github/Reloader
1
0
Fork 0
mirror of https://github.com/stakater/Reloader.git synced 2026-05-06 00:36:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/master' into fix-255

Browse Source
This commit is contained in:
Hussnain
2023-04-05 11:19:34 +05:00
parent aab8f66b34 71a2b2347a
commit ddbe3036af
53 changed files with 1850 additions and 1591 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
deployments/kubernetes/chart/reloader/Chart.yaml
View File

@@ -3,8 +3,8 @@
apiVersion: v1
name: reloader
description: Reloader chart that runs on kubernetes
version: v0.0.114
appVersion: v0.0.114
version: v1.0.20
appVersion: v1.0.20
keywords:
- Reloader
- kubernetes
@@ -16,16 +16,6 @@ maintainers:
- name: Stakater
email: hello@stakater.com
- name: rasheedamir
email: rasheed@aurorasolutions.io
- name: waseem-h
email: waseemhassan@stakater.com
email: rasheed@stakater.com
- name: faizanahmad055
email: faizan.ahmad55@outlook.com
- name: kahootali
email: ali.kahoot@aurorasolutions.io
- name: ahmadiq
email: ahmad@aurorasolutions.io
- name: ahsan-storm
email: ahsanmuhammad1@outlook.com
- name: ahmedwaleedmalik
email: waleed@stakater.com

19
deployments/kubernetes/chart/reloader/templates/_helpers.tpl
View File

@@ -28,6 +28,23 @@ heritage: {{ .Release.Service | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
{{- end -}}
{{/*
Create pod anti affinity labels
*/}}
{{- define "reloader-podAntiAffinity" -}}
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- {{ template "reloader-fullname" . }}
topologyKey: "kubernetes.io/hostname"
{{- end -}}
{{/*
Create the name of the service account to use
*/}}
@@ -45,4 +62,4 @@ Create the annotations to support helm3
{{- define "reloader-helm3.annotations" -}}
meta.helm.sh/release-namespace: {{ .Release.Namespace | quote }}
meta.helm.sh/release-name: {{ .Release.Name | quote }}
{{- end -}}
{{- end -}}

26
deployments/kubernetes/chart/reloader/templates/clusterrole.yaml
View File

@@ -17,7 +17,6 @@ metadata:
{{ toYaml .Values.reloader.matchLabels | indent 4 }}
{{- end }}
name: {{ template "reloader-fullname" . }}-role
namespace: {{ .Release.Namespace }}
rules:
- apiGroups:
- ""
@@ -32,6 +31,14 @@ rules:
- list
- get
- watch
{{- if .Values.reloader.namespaceSelector }}
- apiGroups:
- ""
resources:
- namespaces
verbs:
- get
{{- end }}
{{- if and (.Capabilities.APIVersions.Has "apps.openshift.io/v1") (.Values.reloader.isOpenshift) }}
- apiGroups:
- "apps.openshift.io"
@@ -77,4 +84,21 @@ rules:
- get
- update
- patch
{{- if .Values.reloader.enableHA }}
- apiGroups:
- "coordination.k8s.io"
resources:
- leases
verbs:
- create
- get
- update
{{- end}}
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
{{- end }}

3
deployments/kubernetes/chart/reloader/templates/clusterrolebinding.yaml
View File

@@ -17,7 +17,6 @@ metadata:
{{ toYaml .Values.reloader.matchLabels | indent 4 }}
{{- end }}
name: {{ template "reloader-fullname" . }}-role-binding
namespace: {{ .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
@@ -25,5 +24,5 @@ roleRef:
subjects:
- kind: ServiceAccount
name: {{ template "reloader-serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
{{- end }}

