog/fluentdb/fluentdb.db
+ Exclude_Path *router-request.log,*console.log,*-metrics.log
+ Path_Key file
+ Refresh_Interval 20
+ Multiline On
+ Parser_Firstline multiline_pattern
+ Skip_Long_Lines On
+
+ fluent-bit-output.conf: |-
+ [OUTPUT]
+ Name stdout
+ Match *
+ Format json_lines
+
+ fluent-bit-service.conf: |-
+ [SERVICE]
+ Flush 1
+ Daemon Off
+ Log_Level info
+ Parsers_File parsers.conf
+
+ fluent-bit.conf: |-
+ @INCLUDE fluent-bit-service.conf
+ @INCLUDE fluent-bit-input.conf
+ @INCLUDE fluent-bit-output.conf
+
+ parsers.conf: |-
+ [PARSER]
+ Name multiline_pattern
+ Format regex
+ Regex ^(?\d{2,4}\-\d{2,4}\-\d{2,4}T\d{2,4}\:\d{2,4}\:\d{2,4}\.\d{1,6}?.*)
+
+ # Create the extra sidecar container
+ customSidecarContainers: |
+ - name: xray-fluent-bit
+ image: "fluent/fluent-bit:2.1.2"
+ volumeMounts:
+ - mountPath: /var/opt/jfrog/xray
+ name: data-volume
+ - mountPath: /var/opt/jfrog/fluentdb
+ name: fluentdb
+ - mountPath: /fluent-bit/etc/fluent-bit.conf
+ name: xray-configmaps
+ subPath: fluent-bit.conf
+ - mountPath: /fluent-bit/etc/fluent-bit-service.conf
+ name: xray-configmaps
+ subPath: fluent-bit-service.conf
+ - mountPath: /fluent-bit/etc/fluent-bit-input.conf
+ name: xray-configmaps
+ subPath: fluent-bit-input.conf
+ - mountPath: /fluent-bit/etc/fluent-bit-output.conf
+ name: xray-configmaps
+ subPath: fluent-bit-output.conf
+ - mountPath: /fluent-bit/etc/parsers.conf
+ name: xray-configmaps
+ subPath: parsers.conf
+
+ customVolumes: |
+ - name: fluentdb
+ emptyDir: {}
diff --git a/stable/artifactory-cpp-ce/CHANGELOG.md b/stable/artifactory-cpp-ce/CHANGELOG.md
index 4f980f2fa..806b281f2 100644
--- a/stable/artifactory-cpp-ce/CHANGELOG.md
+++ b/stable/artifactory-cpp-ce/CHANGELOG.md
@@ -1,7 +1,7 @@
# JFrog Artifactory CE for C++ Chart Changelog
All changes to this chart will be documented in this file
-## [107.71.3] - Jul 20, 2023
+## [107.71.11] - Jul 20, 2023
* Disabled federation services when splitServicesToContainers=true
## [107.45.0] - Aug 25, 2022
diff --git a/stable/artifactory-cpp-ce/Chart.yaml b/stable/artifactory-cpp-ce/Chart.yaml
index 9e498a672..0006d064c 100644
--- a/stable/artifactory-cpp-ce/Chart.yaml
+++ b/stable/artifactory-cpp-ce/Chart.yaml
@@ -1,9 +1,9 @@
apiVersion: v2
-appVersion: 7.71.3
+appVersion: 7.71.11
dependencies:
- name: artifactory
repository: file://charts/artifactory
- version: 107.71.3
+ version: 107.71.11
description: JFrog Artifactory CE for C++
home: https://www.jfrog.com/artifactory/
icon: https://raw.githubusercontent.com/jfrog/charts/master/stable/artifactory-cpp-ce/logo/conan.png
@@ -21,4 +21,4 @@ name: artifactory-cpp-ce
sources:
- https://github.com/jfrog/charts
type: application
-version: 107.71.3
+version: 107.71.11
diff --git a/stable/artifactory-cpp-ce/values.yaml b/stable/artifactory-cpp-ce/values.yaml
index 965680a97..dc7bfc450 100644
--- a/stable/artifactory-cpp-ce/values.yaml
+++ b/stable/artifactory-cpp-ce/values.yaml
@@ -72,5 +72,5 @@ router:
tag: 7.81.0
logger:
image:
- tag: 9.2.717
-initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.2.717
+ tag: 9.2.750.1697534106
+initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.2.750.1697534106
diff --git a/stable/artifactory-ha/CHANGELOG.md b/stable/artifactory-ha/CHANGELOG.md
index 596ec37d3..2c0869acb 100644
--- a/stable/artifactory-ha/CHANGELOG.md
+++ b/stable/artifactory-ha/CHANGELOG.md
@@ -1,10 +1,13 @@
# JFrog Artifactory-ha Chart Changelog
All changes to this chart will be documented in this file
-## [107.71.4] - Oct 27, 2023
+## [107.71.11] - Nov 15, 2023
+* Fixed - StatefulSet pod annotations changed from range to toYaml [GH-1828](https://github.com/jfrog/charts/issues/1828)
+* Fixed - Invalid format for awsS3V3 `multiPartLimit,multipartElementSize` in binarystore.xml
+* Fixed - Artifactory primary service condition
* Added support for custom labels in the Nginx pods
-## [107.71.3] - Sep 18, 2023
+## [107.69.0] - Sep 18, 2023
* Adjust rtfs context
* Fixed - Metadata service does not respect customVolumeMounts for DB CAs [GH-1815](https://github.com/jfrog/charts/issues/1815)
diff --git a/stable/artifactory-ha/Chart.yaml b/stable/artifactory-ha/Chart.yaml
index 0fdead944..c2551830f 100644
--- a/stable/artifactory-ha/Chart.yaml
+++ b/stable/artifactory-ha/Chart.yaml
@@ -1,5 +1,5 @@
apiVersion: v2
-appVersion: 7.71.3
+appVersion: 7.71.11
dependencies:
- condition: postgresql.enabled
name: postgresql
@@ -21,4 +21,4 @@ name: artifactory-ha
sources:
- https://github.com/jfrog/charts
type: application
-version: 107.71.3
+version: 107.71.11
diff --git a/stable/artifactory-ha/files/binarystore.xml b/stable/artifactory-ha/files/binarystore.xml
index 358466279..f6b99dbe0 100644
--- a/stable/artifactory-ha/files/binarystore.xml
+++ b/stable/artifactory-ha/files/binarystore.xml
@@ -294,10 +294,10 @@
{{ . }}
{{- end }}
{{- with .multiPartLimit }}
- {{ . }}
+ {{ . | int64 }}
{{- end }}
{{- with .multipartElementSize }}
- {{ . }}
+ {{ . | int64 }}
{{- end }}
{{- end }}
diff --git a/stable/artifactory-ha/templates/artifactory-node-statefulset.yaml b/stable/artifactory-ha/templates/artifactory-node-statefulset.yaml
index ed5cb959c..a0f738f72 100644
--- a/stable/artifactory-ha/templates/artifactory-node-statefulset.yaml
+++ b/stable/artifactory-ha/templates/artifactory-node-statefulset.yaml
@@ -48,8 +48,8 @@ spec:
{{- else }}
checksum/artifactory-unified-secret: {{ include (print $.Template.BasePath "/artifactory-unified-secret.yaml") . | sha256sum }}
{{- end }}
- {{- range $key, $value := .Values.artifactory.annotations }}
- {{ $key }}: {{ tpl $value $ | quote }}
+ {{- with .Values.artifactory.annotations }}
+{{ toYaml . | indent 8 }}
{{- end }}
spec:
{{- if .Values.artifactory.schedulerName }}
diff --git a/stable/artifactory-ha/templates/artifactory-primary-service.yaml b/stable/artifactory-ha/templates/artifactory-primary-service.yaml
index 2c1eeac1a..0298cbb3d 100644
--- a/stable/artifactory-ha/templates/artifactory-primary-service.yaml
+++ b/stable/artifactory-ha/templates/artifactory-primary-service.yaml
@@ -1,4 +1,4 @@
-{{- if gt (.Values.artifactory.node.replicaCount | int) 0 -}}
+{{- if gt (.Values.artifactory.primary.replicaCount | int) 0 -}}
# Internal service for Artifactory primary node only!
# Used by member nodes to check readiness of primary node before starting up
apiVersion: v1
diff --git a/stable/artifactory-ha/templates/artifactory-primary-statefulset.yaml b/stable/artifactory-ha/templates/artifactory-primary-statefulset.yaml
index 73ce3abf3..b13bf5cc6 100644
--- a/stable/artifactory-ha/templates/artifactory-primary-statefulset.yaml
+++ b/stable/artifactory-ha/templates/artifactory-primary-statefulset.yaml
@@ -66,8 +66,8 @@ spec:
{{- else }}
checksum/artifactory-unified-secret: {{ include (print $.Template.BasePath "/artifactory-unified-secret.yaml") . | sha256sum }}
{{- end }}
- {{- range $key, $value := .Values.artifactory.annotations }}
- {{ $key }}: {{ tpl $value $ | quote }}
+ {{- with .Values.artifactory.annotations }}
+{{ toYaml . | indent 8 }}
{{- end }}
spec:
{{- if .Values.artifactory.schedulerName }}
diff --git a/stable/artifactory-ha/values.yaml b/stable/artifactory-ha/values.yaml
index 5ed9fc20b..34b9c53dd 100644
--- a/stable/artifactory-ha/values.yaml
+++ b/stable/artifactory-ha/values.yaml
@@ -41,7 +41,7 @@ global:
## String to fully override artifactory-ha.fullname template
##
# fullnameOverride:
-initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.2.717
+initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.2.750.1697534106
installer:
type:
platform:
@@ -214,7 +214,7 @@ logger:
image:
registry: releases-docker.jfrog.io
repository: ubi9/ubi-minimal
- tag: 9.2.717
+ tag: 9.2.750.1697534106
## You can use a pre-existing secret with keys license_token and iam_role by specifying licenseConfigSecretName
## Example : Create a generic secret using `kubectl create secret generic --from-literal=license_token=${TOKEN} --from-literal=iam_role=${ROLE_ARN}`
aws:
diff --git a/stable/artifactory-jcr/CHANGELOG.md b/stable/artifactory-jcr/CHANGELOG.md
index f195e3390..d1b60c7ee 100644
--- a/stable/artifactory-jcr/CHANGELOG.md
+++ b/stable/artifactory-jcr/CHANGELOG.md
@@ -1,7 +1,7 @@
# JFrog Container Registry Chart Changelog
All changes to this chart will be documented in this file.
