diff --git a/mycloud-authentik/templates/release.yaml b/mycloud-authentik/templates/release.yaml index 0fb387f..66ad5e2 100644 --- a/mycloud-authentik/templates/release.yaml +++ b/mycloud-authentik/templates/release.yaml @@ -59,40 +59,11 @@ spec: enabled: false prometheus: - serviceMonitor: - create: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} - labels: - {{- toYaml .Values.commons.prometheus.monitor.labels | nindent 10 }} rules: - create: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/PrometheusRule") }} + enabled: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/PrometheusRule") }} labels: {{- toYaml .Values.commons.prometheus.rules.labels | nindent 10 }} - {{- $host := .Values.ingress.host | default (printf "auth.%s" .Values.commons.ingress.domain) }} - ingress: - enabled: true - annotations: - {{- with .Values.commons.ingress.annotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.ingress.annotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - hosts: - - host: "{{ $host }}" - paths: - - path: "/" - pathType: "Prefix" - {{- if .Values.commons.ingress.tls.enabled }} - tls: - {{- with .Values.commons.ingress.tls.override }} - {{- toYaml . | nindent 8 }} - {{- else }} - - secretName: "mycloud-authentik-cert" - hosts: - - "{{ $host }}" - {{- end }} - {{- end }} # # https://github.com/goauthentik/helm/pull/146 @@ -100,30 +71,88 @@ spec: serviceAccount: create: true - additionalContainers: - - name: sidecar-blueprints - image: "ghcr.io/kiwigrid/k8s-sidecar:1.25.1" - env: - - name: "FOLDER" - value: "/blueprints/sidecar" - - name: "LABEL" - value: "goauthentik_blueprint" - - name: "LABEL_VALUE" - value: "1" - # - name: "NAMESPACE" - # value: "ALL" - - name: "RESOURCE" - value: "both" - - name: "UNIQUE_FILENAMES" - value: "true" - volumeMounts: - - name: sidecar-blueprints - mountPath: /blueprints/sidecar + {{- $host := .Values.ingress.host | default (printf "auth.%s" .Values.commons.ingress.domain) }} + global: + volumeMounts: + - name: sidecar-blueprints + mountPath: /blueprints/sidecar - volumeMounts: - - name: sidecar-blueprints - mountPath: /blueprints/sidecar + volumes: + - name: sidecar-blueprints + emptyDir: {} - volumes: - - name: sidecar-blueprints - emptyDir: {} + server: + metrics: + serviceMonitor: + enabled: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} + labels: + {{- toYaml .Values.commons.prometheus.monitor.labels | nindent 12 }} + + extraContainers: + - name: sidecar-blueprints + image: "ghcr.io/kiwigrid/k8s-sidecar:1.26.0" + env: + - name: "FOLDER" + value: "/blueprints/sidecar" + - name: "LABEL" + value: "goauthentik_blueprint" + - name: "LABEL_VALUE" + value: "1" + # - name: "NAMESPACE" + # value: "ALL" + - name: "RESOURCE" + value: "both" + - name: "UNIQUE_FILENAMES" + value: "true" + volumeMounts: + - name: sidecar-blueprints + mountPath: /blueprints/sidecar + + ingress: + enabled: true + annotations: + {{- with .Values.commons.ingress.annotations }} + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.ingress.annotations }} + {{- toYaml . | nindent 10 }} + {{- end }} + hosts: + - "{{ $host }}" + {{- if .Values.commons.ingress.tls.enabled }} + tls: + {{- with .Values.commons.ingress.tls.override }} + {{- toYaml . | nindent 10 }} + {{- else }} + - secretName: "mycloud-authentik-cert" + hosts: + - "{{ $host }}" + {{- end }} + {{- end }} + + worker: + metrics: + serviceMonitor: + enabled: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} + labels: + {{- toYaml .Values.commons.prometheus.monitor.labels | nindent 12 }} + + extraContainers: + - name: sidecar-blueprints + image: "ghcr.io/kiwigrid/k8s-sidecar:1.26.0" + env: + - name: "FOLDER" + value: "/blueprints/sidecar" + - name: "LABEL" + value: "goauthentik_blueprint" + - name: "LABEL_VALUE" + value: "1" + # - name: "NAMESPACE" + # value: "ALL" + - name: "RESOURCE" + value: "both" + - name: "UNIQUE_FILENAMES" + value: "true" + volumeMounts: + - name: sidecar-blueprints + mountPath: /blueprints/sidecar