68
deployments/kubernetes/chart/reloader/templates/deployment.yaml
View File

@@ -15,9 +15,13 @@ metadata:
{{ toYaml .Values.reloader.matchLabels | indent 4 }}
{{- end }}
name: {{ template "reloader-fullname" . }}
namespace: {{ .Release.Namespace }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
spec:
{{- if not (.Values.reloader.enableHA) }}
replicas: 1
{{- else }}
replicas: {{ .Values.reloader.deployment.replicas }}
{{- end}}
revisionHistoryLimit: 2
selector:
matchLabels:
@@ -41,17 +45,28 @@ spec:
{{ toYaml .Values.reloader.matchLabels | indent 8 }}
{{- end }}
spec:
{{- with .Values.reloader.deployment.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.reloader.deployment.nodeSelector }}
nodeSelector:
{{ toYaml .Values.reloader.deployment.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.reloader.deployment.affinity }}
{{- if or (.Values.reloader.deployment.affinity) (.Values.reloader.enableHA) }}
affinity:
{{- if .Values.reloader.deployment.affinity }}
{{ toYaml .Values.reloader.deployment.affinity | indent 8 }}
{{- end}}
{{ include "reloader-podAntiAffinity" . | indent 8 }}
{{- end }}
{{- if .Values.reloader.deployment.tolerations }}
tolerations:
{{ toYaml .Values.reloader.deployment.tolerations | indent 8 }}
{{- end }}
{{- if .Values.reloader.deployment.topologySpreadConstraints }}
topologySpreadConstraints:
{{ toYaml .Values.reloader.deployment.topologySpreadConstraints | indent 8 }}
{{- end }}
{{- if .Values.reloader.deployment.priorityClassName }}
priorityClassName: {{ .Values.reloader.deployment.priorityClassName }}
@@ -60,7 +75,7 @@ spec:
- image: "{{ .Values.reloader.deployment.image.name }}:{{ .Values.reloader.deployment.image.tag }}"
imagePullPolicy: {{ .Values.reloader.deployment.image.pullPolicy }}
name: {{ template "reloader-fullname" . }}
{{- if or (.Values.reloader.deployment.env.open) (.Values.reloader.deployment.env.secret) (.Values.reloader.deployment.env.field) (eq .Values.reloader.watchGlobally false) }}
{{- if or (.Values.reloader.deployment.env.open) (.Values.reloader.deployment.env.secret) (.Values.reloader.deployment.env.field) (.Values.reloader.deployment.env.existing) (eq .Values.reloader.watchGlobally false) (.Values.reloader.enableHA)}}
env:
{{- range $name, $value := .Values.reloader.deployment.env.open }}
{{- if not (empty $value) }}
@@ -78,6 +93,17 @@ spec:
key: {{ $name | quote }}
{{- end }}
{{- end }}
{{- range $secret, $values := .Values.reloader.deployment.env.existing }}
{{- range $name, $key := $values }}
{{- if not ( empty $name) }}
- name: {{ $name | quote }}
valueFrom:
secretKeyRef:
name: {{ $secret | quote }}
key: {{ $key | quote }}
{{- end }}
{{- end }}
{{- end }}
{{- range $name, $value := .Values.reloader.deployment.env.field }}
{{- if not ( empty $value) }}
- name: {{ $name | quote }}
@@ -92,6 +118,16 @@ spec:
fieldRef:
fieldPath: metadata.namespace
{{- end }}
{{- if .Values.reloader.enableHA }}
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
{{- end }}
{{- end }}
ports:
@@ -99,12 +135,13 @@ spec:
containerPort: 9090
livenessProbe:
httpGet:
path: /metrics
path: /live
port: http
timeoutSeconds: {{ .Values.reloader.deployment.livenessProbe.timeoutSeconds | default "5" }}