-## [107.71.3] - Jul 20, 2023
+## [107.71.11] - Jul 20, 2023
* Disabled federation services when splitServicesToContainers=true
## [107.45.0] - Aug 25, 2022
diff --git a/stable/artifactory-jcr/Chart.yaml b/stable/artifactory-jcr/Chart.yaml
index 3b6ad23f2..264340db5 100644
--- a/stable/artifactory-jcr/Chart.yaml
+++ b/stable/artifactory-jcr/Chart.yaml
@@ -1,9 +1,9 @@
apiVersion: v2
-appVersion: 7.71.3
+appVersion: 7.71.11
dependencies:
- name: artifactory
repository: file://charts/artifactory
- version: 107.71.3
+ version: 107.71.11
description: JFrog Container Registry
home: https://jfrog.com/container-registry/
icon: https://raw.githubusercontent.com/jfrog/charts/master/stable/artifactory-jcr/logo/jcr-logo.png
@@ -22,4 +22,4 @@ name: artifactory-jcr
sources:
- https://github.com/jfrog/charts
type: application
-version: 107.71.3
+version: 107.71.11
diff --git a/stable/artifactory-jcr/values.yaml b/stable/artifactory-jcr/values.yaml
index 7430b69eb..b2b2cb3e8 100644
--- a/stable/artifactory-jcr/values.yaml
+++ b/stable/artifactory-jcr/values.yaml
@@ -72,5 +72,5 @@ router:
tag: 7.81.0
logger:
image:
- tag: 9.2.717
-initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.2.717
+ tag: 9.2.750.1697534106
+initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.2.750.1697534106
diff --git a/stable/artifactory-oss/CHANGELOG.md b/stable/artifactory-oss/CHANGELOG.md
index ec1e228a2..8c6b9f09e 100644
--- a/stable/artifactory-oss/CHANGELOG.md
+++ b/stable/artifactory-oss/CHANGELOG.md
@@ -1,7 +1,7 @@
# JFrog Artifactory OSS Chart Changelog
All changes to this chart will be documented in this file
-## [107.71.3] - Jul 20, 2023
+## [107.71.11] - Jul 20, 2023
* Disabled federation services when splitServicesToContainers=true
## [107.45.0] - Aug 25, 2022
diff --git a/stable/artifactory-oss/Chart.yaml b/stable/artifactory-oss/Chart.yaml
index 95e9616ff..af8301701 100644
--- a/stable/artifactory-oss/Chart.yaml
+++ b/stable/artifactory-oss/Chart.yaml
@@ -1,9 +1,9 @@
apiVersion: v2
-appVersion: 7.71.3
+appVersion: 7.71.11
dependencies:
- name: artifactory
repository: file://charts/artifactory
- version: 107.71.3
+ version: 107.71.11
description: JFrog Artifactory OSS
home: https://www.jfrog.com/artifactory/
icon: https://raw.githubusercontent.com/jfrog/charts/master/stable/artifactory/logo/artifactory-logo.png
@@ -20,4 +20,4 @@ name: artifactory-oss
sources:
- https://github.com/jfrog/charts
type: application
-version: 107.71.3
+version: 107.71.11
diff --git a/stable/artifactory-oss/values.yaml b/stable/artifactory-oss/values.yaml
index 638adf619..51885f553 100644
--- a/stable/artifactory-oss/values.yaml
+++ b/stable/artifactory-oss/values.yaml
@@ -72,5 +72,5 @@ router:
tag: 7.81.0
logger:
image:
- tag: 9.2.717
-initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.2.717
+ tag: 9.2.750.1697534106
+initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.2.750.1697534106
diff --git a/stable/artifactory/CHANGELOG.md b/stable/artifactory/CHANGELOG.md
index 50c214fc9..9786d1eb1 100644
--- a/stable/artifactory/CHANGELOG.md
+++ b/stable/artifactory/CHANGELOG.md
@@ -1,10 +1,12 @@
# JFrog Artifactory Chart Changelog
All changes to this chart will be documented in this file.
-## [107.71.4] - Oct 27, 2023
+## [107.71.11] - Oct 31, 2023
+* Fixed - StatefulSet pod annotations changed from range to toYaml [GH-1828](https://github.com/jfrog/charts/issues/1828)
+* Fixed - Invalid format for awsS3V3 `multiPartLimit,multipartElementSize` in binarystore.xml
* Added support for custom labels in the Nginx pods
-## [107.71.3] - Sep 18, 2023
+## [107.69.0] - Sep 18, 2023
* Adjust rtfs context
* Fixed - Metadata service does not respect customVolumeMounts for DB CAs [GH-1815](https://github.com/jfrog/charts/issues/1815)
diff --git a/stable/artifactory/Chart.yaml b/stable/artifactory/Chart.yaml
index c4f4dbe9f..753e010e1 100644
--- a/stable/artifactory/Chart.yaml
+++ b/stable/artifactory/Chart.yaml
@@ -1,5 +1,5 @@
apiVersion: v2
-appVersion: 7.71.4
+appVersion: 7.71.11
dependencies:
- condition: postgresql.enabled
name: postgresql
@@ -21,4 +21,4 @@ name: artifactory
sources:
- https://github.com/jfrog/charts
type: application
-version: 107.71.4
+version: 107.71.11
diff --git a/stable/artifactory/files/binarystore.xml b/stable/artifactory/files/binarystore.xml
index 8b2ba01f1..43dd1cd95 100644
--- a/stable/artifactory/files/binarystore.xml
+++ b/stable/artifactory/files/binarystore.xml
@@ -280,10 +280,10 @@
{{ . }}
{{- end }}
{{- with .multiPartLimit }}
- {{ . }}
+ {{ . | int64 }}
{{- end }}
{{- with .multipartElementSize }}
- {{ . }}
+ {{ . | int64 }}
{{- end }}
{{- end }}
diff --git a/stable/artifactory/templates/artifactory-statefulset.yaml b/stable/artifactory/templates/artifactory-statefulset.yaml
index 3b6308b31..5a63f9c46 100644
--- a/stable/artifactory/templates/artifactory-statefulset.yaml
+++ b/stable/artifactory/templates/artifactory-statefulset.yaml
@@ -68,8 +68,8 @@ spec:
{{- else }}
checksum/artifactory-unified-secret: {{ include (print $.Template.BasePath "/artifactory-unified-secret.yaml") . | sha256sum }}
{{- end }}
- {{- range $key, $value := .Values.artifactory.annotations }}
- {{ $key }}: {{ tpl $value $ | quote }}
+ {{- with .Values.artifactory.annotations }}
+{{ toYaml . | indent 8 }}
{{- end }}
spec:
{{- if .Values.artifactory.schedulerName }}
diff --git a/stable/artifactory/values.yaml b/stable/artifactory/values.yaml
index 55aa61cb3..02311d737 100644
--- a/stable/artifactory/values.yaml
+++ b/stable/artifactory/values.yaml
@@ -42,7 +42,7 @@ global:
## String to fully override artifactory.fullname template
##
# fullnameOverride:
-initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.2.717
+initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.2.750.1697534106
# Init containers
initContainers:
resources:
@@ -162,7 +162,7 @@ logger:
image:
registry: releases-docker.jfrog.io
repository: ubi9/ubi-minimal
- tag: 9.2.717
+ tag: 9.2.750.1697534106
## You can use a pre-existing secret with keys license_token and iam_role by specifying licenseConfigSecretName
## Example : Create a generic secret using `kubectl create secret generic --from-literal=license_token=${TOKEN} --from-literal=iam_role=${ROLE_ARN}`
aws:
diff --git a/stable/distribution/.helmignore b/stable/distribution/.helmignore
index c7eb1e274..b6e97f07f 100644
--- a/stable/distribution/.helmignore
+++ b/stable/distribution/.helmignore
@@ -19,4 +19,6 @@
.project
.idea/
*.tmproj
-OWNERS
\ No newline at end of file
+OWNERS
+
+tests/
\ No newline at end of file
diff --git a/stable/distribution/CHANGELOG.md b/stable/distribution/CHANGELOG.md
index 5daf66593..2a8e75dfb 100644
--- a/stable/distribution/CHANGELOG.md
+++ b/stable/distribution/CHANGELOG.md
@@ -1,7 +1,15 @@
# JFrog Distribution Chart Changelog
All changes to this project chart be documented in this file.
