wrenix/flux-charts
1
0
Fork 0
Code Issues 14 Pull requests 1 Projects Releases Packages Wiki Activity Actions

fix(mycloud-authentik): update for 2024.2.0

Browse source
This commit is contained in:
WrenIX 2024-02-29 19:30:52 +01:00
parent 50626adfcb
commit 08d5e2176a
Signed by: wrenix
GPG key ID: 7AFDB012974B1BB5
1 changed files with 84 additions and 55 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

101
mycloud-authentik/templates/release.yaml
View file

@ -59,40 +59,11 @@ spec:
enabled: false
prometheus:
serviceMonitor:
create: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }}
labels:
{{- toYaml .Values.commons.prometheus.monitor.labels | nindent 10 }}
rules:
create: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/PrometheusRule") }}
enabled: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/PrometheusRule") }}
labels:
{{- toYaml .Values.commons.prometheus.rules.labels | nindent 10 }}
{{- $host := .Values.ingress.host | default (printf "auth.%s" .Values.commons.ingress.domain) }}
ingress:
enabled: true
annotations:
{{- with .Values.commons.ingress.annotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.ingress.annotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
hosts:
- host: "{{ $host }}"
paths:
- path: "/"
pathType: "Prefix"
{{- if .Values.commons.ingress.tls.enabled }}
tls:
{{- with .Values.commons.ingress.tls.override }}
{{- toYaml . | nindent 8 }}
{{- else }}
- secretName: "mycloud-authentik-cert"
hosts:
- "{{ $host }}"
{{- end }}
{{- end }}
#
# https://github.com/goauthentik/helm/pull/146
@ -100,9 +71,26 @@ spec:
serviceAccount:
create: true
additionalContainers:
{{- $host := .Values.ingress.host | default (printf "auth.%s" .Values.commons.ingress.domain) }}
global:
volumeMounts:
- name: sidecar-blueprints
image: "ghcr.io/kiwigrid/k8s-sidecar:1.25.1"
mountPath: /blueprints/sidecar
volumes:
- name: sidecar-blueprints
emptyDir: {}
server:
metrics:
serviceMonitor:
enabled: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }}
labels:
{{- toYaml .Values.commons.prometheus.monitor.labels | nindent 12 }}
extraContainers:
- name: sidecar-blueprints
image: "ghcr.io/kiwigrid/k8s-sidecar:1.26.0"
env:
- name: "FOLDER"
value: "/blueprints/sidecar"
@ -120,10 +108,51 @@ spec:
- name: sidecar-blueprints
mountPath: /blueprints/sidecar
ingress:
enabled: true
annotations:
{{- with .Values.commons.ingress.annotations }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.ingress.annotations }}
{{- toYaml . | nindent 10 }}
{{- end }}
hosts:
- "{{ $host }}"
{{- if .Values.commons.ingress.tls.enabled }}
tls:
{{- with .Values.commons.ingress.tls.override }}
{{- toYaml . | nindent 10 }}
{{- else }}
- secretName: "mycloud-authentik-cert"
hosts:
- "{{ $host }}"
{{- end }}
{{- end }}
worker:
metrics:
serviceMonitor:
enabled: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }}
labels:
{{- toYaml .Values.commons.prometheus.monitor.labels | nindent 12 }}
extraContainers:
- name: sidecar-blueprints
image: "ghcr.io/kiwigrid/k8s-sidecar:1.26.0"
env:
- name: "FOLDER"
value: "/blueprints/sidecar"
- name: "LABEL"
value: "goauthentik_blueprint"
- name: "LABEL_VALUE"
value: "1"
# - name: "NAMESPACE"
# value: "ALL"
- name: "RESOURCE"
value: "both"
- name: "UNIQUE_FILENAMES"
value: "true"
volumeMounts:
- name: sidecar-blueprints
mountPath: /blueprints/sidecar
volumes:
- name: sidecar-blueprints
emptyDir: {}