failureThreshold: {{ .Values.reloader.deployment.livenessProbe.failureThreshold | default "5" }}
periodSeconds: {{ .Values.reloader.deployment.livenessProbe.periodSeconds | default "10" }}
successThreshold: {{ .Values.reloader.deployment.livenessProbe.successThreshold | default "1" }}
initialDelaySeconds: {{ .Values.reloader.deployment.livenessProbe.initialDelaySeconds | default "10" }}
readinessProbe:
httpGet:
path: /metrics
@@ -113,17 +150,22 @@ spec:
failureThreshold: {{ .Values.reloader.deployment.readinessProbe.failureThreshold | default "5" }}
periodSeconds: {{ .Values.reloader.deployment.readinessProbe.periodSeconds | default "10" }}
successThreshold: {{ .Values.reloader.deployment.readinessProbe.successThreshold | default "1" }}
initialDelaySeconds: {{ .Values.reloader.deployment.readinessProbe.initialDelaySeconds | default "10" }}
{{- with .Values.reloader.deployment.containerSecurityContext }}
securityContext: {{ toYaml . | nindent 10 }}
{{- end }}
{{- $containerSecurityContext := .Values.reloader.deployment.containerSecurityContext | default dict }}
{{- if .Values.reloader.readOnlyRootFileSystem }}
{{- $_ := set $containerSecurityContext "readOnlyRootFilesystem" true }}
{{- end }}
securityContext:
{{- toYaml $containerSecurityContext | nindent 10 }}
{{- if eq .Values.reloader.readOnlyRootFileSystem true }}
volumeMounts:
- mountPath: /tmp/
name: tmp-volume
{{- end }}
{{- if or (.Values.reloader.logFormat) (.Values.reloader.ignoreSecrets) (.Values.reloader.ignoreNamespaces) (.Values.reloader.ignoreConfigMaps) (.Values.reloader.custom_annotations) (eq .Values.reloader.isArgoRollouts true) (eq .Values.reloader.reloadOnCreate true) (ne .Values.reloader.reloadStrategy "default")}}
{{- if or (.Values.reloader.logFormat) (.Values.reloader.ignoreSecrets) (.Values.reloader.ignoreNamespaces) (.Values.reloader.namespaceSelector) (.Values.reloader.ignoreConfigMaps) (.Values.reloader.custom_annotations) (eq .Values.reloader.isArgoRollouts true) (eq .Values.reloader.reloadOnCreate true) (ne .Values.reloader.reloadStrategy "default") (.Values.reloader.enableHA)}}
args:
{{- if .Values.reloader.logFormat }}
- "--log-format={{ .Values.reloader.logFormat }}"
@@ -137,7 +179,9 @@ spec:
{{- if .Values.reloader.ignoreNamespaces }}
- "--namespaces-to-ignore={{ .Values.reloader.ignoreNamespaces }}"
{{- end }}
{{- if .Values.reloader.namespaceSelector }}
- "--namespace-selector={{ .Values.reloader.namespaceSelector }}"
{{- end }}
{{- if .Values.reloader.custom_annotations }}
{{- if .Values.reloader.custom_annotations.configmap }}
- "--configmap-annotation"
@@ -166,9 +210,15 @@ spec:
{{- if eq .Values.reloader.reloadOnCreate true }}
- "--reload-on-create={{ .Values.reloader.reloadOnCreate }}"
{{- end }}
{{- if eq .Values.reloader.syncAfterRestart true }}
- "--sync-after-restart={{ .Values.reloader.syncAfterRestart }}"
{{- end }}
{{- if ne .Values.reloader.reloadStrategy "default" }}
- "--reload-strategy={{ .Values.reloader.reloadStrategy }}"
{{- end }}
{{- if or (gt (int .Values.reloader.deployment.replicas) 1) (.Values.reloader.enableHA) }}
- "--enable-ha=true"
{{- end}}
{{- end }}
{{- if .Values.reloader.deployment.resources }}
resources:

11
deployments/kubernetes/chart/reloader/templates/poddisruptionbudget.yaml Normal file
View File

@@ -0,0 +1,11 @@
{{- if .Values.reloader.podDisruptionBudget.enabled }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ template "reloader-fullname" . }}
spec:
minAvailable: {{ .Values.reloader.podDisruptionBudget.minAvailable }}
selector:
matchLabels:
app: {{ template "reloader-fullname" . }}
{{- end }}

45
deployments/kubernetes/chart/reloader/templates/podmonitor.yaml
View File

@@ -1,26 +1,53 @@
{{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) ( .Values.reloader.podMonitor.enabled ) }}
{{- if ( .Values.reloader.podMonitor.enabled ) }}
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
{{- if .Values.reloader.podMonitor.annotations }}
annotations:
{{ tpl (toYaml .Values.reloader.podMonitor.annotations) . | indent 4 }}
{{- end }}
labels:
{{ include "reloader-labels.chart" . | indent 4 }}
{{- if .Values.reloader.podMonitor.labels }}
{{ toYaml .Values.reloader.podMonitor.labels | indent 4}}
{{ tpl (toYaml .Values.reloader.podMonitor.labels) . | indent 4 }}
{{- end }}
name: {{ template "reloader-fullname" . }}
{{- if .Values.reloader.podMonitor.namespace }}
namespace: {{ .Values.reloader.podMonitor.namespace }}
namespace: {{ tpl .Values.reloader.podMonitor.namespace . }}
{{- end }}
spec:
podMetricsEndpoints:
- port: http
path: "/metrics"
{{- if .Values.reloader.podMonitor.interval }}
interval: {{ .Values.reloader.podMonitor.interval }}
{{- end }}
{{- if .Values.reloader.podMonitor.timeout }}
scrapeTimeout: {{ .Values.reloader.podMonitor.timeout }}
{{- end }}
{{- with .Values.reloader.podMonitor.interval }}
interval: {{ . }}
{{- end }}
{{- with .Values.reloader.podMonitor.scheme }}
scheme: {{ . }}
{{- end }}
{{- with .Values.reloader.podMonitor.bearerTokenSecret }}
bearerTokenSecret: {{ . }}
{{- end }}
{{- with .Values.reloader.podMonitor.tlsConfig }}
tlsConfig:
{{- toYaml .| nindent 6 }}
{{- end }}
{{- with .Values.reloader.podMonitor.timeout }}
scrapeTimeout: {{ . }}
{{- end }}
honorLabels: {{ .Values.reloader.podMonitor.honorLabels }}
{{- with .Values.reloader.podMonitor.metricRelabelings }}
metricRelabelings:
{{- tpl (toYaml . | nindent 6) $ }}
{{- end }}
{{- with .Values.reloader.podMonitor.relabelings }}
relabelings:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.reloader.podMonitor.podTargetLabels }}
podTargetLabels:
{{- toYaml . | nindent 4 }}
{{- end }}
jobLabel: {{ template "reloader-fullname" . }}
namespaceSelector:
matchNames:

19
deployments/kubernetes/chart/reloader/templates/role.yaml
View File

@@ -17,7 +17,7 @@ metadata:
{{ toYaml .Values.reloader.matchLabels | indent 4 }}
{{- end }}
name: {{ template "reloader-fullname" . }}-role
namespace: {{ .Release.Namespace }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
rules:
- apiGroups:
- ""
@@ -77,4 +77,21 @@ rules:
- get
- update
- patch
{{- if .Values.reloader.enableHA }}
- apiGroups:
- "coordination.k8s.io"
resources:
- leases
verbs:
- create
- get
- update
{{- end}}
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
{{- end }}

4
deployments/kubernetes/chart/reloader/templates/rolebinding.yaml
View File

@@ -17,7 +17,7 @@ metadata:
{{ toYaml .Values.reloader.matchLabels | indent 4 }}
{{- end }}
name: {{ template "reloader-fullname" . }}-role-binding
namespace: {{ .Release.Namespace }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
@@ -25,5 +25,5 @@ roleRef:
subjects:
- kind: ServiceAccount
name: {{ template "reloader-serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
{{- end }}

21
deployments/kubernetes/chart/reloader/templates/secret.yaml Normal file
View File

@@ -0,0 +1,21 @@
{{- if .Values.reloader.deployment.env.secret -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "reloader-fullname" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
type: Opaque
data:
{{ if .Values.reloader.deployment.env.secret.ALERT_ON_RELOAD -}}
ALERT_ON_RELOAD: {{ .Values.reloader.deployment.env.secret.ALERT_ON_RELOAD | b64enc | quote }}
{{ end }}
{{- if .Values.reloader.deployment.env.secret.ALERT_SINK -}}
ALERT_SINK: {{ .Values.reloader.deployment.env.secret.ALERT_SINK | b64enc | quote }}
{{ end }}
{{- if .Values.reloader.deployment.env.secret.ALERT_WEBHOOK_URL -}}
ALERT_WEBHOOK_URL: {{ .Values.reloader.deployment.env.secret.ALERT_WEBHOOK_URL | b64enc | quote }}
{{ end }}
{{- if .Values.reloader.deployment.env.secret.ALERT_ADDITIONAL_INFO -}}
ALERT_ADDITIONAL_INFO: {{ .Values.reloader.deployment.env.secret.ALERT_ADDITIONAL_INFO | b64enc | quote }}
{{ end }}
{{ end }}