-## [102.20.3] - Aug 29, 2023
+## [102.21.3] - Nov 22, 2023
+* Fixed - StatefulSet pod annotations changed from range to toYaml [GH-1828](https://github.com/jfrog/charts/issues/1828)
+* Removed default hardcoded javaOpts `-Xms2g -Xmx4g` from distribution.sh file
+
+## [102.20.1] - Sep 18, 2023
+* Reverted - Enabled `unifiedSecretInstallation` by default [GH-1819](https://github.com/jfrog/charts/issues/1819)
+* Added NewRelic APM agent integration
+
+## [102.20.0] - Aug 29, 2023
* Updated redis version tag to `7.2.0-debian-11-r2`
* Enabled `unifiedSecretInstallation` by default
diff --git a/stable/distribution/Chart.yaml b/stable/distribution/Chart.yaml
index 7a425b364..ed420b2e0 100644
--- a/stable/distribution/Chart.yaml
+++ b/stable/distribution/Chart.yaml
@@ -1,5 +1,5 @@
apiVersion: v2
-appVersion: 2.20.3
+appVersion: 2.21.3
dependencies:
- condition: postgresql.enabled
name: postgresql
@@ -19,4 +19,4 @@ name: distribution
sources:
- https://github.com/jfrog/charts
type: application
-version: 102.20.3
+version: 102.21.3
diff --git a/stable/distribution/ci/newrelic-values.yaml b/stable/distribution/ci/newrelic-values.yaml
new file mode 100644
index 000000000..861bcc50e
--- /dev/null
+++ b/stable/distribution/ci/newrelic-values.yaml
@@ -0,0 +1,56 @@
+newRelic:
+ apm:
+ enabled: true
+ appName: "ci-test"
+ licenseKey: "123456789"
+ version: 8.6.0
+ logLevel: severe
+ downloadUrl: https://download.newrelic.com
+ downloadPath: newrelic/java-agent/newrelic-agent/{{ .Values.newRelic.apm.version }}
+ downloadFile: newrelic-agent-{{ .Values.newRelic.apm.version }}.jar
+
+distribution:
+ jfrogUrl: http://artifactory.rt:8082
+ persistence:
+ enabled: false
+ resources:
+ requests:
+ memory: "1Gi"
+ cpu: "1"
+ limits:
+ memory: "3Gi"
+ cpu: "2"
+
+postgresql:
+ postgresqlPassword: password
+ persistence:
+ enabled: false
+
+redis:
+ persistence:
+ enabled: false
+ resources:
+ requests:
+ memory: "512Mi"
+ cpu: "1"
+ limits:
+ memory: "1Gi"
+ cpu: "1"
+
+router:
+ resources:
+ requests:
+ memory: "100Mi"
+ cpu: "100m"
+ limits:
+ memory: "1Gi"
+ cpu: "1"
+
+observability:
+ resources:
+ requests:
+ memory: "100Mi"
+ cpu: "100m"
+ limits:
+ memory: "1Gi"
+ cpu: "1"
diff --git a/stable/distribution/ci/test-values.yaml b/stable/distribution/ci/test-values.yaml
index be3e92f30..812b1210a 100644
--- a/stable/distribution/ci/test-values.yaml
+++ b/stable/distribution/ci/test-values.yaml
@@ -29,7 +29,7 @@ redis:
distribution:
jfrogUrl: http://artifactory.rt:8082
- unifiedSecretInstallation: true
+ unifiedSecretInstallation: false
persistence:
enabled: false
annotations:
diff --git a/stable/distribution/templates/distribution-newrelic.yaml b/stable/distribution/templates/distribution-newrelic.yaml
new file mode 100644
index 000000000..269efea03
--- /dev/null
+++ b/stable/distribution/templates/distribution-newrelic.yaml
@@ -0,0 +1,129 @@
+{{- if .Values.newRelic.apm.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ template "distribution.fullname" . }}-newrelic-apm-config
+ labels:
+ app: {{ template "distribution.name" . }}
+ chart: {{ template "distribution.chart" . }}
+ heritage: {{ .Release.Service }}
+ release: {{ .Release.Name }}
+data:
+ newrelic.yml: |-
+ common: &default_settings
+ license_key: {{ .Values.newRelic.apm.licenseKey }}
+ agent_enabled: {{ .Values.newRelic.apm.enabled }}
+ app_name: {{ .Values.newRelic.apm.appName }}
+ high_security: false
+ enable_auto_app_naming: false
+ enable_auto_transaction_naming: true
+ audit_mode: false
+ log_level: {{ .Values.newRelic.apm.logLevel }}
+ log_file_count: 1
+ log_limit_in_kbytes: 100000
+ log_daily: false
+ log_file_path: {{ .Values.distribution.persistence.mountPath }}/log
+ log_file_name: newrelic_apm_agent.log
+
+ application_logging:
+ enabled: true
+ forwarding:
+ enabled: true
+ context_data:
+ enabled: false
+ metrics:
+ enabled: true
+ code_level_metrics:
+ enabled: true
+
+ max_stack_trace_lines: 30
+ attributes:
+ enabled: true
+
+ transaction_tracer:
+ enabled: true
+ transaction_threshold: apdex_f
+ record_sql: obfuscated
+ log_sql: false
+ stack_trace_threshold: 0.5
+ explain_enabled: true
+ explain_threshold: 0.5
+ top_n: 20
+
+ error_collector:
+ enabled: true
+ ignore_classes:
+ - "akka.actor.ActorKilledException"
+ ignore_status_codes: 404
+
+ transaction_events:
+ enabled: true
+ max_samples_stored: 2000
+
+ distributed_tracing:
+ enabled: true
+ exclude_newrelic_header: false
+
+ span_events:
+ enabled: true
+ max_samples_stored: 2000
+ attributes:
+ enabled: true
+
+ thread_profiler:
+ enabled: true
+
+ browser_monitoring:
+ auto_instrument: true
+
+ class_transformer:
+ com.newrelic.instrumentation.servlet-user:
+ enabled: false
+
+ com.newrelic.instrumentation.spring-aop-2:
+ enabled: false
+
+ com.newrelic.instrumentation.jdbc-resultset:
+ enabled: false
+
+ classloader_excludes:
+ groovy.lang.GroovyClassLoader$InnerLoader,
+ org.codehaus.groovy.runtime.callsite.CallSiteClassLoader,
+ com.collaxa.cube.engine.deployment.BPELClassLoader,
+ org.springframework.data.convert.ClassGeneratingEntityInstantiator$ObjectInstantiatorClassGenerator,
+ org.mvel2.optimizers.impl.asm.ASMAccessorOptimizer$ContextClassLoader,
+ gw.internal.gosu.compiler.SingleServingGosuClassLoader,
+
+ jfr:
+ enabled: false
+ audit_logging: false
+
+ labels:
+ # An example label
+ #label_name: label_value
+
+ security:
+ enabled: false
+ mode: IAST
+ validator_service_url: wss://csec.nr-data.net
+ agent:
+ enabled: false
+ detection:
+ rci:
+ enabled: true
+ rxss:
+ enabled: true
+ deserialization:
+ enabled: true
+
+ development:
+ <<: *default_settings
+ app_name: My Application (Development)
+
+ staging:
+ <<: *default_settings
+ app_name: My Application (Staging)
+
+ production:
+ <<: *default_settings
+{{- end }}
diff --git a/stable/distribution/templates/distribution-statefulset.yaml b/stable/distribution/templates/distribution-statefulset.yaml
index 68021fe0c..b0e5ca638 100644
--- a/stable/distribution/templates/distribution-statefulset.yaml
+++ b/stable/distribution/templates/distribution-statefulset.yaml
@@ -49,8 +49,8 @@ spec:
{{- else }}
checksum/distribution-unified-secret: {{ include (print $.Template.BasePath "/distribution-unified-secret.yaml") . | sha256sum }}
{{- end }}
- {{- range $key, $value := .Values.distribution.annotations }}
- {{ $key }}: {{ $value | quote }}
+ {{- with .Values.distribution.annotations }}
+{{ toYaml . | indent 8 }}
{{- end }}
spec:
{{- if .Values.distribution.schedulerName }}
@@ -81,7 +81,7 @@ spec:
{{- if or .Values.common.customInitContainersBegin .Values.global.customInitContainersBegin }}
{{ tpl (include "distribution.customInitContainersBegin" .) . | indent 6 }}
{{- end }}
- - name: 'copy-system-yaml'
+ - name: 'copy-system-configurations'
image: '{{ .Values.initContainerImage }}'
securityContext:
runAsNonRoot: true
@@ -94,28 +94,36 @@ spec:
command:
- '/bin/bash'
- '-c'
- - >
- sleep 30;
- if [[ -e "{{ .Values.distribution.persistence.mountPath }}/etc/filebeat.yaml" ]]; then chmod 644 {{ .Values.distribution.persistence.mountPath }}/etc/filebeat.yaml; fi;
- echo "Copy system.yaml to {{ .Values.distribution.persistence.mountPath }}/etc";
- mkdir -p {{ .Values.distribution.persistence.mountPath }}/etc;
- {{- if .Values.systemYamlOverride.existingSecret }}
- cp -fv /tmp/etc/{{ .Values.systemYamlOverride.dataKey }} {{ .Values.distribution.persistence.mountPath }}/etc/system.yaml;
- {{- else }}
- cp -fv /tmp/etc/system.yaml {{ .Values.distribution.persistence.mountPath }}/etc/system.yaml;
- {{- end }}
- echo "Remove {{ .Values.distribution.persistence.mountPath }}/lost+found folder if exists";
- rm -rfv {{ .Values.distribution.persistence.mountPath }}/lost+found;
- {{- if or .Values.distribution.joinKey .Values.distribution.joinKeySecretName .Values.global.joinKey .Values.global.joinKeySecretName }}
- echo "Copy joinKey to {{ .Values.distribution.persistence.mountPath }}/etc/security";
- mkdir -p {{ .Values.distribution.persistence.mountPath }}/etc/security;
- echo ${DISTRIBUTION_JOIN_KEY} > {{ .Values.distribution.persistence.mountPath }}/etc/security/join.key;
- {{- end }}
- {{- if or .Values.distribution.masterKey .Values.distribution.masterKeySecretName .Values.global.masterKey .Values.global.masterKeySecretName }}
- echo "Copy masterKey to {{ .Values.distribution.persistence.mountPath }}/etc/security";
- mkdir -p {{ .Values.distribution.persistence.mountPath }}/etc/security;
- echo ${DISTRIBUTION_MASTER_KEY} > {{ .Values.distribution.persistence.mountPath }}/etc/security/master.key;
- {{- end }}
+ - |
+ if [[ -e "{{ .Values.distribution.persistence.mountPath }}/etc/filebeat.yaml" ]]; then
+ chmod 644 {{ .Values.distribution.persistence.mountPath }}/etc/filebeat.yaml
+ fi
+ echo "Copy system.yaml to {{ .Values.distribution.persistence.mountPath }}/etc"
+ mkdir -p {{ .Values.distribution.persistence.mountPath }}/etc