2
deployments/kubernetes/chart/reloader/templates/service.yaml
View File

@@ -13,7 +13,7 @@ metadata:
{{ toYaml .Values.reloader.service.labels | indent 4 }}
{{- end }}
name: {{ template "reloader-fullname" . }}
namespace: {{ .Release.Namespace }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
spec:
selector:
{{- if .Values.reloader.deployment.labels }}

2
deployments/kubernetes/chart/reloader/templates/serviceaccount.yaml
View File

@@ -22,5 +22,5 @@ metadata:
{{ toYaml .Values.reloader.matchLabels | indent 4 }}
{{- end }}
name: {{ template "reloader-serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
{{- end }}

43
deployments/kubernetes/chart/reloader/templates/servicemonitor.yaml
View File

@@ -2,25 +2,52 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
{{- if .Values.reloader.serviceMonitor.annotations }}
annotations:
{{ tpl (toYaml .Values.reloader.serviceMonitor.annotations) . | indent 4 }}
{{- end }}
labels:
{{ include "reloader-labels.chart" . | indent 4 }}
{{- if .Values.reloader.serviceMonitor.labels }}
{{ toYaml .Values.reloader.serviceMonitor.labels | indent 4}}
{{ tpl (toYaml .Values.reloader.serviceMonitor.labels) . | indent 4 }}
{{- end }}
name: {{ template "reloader-fullname" . }}
{{- if .Values.reloader.serviceMonitor.namespace }}
namespace: {{ .Values.reloader.serviceMonitor.namespace }}
namespace: {{ tpl .Values.reloader.serviceMonitor.namespace . }}
{{- end }}
spec:
endpoints:
- targetPort: http
path: "/metrics"
{{- if .Values.reloader.serviceMonitor.interval }}
interval: {{ .Values.reloader.serviceMonitor.interval }}
{{- end }}
{{- if .Values.reloader.serviceMonitor.timeout }}
scrapeTimeout: {{ .Values.reloader.serviceMonitor.timeout }}
{{- end }}
{{- with .Values.reloader.serviceMonitor.interval }}
interval: {{ . }}
{{- end }}
{{- with .Values.reloader.serviceMonitor.scheme }}
scheme: {{ . }}
{{- end }}
{{- with .Values.reloader.serviceMonitor.bearerTokenFile }}
bearerTokenFile: {{ . }}
{{- end }}
{{- with .Values.reloader.serviceMonitor.tlsConfig }}
tlsConfig:
{{- toYaml .| nindent 6 }}
{{- end }}
{{- with .Values.reloader.serviceMonitor.timeout }}
scrapeTimeout: {{ . }}
{{- end }}
honorLabels: {{ .Values.reloader.serviceMonitor.honorLabels }}
{{- with .Values.reloader.serviceMonitor.metricRelabelings }}
metricRelabelings:
{{- tpl (toYaml . | nindent 6) $ }}
{{- end }}
{{- with .Values.reloader.serviceMonitor.relabelings }}
relabelings:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.reloader.serviceMonitor.targetLabels }}
targetLabels:
{{- toYaml . | nindent 4 }}
{{- end }}
jobLabel: {{ template "reloader-fullname" . }}
namespaceSelector:
matchNames:

50
deployments/kubernetes/chart/reloader/tests/deployment_test.yaml Normal file
View File

@@ -0,0 +1,50 @@
suite: Deployment
templates:
- deployment.yaml
tests:
- it: sets readOnlyRootFilesystem in container securityContext when reloader.readOnlyRootFileSystem is true
set:
reloader:
readOnlyRootFileSystem: true
deployment:
containerSecurityContext:
readOnlyRootFilesystem: false
asserts:
- equal:
path: spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem
value: true
- it: sets readOnlyRootFilesystem in container securityContext even if reloader.deployment.containerSecurityContext is null
set:
reloader:
readOnlyRootFileSystem: true
deployment:
containerSecurityContext: null
asserts:
- equal:
path: spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem
value: true
- it: does not override readOnlyRootFilesystem in container securityContext based on reloader.readOnlyRootFileSystem
set:
reloader:
readOnlyRootFileSystem: false
deployment:
containerSecurityContext:
readOnlyRootFilesystem: true
asserts:
- equal:
path: spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem
value: true
- it: template is still valid with no defined containerSecurityContext
set:
reloader:
readOnlyRootFileSystem: false
deployment:
containerSecurityContext: null
asserts:
- isEmpty:
path: spec.template.spec.containers[0].securityContext

148
deployments/kubernetes/chart/reloader/values.yaml
View File

@@ -8,22 +8,30 @@ global:
kubernetes:
host: https://kubernetes.default
nameOverride: ""
fullnameOverride: ""
reloader:
isArgoRollouts: false
isOpenshift: false
ignoreSecrets: false
ignoreConfigMaps: false
reloadOnCreate: false
syncAfterRestart: false
reloadStrategy: default # Set to default, env-vars or annotations
ignoreNamespaces: "" # Comma separated list of namespaces to ignore
namespaceSelector: "" # Comma separated list of 'key:value' labels for namespaces selection
logFormat: "" #json
watchGlobally: true
# Set to true to enable leadership election allowing you to run multiple replicas
enableHA: false
# Set to true if you have a pod security policy that enforces readOnlyRootFilesystem
readOnlyRootFileSystem: false
legacy:
rbac: false
matchLabels: {}
deployment:
# If you wish to run multiple replicas set reloader.enableHA = true
replicas: 1
nodeSelector:
# cloud.google.com/gke-nodepool: default-pool
@@ -58,14 +66,26 @@ reloader:
# effect: "NoSchedule"
tolerations: []
# Topology spread constraints for pod assignment
# Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
# Example:
# topologySpreadConstraints:
# - maxSkew: 1
# topologyKey: zone
# whenUnsatisfiable: DoNotSchedule
# labelSelector:
# matchLabels:
# app: my-app
topologySpreadConstraints: []
annotations: {}
labels:
provider: stakater
group: com.stakater.platform
version: v0.0.114
version: v1.0.20
image:
name: ghcr.io/stakater/reloader
tag: v0.0.114
tag: v1.0.20
pullPolicy: IfNotPresent
# Support for extra environment variables.
env:
@@ -73,8 +93,21 @@ reloader:
open:
# secret supports Key value pair as environment variables. It gets the values based on keys from default reloader secret if any.
secret:
# ALERT_ON_RELOAD: <"true"|"false">
# ALERT_SINK: <"slack"> # By default it will be a raw text based webhook
# ALERT_WEBHOOK_URL: <"webhook_url">
# ALERT_ADDITIONAL_INFO: <"Additional Info like Cluster Name if needed">
# field supports Key value pair as environment variables. It gets the values from other fields of pod.
field:
# existing secret, you can specify multiple existing secrets, for each
# specify the env var name followed by the key in existing secret that
# will be used to populate the env var
existing:
# existing_secret_name:
# ALERT_ON_RELOAD: alert_on_reload_key
# ALERT_SINK: alert_sink_key
# ALERT_WEBHOOK_URL: alert_webhook_key
# ALERT_ADDITIONAL_INFO: alert_additional_info_key
# Liveness and readiness probe timeout values.
livenessProbe: {}
@@ -101,6 +134,8 @@ reloader:
pod:
annotations: {}
priorityClassName: ""
# imagePullSecrets:
# - name: myregistrykey
service: {}
# labels: {}
@@ -118,7 +153,7 @@ reloader:
annotations: {}
# The name of the ServiceAccount to use.
# If not set and create is true, a name is generated using the fullname template
name:
name:
# Optional flags to pass to the Reloader entrypoint
# Example:
# custom_annotations:
@@ -132,20 +167,103 @@ reloader:
enabled: false
# Set the namespace the ServiceMonitor should be deployed
# namespace: monitoring
# Set how frequently Prometheus should scrape
# interval: 30s
# Set labels for the ServiceMonitor, use this to define your scrape label for Prometheus Operator
# labels:
# Set timeout for scrape
# timeout: 10s
# Fallback to the prometheus default unless specified
# interval: 10s
## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS.
# scheme: ""
## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS.
## Of type: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#tlsconfig
# tlsConfig: {}
# bearerTokenFile:
# Fallback to the prometheus default unless specified
# timeout: 30s
## Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
labels: {}
## Used to pass annotations that are used by the Prometheus installed in your cluster to select Service Monitors to work with
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
annotations: {}
# Retain the job and instance labels of the metrics pushed to the Pushgateway
# [Scraping Pushgateway](https://github.com/prometheus/pushgateway#configure-the-pushgateway-as-a-target-to-scrape)
honorLabels: true
## Metric relabel configs to apply to samples before ingestion.
## [Metric Relabeling](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs)
metricRelabelings: []
# - action: keep
# regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
# sourceLabels: [__name__]
## Relabel configs to apply to samples before ingestion.
## [Relabeling](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config)
relabelings: []
# - sourceLabels: [__meta_kubernetes_pod_node_name]
# separator: ;
# regex: ^(.*)$
# targetLabel: nodename
# replacement: $1
# action: replace
targetLabels: []
podMonitor:
enabled: false
# Set the namespace the podMonitor should be deployed
# namespace: monitoring
# Set how frequently Prometheus should scrape
# interval: 30s
# Set labels for the podMonitor, use this to define your scrape label for Prometheus Operator
# labels:
# Set timeout for scrape
# timeout: 10s
# Fallback to the prometheus default unless specified
# interval: 10s
## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS.
# scheme: ""
## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS.
## Of type: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#tlsconfig
# tlsConfig: {}
# bearerTokenSecret:
# Fallback to the prometheus default unless specified
# timeout: 30s
## Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
labels: {}
## Used to pass annotations that are used by the Prometheus installed in your cluster to select Service Monitors to work with
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
annotations: {}
# Retain the job and instance labels of the metrics pushed to the Pushgateway
# [Scraping Pushgateway](https://github.com/prometheus/pushgateway#configure-the-pushgateway-as-a-target-to-scrape)
honorLabels: true
## Metric relabel configs to apply to samples before ingestion.
## [Metric Relabeling](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs)
metricRelabelings: []
# - action: keep
# regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
# sourceLabels: [__name__]
## Relabel configs to apply to samples before ingestion.
## [Relabeling](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config)
relabelings: []
# - sourceLabels: [__meta_kubernetes_pod_node_name]
# separator: ;
# regex: ^(.*)$
# targetLabel: nodename
# replacement: $1
# action: replace
podTargetLabels: []
podDisruptionBudget:
enabled: false
# Set the minimum available replicas
# minAvailable: 1