+ {{- if .Values.systemYamlOverride.existingSecret }}
+ cp -fv /tmp/etc/{{ .Values.systemYamlOverride.dataKey }} {{ .Values.distribution.persistence.mountPath }}/etc/system.yaml
+ {{- else }}
+ cp -fv /tmp/etc/system.yaml {{ .Values.distribution.persistence.mountPath }}/etc/system.yaml
+ {{- end }}
+ echo "Remove {{ .Values.distribution.persistence.mountPath }}/lost+found folder if exists"
+ rm -rfv {{ .Values.distribution.persistence.mountPath }}/lost+found
+ {{- if or .Values.distribution.joinKey .Values.distribution.joinKeySecretName .Values.global.joinKey .Values.global.joinKeySecretName }}
+ echo "Copy joinKey to {{ .Values.distribution.persistence.mountPath }}/etc/security"
+ mkdir -p {{ .Values.distribution.persistence.mountPath }}/etc/security
+ echo ${DISTRIBUTION_JOIN_KEY} > {{ .Values.distribution.persistence.mountPath }}/etc/security/join.key
+ {{- end }}
+ {{- if or .Values.distribution.masterKey .Values.distribution.masterKeySecretName .Values.global.masterKey .Values.global.masterKeySecretName }}
+ echo "Copy masterKey to {{ .Values.distribution.persistence.mountPath }}/etc/security"
+ mkdir -p {{ .Values.distribution.persistence.mountPath }}/etc/security
+ echo ${DISTRIBUTION_MASTER_KEY} > {{ .Values.distribution.persistence.mountPath }}/etc/security/master.key
+ {{- end }}
+ {{- if .Values.newRelic.apm.enabled }}
+ echo "Download NewRelic Java APM agent"
+ mkdir -p {{ .Values.distribution.persistence.mountPath }}/etc/newrelic/
+ curl {{ .Values.newRelic.apm.downloadUrl }}/{{ tpl .Values.newRelic.apm.downloadPath . }}/{{ tpl .Values.newRelic.apm.downloadFile . }} \
+ -o {{ .Values.distribution.persistence.mountPath }}/etc/newrelic/newrelic.jar
+ cp -f /tmp/newrelic/newrelic.yml {{ .Values.distribution.persistence.mountPath }}/etc/newrelic/
+ {{- end }}
env:
{{- if or .Values.distribution.joinKey .Values.distribution.joinKeySecretName .Values.global.joinKey .Values.global.joinKeySecretName }}
- name: DISTRIBUTION_JOIN_KEY
@@ -142,6 +150,11 @@ spec:
volumeMounts:
- name: distribution-data
mountPath: {{ .Values.distribution.persistence.mountPath | quote }}
+ {{- if .Values.newRelic.apm.enabled }}
+ - name: newrelic-config
+ mountPath: /tmp/newrelic/newrelic.yml
+ subPath: newrelic.yml
+ {{- end }}
{{- if or .Values.systemYamlOverride.existingSecret .Values.distribution.systemYaml }}
{{- if not .Values.distribution.unifiedSecretInstallation }}
- name: systemyaml
@@ -635,6 +648,11 @@ spec:
configMap:
name: {{ template "distribution.fullname" . }}-logger
{{- end }}
+ {{- if .Values.newRelic.apm.enabled }}
+ - name: newrelic-config
+ configMap:
+ name: {{ template "distribution.fullname" . }}-newrelic-apm-config
+ {{- end }}
{{- if .Values.filebeat.enabled }}
- name: filebeat-config
configMap:
diff --git a/stable/distribution/values.yaml b/stable/distribution/values.yaml
index 1445b9fa9..b7c9e0bde 100644
--- a/stable/distribution/values.yaml
+++ b/stable/distribution/values.yaml
@@ -42,7 +42,7 @@ global:
## String to fully override distribution.fullname template
##
# fullnameOverride:
-initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.1.0.1793
+initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.2.750.1697534106
# Init containers
initContainers:
resources:
@@ -332,7 +332,7 @@ logger:
image:
registry: releases-docker.jfrog.io
repository: ubi9/ubi-minimal
- tag: 9.1.0.1793
+ tag: 9.2.750.1697534106
distribution:
name: distribution
## Note that by default we use appVersion to get image tag/version
@@ -342,7 +342,7 @@ distribution:
# tag:
imagePullPolicy: IfNotPresent
# unifiedSecretInstallation flag enables single unified secret holding all the distribution secrets
- unifiedSecretInstallation: true
+ unifiedSecretInstallation: false
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
schedulerName:
# Create a priority class for the Distribution pod or use an existing one
@@ -420,6 +420,9 @@ distribution:
{{- end }}
distribution:
extraJavaOpts: >
+ {{- if .Values.newRelic.apm.enabled }}
+ -javaagent:{{ .Values.distribution.persistence.mountPath }}/etc/newrelic/newrelic.jar
+ {{- end }}
{{- with .Values.distribution.javaOpts }}
{{- if .xms }}
-Xms{{ .xms }}
@@ -553,7 +556,7 @@ router:
image:
registry: releases-docker.jfrog.io
repository: jfrog/router
- tag: 7.73.0
+ tag: 7.87.0
imagePullPolicy: IfNotPresent
serviceRegistry:
## Service registry (Access) TLS verification skipped if enabled
@@ -634,7 +637,7 @@ observability:
image:
registry: releases-docker.jfrog.io
repository: jfrog/observability
- tag: 1.13.6
+ tag: 1.17.0
imagePullPolicy: IfNotPresent
internalPort: 8036
resources: {}
@@ -777,3 +780,15 @@ serviceMonitor:
kubePromFullName: ""
namespaceSelector: {}
selector: {}
+## @param newRelic Specify NewRelic APM integration settings
+## https://docs.newrelic.com/docs/apm/agents/java-agent/configuration/java-agent-configuration-config-file/
+newRelic:
+ apm:
+ enabled: false
+ appName: ""
+ version: 8.6.0
+ licenseKey: ""
+ logLevel: info
+ downloadUrl: https://download.newrelic.com
+ downloadPath: newrelic/java-agent/newrelic-agent/{{ .Values.newRelic.apm.version }}
+ downloadFile: newrelic-agent-{{ .Values.newRelic.apm.version }}.jar
diff --git a/stable/insight/.helmignore b/stable/insight/.helmignore
index c7eb1e274..b6e97f07f 100644
--- a/stable/insight/.helmignore
+++ b/stable/insight/.helmignore
@@ -19,4 +19,6 @@
.project
.idea/
*.tmproj
-OWNERS
\ No newline at end of file
+OWNERS
+
+tests/
\ No newline at end of file
diff --git a/stable/insight/CHANGELOG.md b/stable/insight/CHANGELOG.md
index 80354d75d..8b9531213 100644
--- a/stable/insight/CHANGELOG.md
+++ b/stable/insight/CHANGELOG.md
@@ -1,7 +1,10 @@
# JFrog Insights Chart Changelog
All changes to this chart will be documented in this file.
-## [101.15.4] - Mar 21, 2023
+## [101.16.5] - Oct 17, 2023
+* Fixed - StatefulSet pod annotations changed from range to toYaml [GH-1828](https://github.com/jfrog/charts/issues/1828)
+
+## [101.15.0] - Sep 18, 2023
* Updated postgresql multi-arch tag version to `13.10.0-debian-11-r14`
## [101.14.0] - Mar 02, 2023
diff --git a/stable/insight/Chart.yaml b/stable/insight/Chart.yaml
index 79446a5d2..8c8554d15 100644
--- a/stable/insight/Chart.yaml
+++ b/stable/insight/Chart.yaml
@@ -1,5 +1,5 @@
apiVersion: v2
-appVersion: 1.15.4
+appVersion: 1.16.5
dependencies:
- condition: postgresql.enabled
name: postgresql
@@ -19,4 +19,4 @@ name: insight
sources:
- https://github.com/jfrog/charts
type: application
-version: 101.15.4
+version: 101.16.5
diff --git a/stable/insight/ci/test-values.yaml b/stable/insight/ci/test-values.yaml
index 0c94b3b57..fe40cef2f 100644
--- a/stable/insight/ci/test-values.yaml
+++ b/stable/insight/ci/test-values.yaml
@@ -5,7 +5,7 @@ unifiedUpgradeAllowed: true
databaseUpgradeReady: true
insightServer:
jfrogUrl: http://artifactory.rt:8082
- unifiedSecretInstallation: true
+ unifiedSecretInstallation: false
openMetrics:
enabled: true
extraEnvironmentVariables:
diff --git a/stable/insight/templates/insight-statefulset.yaml b/stable/insight/templates/insight-statefulset.yaml
index 3bdc10f73..ad10a4c48 100644
--- a/stable/insight/templates/insight-statefulset.yaml
+++ b/stable/insight/templates/insight-statefulset.yaml
@@ -47,8 +47,8 @@ spec:
{{- else }}
checksum/insightServer-unified-secret: {{ include (print $.Template.BasePath "/insightServer-unified-secret.yaml") . | sha256sum }}
{{- end }}
- {{- range $key, $value := .Values.insightServer.annotations }}
- {{ $key }}: {{ $value | quote }}
+ {{- with .Values.insightServer.annotations }}
+{{ toYaml . | indent 8 }}
{{- end }}
spec:
{{- if .Values.insightServer.schedulerName }}
diff --git a/stable/insight/values.yaml b/stable/insight/values.yaml
index ef6b4fc47..bb72dd2a4 100644
--- a/stable/insight/values.yaml
+++ b/stable/insight/values.yaml
@@ -40,7 +40,7 @@ global:
## Fully override insight.fullname template
# fullnameOverride:
-initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.1.0.1793
+initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.2.750.1697534106
# For supporting pulling from private registries
imagePullSecrets:
# - myRegistryKeySecretName
@@ -396,7 +396,7 @@ logger:
image:
registry: releases-docker.jfrog.io
repository: ubi9/ubi-minimal
- tag: 9.1.0.1793
+ tag: 9.2.750.1697534106
insightServer:
name: insight-server
## Note that by default we use appVersion to get image tag/version
@@ -727,7 +727,7 @@ router:
image:
registry: releases-docker.jfrog.io
repository: jfrog/router
- tag: 7.78.0
+ tag: 7.87.0
imagePullPolicy: IfNotPresent
serviceRegistry:
## Service registry (Access) TLS verification skipped if enabled
diff --git a/stable/jfrog-platform/CHANGELOG.md b/stable/jfrog-platform/CHANGELOG.md
index 7089b0572..19aef4d29 100644
--- a/stable/jfrog-platform/CHANGELOG.md
+++ b/stable/jfrog-platform/CHANGELOG.md
@@ -1,6 +1,28 @@
# JFrog Platform Chart Changelog (GA releases only)
All changes to this chart will be documented in this file.
+## [10.16.5] - Jan 05, 2024
+* Update dependency artifactory chart version to 107.71.11
+* Update dependency xray chart version to 103.86.10
+* Update dependency insight chart version to 101.16.5
+* Update global.versions.router version to `7.91.0`
+
+## [10.16.4] - Dec 21, 2023
+* Update dependency artifactory chart version to 107.71.9
+* Update dependency xray chart version to 103.86.9
+* Update dependency distribution chart version to 102.21.3
+
+## [10.16.3] - Dec 6, 2023
+* Update dependency artifactory chart version to 107.71.5
+* Update dependency xray chart version to 103.86.4
+* Update dependency insight chart version to 101.16.2
+* Update global.versions.router version to `7.87.0`
+* Fixed an issue to use custom postgres DB port other than default 5432
+
+## [10.16.2] - Nov 10, 2023
+* Update dependency artifactory chart version to 107.71.4
+* Update dependency xray chart version to 103.85.5
+
## [10.16.0] - Oct 26, 2023
* Update dependency artifactory chart version to 107.71.3
* Update dependency xray chart version to 103.83.10
diff --git a/stable/jfrog-platform/Chart.lock b/stable/jfrog-platform/Chart.lock
index d9e233770..2b9589401 100644
--- a/stable/jfrog-platform/Chart.lock
+++ b/stable/jfrog-platform/Chart.lock
@@ -10,18 +10,18 @@ dependencies:
version: 12.10.1
- name: artifactory
repository: https://charts.jfrog.io/
- version: 107.71.3
+ version: 107.71.11
- name: xray
repository: https://charts.jfrog.io/
- version: 103.83.10
+ version: 103.86.10
- name: distribution
repository: https://charts.jfrog.io/
- version: 102.20.3
+ version: 102.21.3
- name: insight
repository: https://charts.jfrog.io/
- version: 101.15.4
+ version: 101.16.5
- name: pipelines
repository: https://charts.jfrog.io/
- version: 101.44.5
-digest: sha256:9be06f4c96b581205f37d4f9403c19d9df5eb919a1a91a08d27c1f535a011a87
-generated: "2023-10-26T11:55:31.32258+05:30"
+ version: 101.49.6
+digest: sha256:e58b9782fa5370c28b3dbb208985e1935a142acf4332b4ae51afd16a7ee34e02
+generated: "2024-01-05T12:11:36.43401+05:30"
diff --git a/stable/jfrog-platform/Chart.yaml b/stable/jfrog-platform/Chart.yaml
index 500dfdeab..9461f40e9 100644
--- a/stable/jfrog-platform/Chart.yaml
+++ b/stable/jfrog-platform/Chart.yaml
@@ -1,5 +1,5 @@
apiVersion: v2
-appVersion: 7.71.3
+appVersion: 7.71.11
dependencies:
- condition: postgresql.enabled
name: postgresql
@@ -16,23 +16,23 @@ dependencies:
- condition: artifactory.enabled
name: artifactory
repository: https://charts.jfrog.io/
- version: 107.71.3
+ version: 107.71.11
- condition: xray.enabled
name: xray
repository: https://charts.jfrog.io/
- version: 103.83.10
+ version: 103.86.10
- condition: distribution.enabled
name: distribution
repository: https://charts.jfrog.io/
- version: 102.20.3
+ version: 102.21.3
- condition: insight.enabled
name: insight
repository: https://charts.jfrog.io/
- version: 101.15.4
+ version: 101.16.5
- condition: pipelines.enabled
name: pipelines
repository: https://charts.jfrog.io/
- version: 101.44.5
+ version: 101.49.6
description: The Helm chart for JFrog Platform (Universal, hybrid, end-to-end DevOps
automation)
home: https://jfrog.com/platform/
@@ -55,4 +55,4 @@ name: jfrog-platform
sources:
- https://github.com/jfrog/charts
type: application
-version: 10.16.0
+version: 10.16.5
diff --git a/stable/jfrog-platform/files/setupPostgres.sh b/stable/jfrog-platform/files/setupPostgres.sh
index 3a7c879f8..69cd53661 100644
--- a/stable/jfrog-platform/files/setupPostgres.sh
+++ b/stable/jfrog-platform/files/setupPostgres.sh
@@ -115,7 +115,7 @@ setupDB(){
## Set Postgres options
[[ -z "${POSTGRES_PATH}" ]] && PSQL=psql || PSQL=${POSTGRES_PATH}/psql
-POSTGRES_OPTIONS="sslmode=${DB_SSL_MODE} --host=${DB_HOST} -U ${PGUSERNAME} -w"
+POSTGRES_OPTIONS="sslmode=${DB_SSL_MODE} --host=${DB_HOST} -p ${DB_PORT} -U ${PGUSERNAME} -w"
init
diff --git a/stable/jfrog-platform/values.yaml b/stable/jfrog-platform/values.yaml
index 298e73249..6d6b815cd 100644
--- a/stable/jfrog-platform/values.yaml
+++ b/stable/jfrog-platform/values.yaml
@@ -23,7 +23,7 @@ global:
## For example : For artifactory, using global.versions.artifactory
## Note: Order of preference is 1) global.versions 2) .Values.artifactory.image.tag 3) Chart.AppVersion
versions:
- router: 7.81.0
+ router: 7.91.0
# artifactory:
# xray:
# distribution:
@@ -224,7 +224,7 @@ redis:
artifactory:
enabled: true
unifiedUpgradeAllowed: true
- installerInfo: '{"productId": "Helm_JFrogPlatform/{{ printf "10.16.0-%s" .Chart.AppVersion }}", "features": [ { "featureId": "Platform/{{ printf "%s-%s" "kubernetes" .Capabilities.KubeVersion.Version }}"}]}'
+ installerInfo: '{"productId": "Helm_JFrogPlatform/{{ printf "10.16.5-%s" .Chart.AppVersion }}", "features": [ { "featureId": "Platform/{{ printf "%s-%s" "kubernetes" .Capabilities.KubeVersion.Version }}"}]}'
postgresql:
enabled: false
waitForDatabase: false
diff --git a/stable/pipelines/CHANGELOG.md b/stable/pipelines/CHANGELOG.md
index 63b168ed0..136c745bf 100644
--- a/stable/pipelines/CHANGELOG.md
+++ b/stable/pipelines/CHANGELOG.md
@@ -1,8 +1,19 @@
# JFrog Pipelines Chart Changelog
All changes to this chart to be documented in this file.
-## [101.44.5] - Aug 7, 2023
+## [101.49.6] - Oct 16, 2023
+* Defined router required service types for pods
+
+## [101.46.2] - Oct 12, 2023
+* Added sidecar container for stepservice logs
+
+## [101.46.0] - Aug 7, 2023
+* Remove nexec microservice
+
+## [101.45.0] - Aug 7, 2023
* Upadate chart version of vault to 0.25.0 to work with 1.25 of kubernetes
+
+## [101.44.0] - Jul 27, 2023
* Added option to stream logs in json
* Add support to work without vault on modifying corresponding flags
* Remove steptrigger from pipelines
@@ -10,22 +21,13 @@ All changes to this chart to be documented in this file.
* Add ability to pass filebeat metric configuration
* Updated nodePollerInterval from 15 seconds to 5 seconds
* Fixed #adding colon in image registry breaks deployment with meta label error
+
+## [101.42.0] - Jun 16, 2023
* Add observability container to non api pods
* Add terminationGracePeriodSeconds for all the pods
-
-## [101.41.3] - Jun 16, 2023
* Add ability to work with redis.fullnameOverride
-* Add support to pass db metric parameters in system.yaml
-* Add hpa api version to autoscaling/v2 for missing conf
-## [101.40.1] - May 31, 2023
-* Handle jfrogUrlUI if nothing is set
-* Added log-service
-* Added step-service
-* Enabled nodepoolservice by default
-* Fix migration script failures on ssl enforced database
-* Fix database SSL details not being passed to nodepoolservice as expected in split mode
-* Fix vault issue with enforced SSL on azure database
+## [101.41.0] - May 31, 2023
* Opens grpc port for nodepoolservice apis.
* Opens http health check port for nodepoolservice
* Add ability to use redis with password
@@ -34,15 +36,21 @@ All changes to this chart to be documented in this file.
* Enable probes on router
* Add readiness to api container
* Fix port for router readiness probe
+* Adds toggle for enabling/disabling anti-affinity spec for k8s node
-## [101.38.1] - Apr 18, 2023
-* Handle jfrogUrlUI if nothing is set
+## [101.40.0] - Apr 25, 2023
+* Added log-service
+* Added step-service
+* Enabled nodepoolservice by default
* Fix migration script failures on ssl enforced database
+* Fix database SSL details not being passed to nodepoolservice as expected in split mode
+* Fix vault issue with enforced SSL on azure database
-## [101.37.3] - Feb 20, 2023
+## [101.36.0] - Feb 23, 2023
* Added build badge feature for pipelines
* Added configuration to use access instead of vault to store secrets
* Retained installer metrics only for db migrations
+* Handle jfrogUrlUI if nothing is set
## [101.35.0] - Feb 06, 2023
* Fixed indentation in nodepoolservice container definition
diff --git a/stable/pipelines/Chart.yaml b/stable/pipelines/Chart.yaml
index eabb61289..7d0e71c08 100644
--- a/stable/pipelines/Chart.yaml
+++ b/stable/pipelines/Chart.yaml
@@ -1,5 +1,5 @@
apiVersion: v2
-appVersion: 1.44.5
+appVersion: 1.49.6
dependencies:
- condition: postgresql.enabled
name: postgresql
@@ -32,4 +32,4 @@ name: pipelines
sources:
- https://github.com/jfrog/charts
type: application
-version: 101.44.5
+version: 101.49.6
diff --git a/stable/pipelines/templates/_helpers.tpl b/stable/pipelines/templates/_helpers.tpl
index b1b36a8f1..2100eec3d 100644
--- a/stable/pipelines/templates/_helpers.tpl
+++ b/stable/pipelines/templates/_helpers.tpl
@@ -126,6 +126,14 @@ The stepservice name
{{- printf "%s-%s-stepservice" $name .Chart.Name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
+{{/*
+The analyticsservice name
+*/}}
+{{- define "pipelines.analyticsservice.name" -}}
+{{- $name := .Release.Name | trunc 29 -}}
+{{- printf "%s-%s-analyticsservice" $name .Chart.Name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
{{/*
The msg name
*/}}
@@ -810,10 +818,63 @@ chown -R 1066:1066 {{ .Values.pipelines.mountPath }}
Resolve pipelines requiredServiceTypes value
*/}}
{{- define "pipelines.router.requiredServiceTypes" -}}
+{{- if .Values.splitServicesToPods }}
+{{- $requiredTypes := "jfpip,jfob,jfpipwww,jfpipfrontend" -}}
+{{- $requiredTypes -}}
+{{- else -}}
+{{- $requiredTypes := "jfpip,jfob,jfpipwww,jfpipfrontend,jfpnps" -}}
+{{- $requiredTypes -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Resolve pipelines requiredServiceTypes value
+*/}}
+{{- define "pipelines.cron.router.requiredServiceTypes" -}}
+{{- $requiredTypes := "jfob" -}}
+{{- $requiredTypes -}}
+{{- end -}}
+
+{{/*
+Resolve pipelines requiredServiceTypes value
+*/}}
+{{- define "pipelines.sync.router.requiredServiceTypes" -}}
+{{- $requiredTypes := "jfob" -}}
+{{- $requiredTypes -}}
+{{- end -}}
+
+{{/*
+Resolve pipelines requiredServiceTypes value
+*/}}
+{{- define "pipelines.hookhandler.router.requiredServiceTypes" -}}
+{{- $requiredTypes := "jfob" -}}
+{{- $requiredTypes -}}
+{{- end -}}
+
+{{/*
+Resolve pipelines requiredServiceTypes value
+*/}}
+{{- define "pipelines.trigger.router.requiredServiceTypes" -}}
+{{- $requiredTypes := "jfob,jfpnps" -}}
+{{- $requiredTypes -}}
+{{- end -}}
+
+{{/*
+Resolve pipelines requiredServiceTypes value
+*/}}
+{{- define "pipelines.internalapi.router.requiredServiceTypes" -}}
{{- $requiredTypes := "jfpip,jfob" -}}
{{- $requiredTypes -}}
{{- end -}}
+{{/*
+Resolve pipelines requiredServiceTypes value
+*/}}
+{{- define "pipelines.stepservice.router.requiredServiceTypes" -}}
+{{- $requiredTypes := "jfob" -}}
+{{- $requiredTypes -}}
+{{- end -}}
+
{{/*
Resolve Pipelines pod node selector value
*/}}
diff --git a/stable/pipelines/templates/pipelines-cron-statefulset.yaml b/stable/pipelines/templates/pipelines-cron-statefulset.yaml
index c92f19c70..f8f41a76c 100644
--- a/stable/pipelines/templates/pipelines-cron-statefulset.yaml
+++ b/stable/pipelines/templates/pipelines-cron-statefulset.yaml
@@ -301,6 +301,8 @@ spec:
drop:
- NET_RAW
env:
+ - name: JF_ROUTER_TOPOLOGY_LOCAL_REQUIREDSERVICETYPES
+ value: {{ include "pipelines.cron.router.requiredServiceTypes" . }}
{{- if not .Values.router.routerConfiguration }}
- name: JF_SHARED_JFROGURL
value: "{{ tpl (include "pipelines.jfrogUrl" .) . }}"
diff --git a/stable/pipelines/templates/pipelines-hookhandler-statefulset.yaml b/stable/pipelines/templates/pipelines-hookhandler-statefulset.yaml
index e401a333d..876c78e3b 100644
--- a/stable/pipelines/templates/pipelines-hookhandler-statefulset.yaml
+++ b/stable/pipelines/templates/pipelines-hookhandler-statefulset.yaml
@@ -305,6 +305,8 @@ spec:
drop:
- NET_RAW
env:
+ - name: JF_ROUTER_TOPOLOGY_LOCAL_REQUIREDSERVICETYPES
+ value: {{ include "pipelines.hookhandler.router.requiredServiceTypes" . }}
{{- if not .Values.router.routerConfiguration }}
- name: JF_SHARED_JFROGURL
value: "{{ tpl (include "pipelines.jfrogUrl" .) . }}"
diff --git a/stable/pipelines/templates/pipelines-internalapi-statefulset.yaml b/stable/pipelines/templates/pipelines-internalapi-statefulset.yaml
index 925a5c4fd..50041f788 100644
--- a/stable/pipelines/templates/pipelines-internalapi-statefulset.yaml
+++ b/stable/pipelines/templates/pipelines-internalapi-statefulset.yaml
@@ -388,6 +388,8 @@ spec:
drop:
- NET_RAW
env:
+ - name: JF_ROUTER_TOPOLOGY_LOCAL_REQUIREDSERVICETYPES
+ value: {{ include "pipelines.internalapi.router.requiredServiceTypes" . }}
{{- if not .Values.router.routerConfiguration }}
- name: JF_SHARED_JFROGURL
value: "{{ tpl (include "pipelines.jfrogUrl" .) . }}"
diff --git a/stable/pipelines/templates/pipelines-statefulset.yaml b/stable/pipelines/templates/pipelines-statefulset.yaml
index a11dcd2e1..069788347 100644
--- a/stable/pipelines/templates/pipelines-statefulset.yaml
+++ b/stable/pipelines/templates/pipelines-statefulset.yaml
@@ -869,55 +869,57 @@ spec:
{{- with .Values.pipelines.customVolumeMounts }}
{{ tpl . $ | nindent 10 }}
{{- end }}
- - name: pipelinesync
- image: {{ include "pipelines.getImageInfoByValue" (list . "pipelines" "pipelineSync" ) }}
- imagePullPolicy: {{ .Values.pipelines.pipelineSync.image.pullPolicy }}
+{{- if .Values.pipelines.analyticsservice.enabled }}
+ - name: analyticsservice
+ image: {{ include "pipelines.getImageInfoByValue" (list . "pipelines" "analyticsservice" ) }}
+ imagePullPolicy: {{ .Values.pipelines.analyticsservice.image.pullPolicy }}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- NET_RAW
- workingDir: /opt/jfrog/pipelines/app/micro/pipelineSync
env:
- - name: COMPONENT
- value: pipelinesync
- - name: PIPELINES_NODE_ID
- valueFrom:
- fieldRef:
- fieldPath: "metadata.name"
{{- if or .Values.pipelines.customCertificates.enabled .Values.global.customCertificates.enabled }}
- name: NODE_EXTRA_CA_CERTS
value: "{{ .Values.pipelines.mountPath }}/security/keys/trusted/pipelines_custom_certs.crt"
{{- end }}
+ - name: PIPELINES_NODE_ID
+ valueFrom:
+ fieldRef:
+ fieldPath: "metadata.name"
{{- if .Values.pipelines.extraEnvironmentVariables }}
{{- with .Values.pipelines.extraEnvironmentVariables }}
{{ tpl (toYaml .) $ | indent 12 }}
{{- end }}
{{- end }}
-{{- if .Values.pipelines.pipelineSync.extraEnvironmentVariables }}
-{{- with .Values.pipelines.pipelineSync.extraEnvironmentVariables }}
+{{- if .Values.pipelines.analyticsservice.extraEnvironmentVariables }}
+{{- with .Values.pipelines.analyticsservice.extraEnvironmentVariables }}
{{ tpl (toYaml .) $ | indent 12 }}
{{- end }}
{{- end }}
resources:
- {{- toYaml .Values.pipelines.pipelineSync.resources | nindent 12 }}
+ {{- toYaml .Values.pipelines.analyticsservice.resources | nindent 12 }}
volumeMounts:
- - name: jfrog-pipelines-folder
- mountPath: {{ .Values.pipelines.mountPath }}
- - name: jfrog-pipelines-logs
- mountPath: {{ .Values.pipelines.logPath }}
- - name: cron
- image: {{ include "pipelines.getImageInfoByValue" (list . "pipelines" "cron" ) }}
- imagePullPolicy: {{ .Values.pipelines.cron.image.pullPolicy }}
+ - name: jfrog-pipelines-folder
+ mountPath: {{ .Values.pipelines.mountPath }}
+ - name: jfrog-pipelines-logs
+ mountPath: {{ .Values.pipelines.logPath }}
+{{- with .Values.pipelines.customVolumeMounts }}
+{{ tpl . $ | nindent 10 }}
+{{- end }}
+{{- end }}
+ - name: pipelinesync
+ image: {{ include "pipelines.getImageInfoByValue" (list . "pipelines" "pipelineSync" ) }}
+ imagePullPolicy: {{ .Values.pipelines.pipelineSync.image.pullPolicy }}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- NET_RAW
- workingDir: /opt/jfrog/pipelines/app/micro/cron
+ workingDir: /opt/jfrog/pipelines/app/micro/pipelineSync
env:
- name: COMPONENT
- value: cron
+ value: pipelinesync
- name: PIPELINES_NODE_ID
valueFrom:
fieldRef:
@@ -931,31 +933,30 @@ spec:
{{ tpl (toYaml .) $ | indent 12 }}
{{- end }}
{{- end }}
-{{- if .Values.pipelines.cron.extraEnvironmentVariables }}
-{{- with .Values.pipelines.cron.extraEnvironmentVariables }}
+{{- if .Values.pipelines.pipelineSync.extraEnvironmentVariables }}
+{{- with .Values.pipelines.pipelineSync.extraEnvironmentVariables }}
{{ tpl (toYaml .) $ | indent 12 }}
{{- end }}
{{- end }}
resources:
- {{- toYaml .Values.pipelines.cron.resources | nindent 12 }}
+ {{- toYaml .Values.pipelines.pipelineSync.resources | nindent 12 }}
volumeMounts:
- name: jfrog-pipelines-folder
mountPath: {{ .Values.pipelines.mountPath }}
- name: jfrog-pipelines-logs
mountPath: {{ .Values.pipelines.logPath }}
- {{- if .Values.pipelines.nexec.enabled }}
- - name: nexec
- image: {{ include "pipelines.getImageInfoByValue" (list . "pipelines" "nexec" ) }}
- imagePullPolicy: {{ .Values.pipelines.nexec.image.pullPolicy }}
+ - name: cron
+ image: {{ include "pipelines.getImageInfoByValue" (list . "pipelines" "cron" ) }}
+ imagePullPolicy: {{ .Values.pipelines.cron.image.pullPolicy }}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- NET_RAW
- workingDir: /opt/jfrog/pipelines/app/micro/nexec
+ workingDir: /opt/jfrog/pipelines/app/micro/cron
env:
- name: COMPONENT
- value: nexec
+ value: cron
- name: PIPELINES_NODE_ID
valueFrom:
fieldRef:
@@ -969,19 +970,18 @@ spec:
{{ tpl (toYaml .) $ | indent 12 }}
{{- end }}
{{- end }}
-{{- if .Values.pipelines.nexec.extraEnvironmentVariables }}
-{{- with .Values.pipelines.nexec.extraEnvironmentVariables }}
+{{- if .Values.pipelines.cron.extraEnvironmentVariables }}
+{{- with .Values.pipelines.cron.extraEnvironmentVariables }}
{{ tpl (toYaml .) $ | indent 12 }}
{{- end }}
{{- end }}
resources:
- {{- toYaml .Values.pipelines.nexec.resources | nindent 12 }}
+ {{- toYaml .Values.pipelines.cron.resources | nindent 12 }}
volumeMounts:
- name: jfrog-pipelines-folder
mountPath: {{ .Values.pipelines.mountPath }}
- name: jfrog-pipelines-logs
mountPath: {{ .Values.pipelines.logPath }}
- {{- end }}
- name: hookhandler
image: {{ include "pipelines.getImageInfoByValue" (list . "pipelines" "hookHandler" ) }}
imagePullPolicy: {{ .Values.pipelines.hookHandler.image.pullPolicy }}
diff --git a/stable/pipelines/templates/pipelines-steptrigger-statefulset.yaml b/stable/pipelines/templates/pipelines-steptrigger-statefulset.yaml
index 676ecbc6b..a57352b36 100644
--- a/stable/pipelines/templates/pipelines-steptrigger-statefulset.yaml
+++ b/stable/pipelines/templates/pipelines-steptrigger-statefulset.yaml
@@ -301,6 +301,8 @@ spec:
drop:
- NET_RAW
env:
+ - name: JF_ROUTER_TOPOLOGY_LOCAL_REQUIREDSERVICETYPES
+ value: {{ include "pipelines.stepservice.router.requiredServiceTypes" . }}
{{- if not .Values.router.routerConfiguration }}
- name: JF_SHARED_JFROGURL
value: "{{ tpl (include "pipelines.jfrogUrl" .) . }}"
@@ -370,43 +372,6 @@ spec:
readinessProbe:
{{ tpl .Values.pipelines.router.readinessProbe.config . | indent 12 }}
{{- end }}
- - name: stepservice
- image: {{ include "pipelines.getImageInfoByValue" (list . "pipelines" "stepservice" ) }}
- imagePullPolicy: {{ .Values.pipelines.stepservice.image.pullPolicy }}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - NET_RAW
- env:
- {{- if or .Values.pipelines.customCertificates.enabled .Values.global.customCertificates.enabled }}
- - name: NODE_EXTRA_CA_CERTS
- value: "{{ .Values.pipelines.mountPath }}/security/keys/trusted/pipelines_custom_certs.crt"
- {{- end }}
- - name: PIPELINES_NODE_ID
- valueFrom:
- fieldRef:
- fieldPath: "metadata.name"
-{{- if .Values.pipelines.extraEnvironmentVariables }}
-{{- with .Values.pipelines.extraEnvironmentVariables }}
-{{ tpl (toYaml .) $ | indent 12 }}
-{{- end }}
-{{- end }}
-{{- if .Values.pipelines.stepservice.extraEnvironmentVariables }}
-{{- with .Values.pipelines.stepservice.extraEnvironmentVariables }}
-{{ tpl (toYaml .) $ | indent 12 }}
-{{- end }}
-{{- end }}
- resources:
- {{- toYaml .Values.pipelines.stepservice.resources | nindent 12 }}
- volumeMounts:
- - name: jfrog-pipelines-folder
- mountPath: {{ .Values.pipelines.mountPath }}
- - name: jfrog-pipelines-logs
- mountPath: {{ .Values.pipelines.logPath }}
-{{- with .Values.pipelines.customVolumeMounts }}
-{{ tpl . $ | nindent 10 }}
-{{- end }}
- name: observability
image: {{ include "pipelines.getImageInfoByValue" (list . "pipelines" "observability" ) }}
imagePullPolicy: {{ .Values.pipelines.observability.image.pullPolicy }}
@@ -464,6 +429,47 @@ spec:
livenessProbe:
{{ tpl .Values.pipelines.observability.livenessProbe.config . | indent 12 }}
{{- end }}
+ - name: stepservice
+ image: {{ include "pipelines.getImageInfoByValue" (list . "pipelines" "stepservice" ) }}
+ imagePullPolicy: {{ .Values.pipelines.stepservice.image.pullPolicy }}
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - NET_RAW
+ env:
+ - name: PIPELINES_INTERNAL_API
+ value: "true"
+ - name: COMPONENT
+ value: stepservice
+ - name: PIPELINES_NODE_ID
+ valueFrom:
+ fieldRef:
+ fieldPath: "metadata.name"
+ {{- if or .Values.pipelines.customCertificates.enabled .Values.global.customCertificates.enabled }}
+ - name: NODE_EXTRA_CA_CERTS
+ value: "{{ .Values.pipelines.mountPath }}/security/keys/trusted/pipelines_custom_certs.crt"
+ {{- end }}
+{{- if .Values.pipelines.extraEnvironmentVariables }}
+{{- with .Values.pipelines.extraEnvironmentVariables }}
+{{ tpl (toYaml .) $ | indent 12 }}
+{{- end }}
+{{- end }}
+{{- if .Values.pipelines.stepservice.extraEnvironmentVariables }}
+{{- with .Values.pipelines.stepservice.extraEnvironmentVariables }}
+{{ tpl (toYaml .) $ | indent 12 }}
+{{- end }}
+{{- end }}
+ resources:
+ {{- toYaml .Values.pipelines.stepservice.resources | nindent 12 }}
+ volumeMounts:
+ - name: jfrog-pipelines-folder
+ mountPath: {{ .Values.pipelines.mountPath }}
+ - name: jfrog-pipelines-logs
+ mountPath: {{ .Values.pipelines.logPath }}
+ {{- if or .Values.pipelines.stepservice.customSidecarContainers .Values.global.customSidecarContainers }}
+{{ tpl (include "pipelines.stepservice.customSidecarContainers" .) . | nindent 8 }}
+ {{- end }}
{{- if or .Values.pipelines.nodeSelector .Values.global.nodeSelector }}
{{ tpl (include "pipelines.nodeSelector" .) . | indent 6 }}
{{- end }}
diff --git a/stable/pipelines/templates/pipelines-sync-statefulset.yaml b/stable/pipelines/templates/pipelines-sync-statefulset.yaml
index a80d00ca6..e0828a3db 100644
--- a/stable/pipelines/templates/pipelines-sync-statefulset.yaml
+++ b/stable/pipelines/templates/pipelines-sync-statefulset.yaml
@@ -303,8 +303,8 @@ spec:
drop:
- NET_RAW
env:
-# - name: JF_ROUTER_TOPOLOGY_LOCAL_REQUIREDSERVICETYPES
-# value: {{ include "pipelines.router.requiredServiceTypes" . }}
+ - name: JF_ROUTER_TOPOLOGY_LOCAL_REQUIREDSERVICETYPES
+ value: {{ include "pipelines.sync.router.requiredServiceTypes" . }}
{{- if not .Values.router.routerConfiguration }}
- name: JF_SHARED_JFROGURL
value: "{{ tpl (include "pipelines.jfrogUrl" .) . }}"
diff --git a/stable/pipelines/templates/pipelines-trigger-statefulset.yaml b/stable/pipelines/templates/pipelines-trigger-statefulset.yaml
index 347224ec7..44d3f1adf 100644
--- a/stable/pipelines/templates/pipelines-trigger-statefulset.yaml
+++ b/stable/pipelines/templates/pipelines-trigger-statefulset.yaml
@@ -303,6 +303,8 @@ spec:
drop:
- NET_RAW
env:
+ - name: JF_ROUTER_TOPOLOGY_LOCAL_REQUIREDSERVICETYPES
+ value: {{ include "pipelines.trigger.router.requiredServiceTypes" . }}
{{- if not .Values.router.routerConfiguration }}
- name: JF_SHARED_JFROGURL
value: "{{ tpl (include "pipelines.jfrogUrl" .) . }}"
@@ -512,10 +514,10 @@ spec:
{{ tpl . $ | nindent 10 }}
{{- end }}
{{- end }}
-{{- if .Values.pipelines.logservice.enabled }}
- - name: logservice
- image: {{ include "pipelines.getImageInfoByValue" (list . "pipelines" "logservice" ) }}
- imagePullPolicy: {{ .Values.pipelines.logservice.image.pullPolicy }}
+{{- if .Values.pipelines.analyticsservice.enabled }}
+ - name: analyticsservice
+ image: {{ include "pipelines.getImageInfoByValue" (list . "pipelines" "analyticsservice" ) }}
+ imagePullPolicy: {{ .Values.pipelines.analyticsservice.image.pullPolicy }}
securityContext:
allowPrivilegeEscalation: false
capabilities:
@@ -535,13 +537,13 @@ spec:
{{ tpl (toYaml .) $ | indent 12 }}
{{- end }}
{{- end }}
-{{- if .Values.pipelines.logservice.extraEnvironmentVariables }}
-{{- with .Values.pipelines.logservice.extraEnvironmentVariables }}
+{{- if .Values.pipelines.analyticsservice.extraEnvironmentVariables }}
+{{- with .Values.pipelines.analyticsservice.extraEnvironmentVariables }}
{{ tpl (toYaml .) $ | indent 12 }}
{{- end }}
{{- end }}
resources:
- {{- toYaml .Values.pipelines.logservice.resources | nindent 12 }}
+ {{- toYaml .Values.pipelines.analyticsservice.resources | nindent 12 }}
volumeMounts:
- name: jfrog-pipelines-folder
mountPath: {{ .Values.pipelines.mountPath }}
@@ -551,47 +553,45 @@ spec:
{{ tpl . $ | nindent 10 }}
{{- end }}
{{- end }}
- {{- if .Values.pipelines.nexec.enabled }}
- - name: nexec
- image: {{ include "pipelines.getImageInfoByValue" (list . "pipelines" "nexec" ) }}
- imagePullPolicy: {{ .Values.pipelines.nexec.image.pullPolicy }}
+{{- if .Values.pipelines.logservice.enabled }}
+ - name: logservice
+ image: {{ include "pipelines.getImageInfoByValue" (list . "pipelines" "logservice" ) }}
+ imagePullPolicy: {{ .Values.pipelines.logservice.image.pullPolicy }}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- NET_RAW
- workingDir: /opt/jfrog/pipelines/app/micro/nexec
env:
- - name: PIPELINES_INTERNAL_API
- value: "true"
- - name: COMPONENT
- value: nexec
- - name: PIPELINES_NODE_ID
- valueFrom:
- fieldRef:
- fieldPath: "metadata.name"
{{- if or .Values.pipelines.customCertificates.enabled .Values.global.customCertificates.enabled }}
- name: NODE_EXTRA_CA_CERTS
value: "{{ .Values.pipelines.mountPath }}/security/keys/trusted/pipelines_custom_certs.crt"
{{- end }}
+ - name: PIPELINES_NODE_ID
+ valueFrom:
+ fieldRef:
+ fieldPath: "metadata.name"
{{- if .Values.pipelines.extraEnvironmentVariables }}
{{- with .Values.pipelines.extraEnvironmentVariables }}
{{ tpl (toYaml .) $ | indent 12 }}
{{- end }}
{{- end }}
-{{- if .Values.pipelines.nexec.extraEnvironmentVariables }}
-{{- with .Values.pipelines.nexec.extraEnvironmentVariables }}
+{{- if .Values.pipelines.logservice.extraEnvironmentVariables }}
+{{- with .Values.pipelines.logservice.extraEnvironmentVariables }}
{{ tpl (toYaml .) $ | indent 12 }}
{{- end }}
{{- end }}
resources:
- {{- toYaml .Values.pipelines.nexec.resources | nindent 12 }}
+ {{- toYaml .Values.pipelines.logservice.resources | nindent 12 }}
volumeMounts:
- - name: jfrog-pipelines-folder
- mountPath: {{ .Values.pipelines.mountPath }}
- - name: jfrog-pipelines-logs
- mountPath: {{ .Values.pipelines.logPath }}
- {{- end }}
+ - name: jfrog-pipelines-folder
+ mountPath: {{ .Values.pipelines.mountPath }}
+ - name: jfrog-pipelines-logs
+ mountPath: {{ .Values.pipelines.logPath }}
+{{- with .Values.pipelines.customVolumeMounts }}
+{{ tpl . $ | nindent 10 }}
+{{- end }}
+{{- end }}
- name: reqsealer
image: {{ include "pipelines.getImageInfoByValue" (list . "pipelines" "reqSealer" ) }}
imagePullPolicy: {{ .Values.pipelines.reqSealer.image.pullPolicy }}
diff --git a/stable/pipelines/values.yaml b/stable/pipelines/values.yaml
index b33c6ef48..e715c7fbf 100644
--- a/stable/pipelines/values.yaml
+++ b/stable/pipelines/values.yaml
@@ -835,6 +835,26 @@ pipelines:
# - name: MY_ENV_VAR
# value: "example_value"
+ analyticsservice:
+ image:
+ # registry:
+ repository: jfrog/pipelines-analytics-service
+ # tag:
+ pullPolicy: IfNotPresent
+ resources: {}
+ ## This service will be enabled in split deployment design (splitServicesToPods) as a mandatory service
+ enabled: true
+ # limits:
+ # cpu: 500m
+ # memory: 500Mi
+ # requests:
+ # cpu: 5m
+ # memory: 40Mi
+
+ extraEnvironmentVariables:
+ # - name: MY_ENV_VAR
+ # value: "example_value"
+
stepservice:
image:
# registry:
@@ -889,27 +909,6 @@ pipelines:
# customInitContainers: |
# customSidecarContainers: |
- nexec:
- image:
- # registry:
- repository: jfrog/pipelines-micro
- # tag:
- pullPolicy: IfNotPresent
-
- resources: {}
- # limits:
- # cpu: 500m
- # memory: 500Mi
- # requests:
- # cpu: 5m
- # memory: 40Mi
-
- enabled: true
-
- extraEnvironmentVariables:
- # - name: MY_ENV_VAR
- # value: "example_value"
-
hookHandler:
image:
# registry:
@@ -1314,9 +1313,6 @@ pipelines:
- "core.pipelineSync"
- "cluster.init"
- "www.signals"
- {{- if .Values.pipelines.nexec.enabled }}
- - "core.nexec"
- {{- end }}
- "core.nodePoolService"
- "core.hookHandler"
- "core.extensionSync"
@@ -1325,6 +1321,7 @@ pipelines:
- "core.runService"
- "core.logService"
- "core.stepService"
+ - "core.analyticsService"
ui:
{{- if .Values.rabbitmq.enabled }}
username: {{ .Values.pipelines.msg.uiUser }}
@@ -1565,10 +1562,6 @@ pipelines:
name: stepservice
cron:
name: cron
- {{- if .Values.pipelines.nexec.enabled }}
- nexec:
- name: nexec
- {{- end }}
hookHandler:
name: hookHandler
extensionSync:
@@ -1613,7 +1606,7 @@ pipelines:
language: go
registryUrl: releases-docker.jfrog.io
image: jfrog/pipelines-u18go
- defaultVersion: 1.19
+ defaultVersion: 1.21
- architecture: x86_64
os: Ubuntu_18.04
language: java
@@ -1630,16 +1623,16 @@ pipelines:
os: Ubuntu_20.04
language: node
registryUrl: releases-docker.jfrog.io
- image: jfrog/pipelines-u20node-arm64
+ image: jfrog/pipelines-u20arm
isDefault: true
- defaultVersion: 18
+ defaultVersion: 2.6.3
- architecture: x86_64
os: Ubuntu_20.04
language: node
registryUrl: releases-docker.jfrog.io
image: jfrog/pipelines-u20node
isDefault: true
- defaultVersion: 16
+ defaultVersion: 18
- architecture: x86_64
os: Ubuntu_20.04
language: java
@@ -1657,7 +1650,7 @@ pipelines:
language: go
registryUrl: releases-docker.jfrog.io
image: jfrog/pipelines-u20go
- defaultVersion: 1.19
+ defaultVersion: 1.21
- architecture: x86_64
os: CentOS_7
language: node
@@ -1682,7 +1675,7 @@ pipelines:
language: go
registryUrl: releases-docker.jfrog.io
image: jfrog/pipelines-c7go
- defaultVersion: 1.19
+ defaultVersion: 1.21
- architecture: x86_64
os: CentOS_8
language: node
@@ -1713,7 +1706,7 @@ pipelines:
language: node
registryUrl: releases-docker.jfrog.io
image: jfrog/pipelines-w19node
- defaultVersion: 18
+ defaultVersion: 16
- architecture: x86_64
os: WindowsServer_2019
language: java
@@ -1769,7 +1762,7 @@ pipelines:
language: go
registryUrl: releases-docker.jfrog.io
image: jfrog/pipelines-c7go
- defaultVersion: 1.19
+ defaultVersion: 1.21
- architecture: x86_64
os: RHEL_8
language: node
diff --git a/stable/xray/CHANGELOG.md b/stable/xray/CHANGELOG.md
index 848014ac1..7d91455ef 100644
--- a/stable/xray/CHANGELOG.md
+++ b/stable/xray/CHANGELOG.md
@@ -1,7 +1,10 @@
# JFrog Xray Chart Changelog
All changes to this chart will be documented in this file.
-## [103.83.10] - Sep 15,2023
+## [103.86.10] - Nov 14,2023
+* Fixed - containerSecurityContext on loggers
+
+## [103.83.0] - Sep 15,2023
* Fixed - Support to configure privateRegistry for pre-upgrade-hook
## [103.80.0] - Jul 16, 2023
diff --git a/stable/xray/Chart.yaml b/stable/xray/Chart.yaml
index b62742c94..167ca895f 100644
--- a/stable/xray/Chart.yaml
+++ b/stable/xray/Chart.yaml
@@ -1,5 +1,5 @@
apiVersion: v2
-appVersion: 3.83.10
+appVersion: 3.86.10
dependencies:
- condition: postgresql.enabled
name: postgresql
@@ -24,4 +24,4 @@ name: xray
sources:
- https://github.com/jfrog/charts
type: application
-version: 103.83.10
+version: 103.86.10
diff --git a/stable/xray/templates/xray-statefulset.yaml b/stable/xray/templates/xray-statefulset.yaml
index cd54fb0df..b1bb2814d 100644
--- a/stable/xray/templates/xray-statefulset.yaml
+++ b/stable/xray/templates/xray-statefulset.yaml
@@ -1120,8 +1120,8 @@ spec:
{{- range .Values.xray.loggers }}
- name: {{ . | replace "_" "-" | replace "." "-" }}
image: {{ include "xray.getImageInfoByValue" (list $ "logger") }}
- {{- if .Values.containerSecurityContext.enabled }}
- securityContext: {{- tpl (omit .Values.containerSecurityContext "enabled" | toYaml) . | nindent 10 }}
+ {{- if $.Values.containerSecurityContext.enabled }}
+ securityContext: {{- omit $.Values.containerSecurityContext "enabled" | toYaml | nindent 10 }}
{{- end }}
command:
- 'sh'
diff --git a/stable/xray/values.yaml b/stable/xray/values.yaml
index 4a646da8a..70dcb306a 100644
--- a/stable/xray/values.yaml
+++ b/stable/xray/values.yaml
@@ -52,7 +52,7 @@ global:
##
# fullnameOverride:
-initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.2.717
+initContainerImage: releases-docker.jfrog.io/ubi9/ubi-minimal:9.2.750.1697534106
imagePullPolicy: IfNotPresent
# Init containers
@@ -379,7 +379,7 @@ logger:
image:
registry: releases-docker.jfrog.io
repository: ubi9/ubi-minimal
- tag: 9.2.717
+ tag: 9.2.750.1697534106
## Service Account
## Ref: https://kubernetes.io/docs/admin/service-accounts-admin/
@@ -1186,7 +1186,7 @@ router:
image:
registry: releases-docker.jfrog.io
repository: jfrog/router
- tag: 7.79.0
+ tag: 7.87.0
imagePullPolicy: IfNotPresent
serviceRegistry:
## Service registry (Access) TLS verification skipped if enabled.
@@ -1272,7 +1272,7 @@ observability:
image:
registry: releases-docker.jfrog.io
repository: jfrog/observability
- tag: 1.14.0
+ tag: 1.17.0
imagePullPolicy: IfNotPresent
internalPort: 8036
resources: {}