4
deployments/kubernetes/kustomization.yaml
View File

@@ -4,7 +4,5 @@ kind: Kustomization
resources:
- manifests/clusterrole.yaml
- manifests/clusterrolebinding.yaml
- manifests/role.yaml
- manifests/rolebinding.yaml
- manifests/serviceaccount.yaml
- manifests/deployment.yaml
- manifests/deployment.yaml

10
deployments/kubernetes/manifests/clusterrole.yaml
View File

@@ -9,12 +9,11 @@ metadata:
meta.helm.sh/release-name: "reloader"
labels:
app: reloader-reloader
chart: "reloader-v0.0.114"
chart: "reloader-v1.0.20"
release: "reloader"
heritage: "Helm"
app.kubernetes.io/managed-by: "Helm"
name: reloader-reloader-role
namespace: default
rules:
- apiGroups:
- ""
@@ -46,3 +45,10 @@ rules:
- get
- update
- patch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch

3
deployments/kubernetes/manifests/clusterrolebinding.yaml
View File

@@ -9,12 +9,11 @@ metadata:
meta.helm.sh/release-name: "reloader"
labels:
app: reloader-reloader
chart: "reloader-v0.0.114"
chart: "reloader-v1.0.20"
release: "reloader"
heritage: "Helm"
app.kubernetes.io/managed-by: "Helm"
name: reloader-reloader-role-binding
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole

17
deployments/kubernetes/manifests/deployment.yaml
View File

@@ -8,13 +8,13 @@ metadata:
meta.helm.sh/release-name: "reloader"
labels:
app: reloader-reloader
chart: "reloader-v0.0.114"
chart: "reloader-v1.0.20"
release: "reloader"
heritage: "Helm"
app.kubernetes.io/managed-by: "Helm"
group: com.stakater.platform
provider: stakater
version: v0.0.114
version: v1.0.20
name: reloader-reloader
namespace: default
spec:
@@ -28,16 +28,16 @@ spec:
metadata:
labels:
app: reloader-reloader
chart: "reloader-v0.0.114"
chart: "reloader-v1.0.20"
release: "reloader"
heritage: "Helm"
app.kubernetes.io/managed-by: "Helm"
group: com.stakater.platform
provider: stakater
version: v0.0.114
version: v1.0.20
spec:
containers:
- image: "stakater/reloader:v0.0.114"
- image: "stakater/reloader:v1.0.20"
imagePullPolicy: IfNotPresent
name: reloader-reloader
@@ -46,12 +46,13 @@ spec:
containerPort: 9090
livenessProbe:
httpGet:
path: /metrics
path: /live
port: http
timeoutSeconds: 5
failureThreshold: 5
periodSeconds: 10
successThreshold: 1
initialDelaySeconds: 10
readinessProbe:
httpGet:
path: /metrics
@@ -60,6 +61,10 @@ spec:
failureThreshold: 5
periodSeconds: 10
successThreshold: 1
initialDelaySeconds: 10
securityContext:
{}
securityContext:
runAsNonRoot: true
runAsUser: 65534

3
deployments/kubernetes/manifests/podmonitor.yaml
View File

@@ -1,3 +0,0 @@
---
# Source: reloader/templates/podmonitor.yaml

4
deployments/kubernetes/manifests/role.yaml
View File

@@ -1,4 +0,0 @@
---
# Source: reloader/templates/role.yaml

4
deployments/kubernetes/manifests/rolebinding.yaml
View File

@@ -1,4 +0,0 @@
---
# Source: reloader/templates/rolebinding.yaml

4
deployments/kubernetes/manifests/service.yaml
View File

@@ -1,4 +0,0 @@
---
# Source: reloader/templates/service.yaml

2
deployments/kubernetes/manifests/serviceaccount.yaml
View File

@@ -8,7 +8,7 @@ metadata:
meta.helm.sh/release-name: "reloader"
labels:
app: reloader-reloader
chart: "reloader-v0.0.114"
chart: "reloader-v1.0.20"
release: "reloader"
heritage: "Helm"
app.kubernetes.io/managed-by: "Helm"

4
deployments/kubernetes/manifests/servicemonitor.yaml
View File

@@ -1,4 +0,0 @@
---
# Source: reloader/templates/servicemonitor.yaml

32
deployments/kubernetes/reloader.yaml
View File

@@ -8,7 +8,7 @@ metadata:
meta.helm.sh/release-name: "reloader"
labels:
app: reloader-reloader
chart: "reloader-v0.0.114"
chart: "reloader-v1.0.20"
release: "reloader"
heritage: "Helm"
app.kubernetes.io/managed-by: "Helm"
@@ -25,12 +25,11 @@ metadata:
meta.helm.sh/release-name: "reloader"
labels:
app: reloader-reloader
chart: "reloader-v0.0.114"
chart: "reloader-v1.0.20"
release: "reloader"
heritage: "Helm"
app.kubernetes.io/managed-by: "Helm"
name: reloader-reloader-role
namespace: default
rules:
- apiGroups:
- ""
@@ -62,6 +61,13 @@ rules:
- get
- update
- patch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
# Source: reloader/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
@@ -73,12 +79,11 @@ metadata:
meta.helm.sh/release-name: "reloader"
labels:
app: reloader-reloader
chart: "reloader-v0.0.114"
chart: "reloader-v1.0.20"
release: "reloader"
heritage: "Helm"
app.kubernetes.io/managed-by: "Helm"
name: reloader-reloader-role-binding
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
@@ -97,13 +102,13 @@ metadata:
meta.helm.sh/release-name: "reloader"
labels:
app: reloader-reloader
chart: "reloader-v0.0.114"
chart: "reloader-v1.0.20"
release: "reloader"
heritage: "Helm"
app.kubernetes.io/managed-by: "Helm"
group: com.stakater.platform
provider: stakater
version: v0.0.114
version: v1.0.20
name: reloader-reloader
namespace: default
spec:
@@ -117,16 +122,16 @@ spec:
metadata:
labels:
app: reloader-reloader
chart: "reloader-v0.0.114"
chart: "reloader-v1.0.20"
release: "reloader"
heritage: "Helm"
app.kubernetes.io/managed-by: "Helm"
group: com.stakater.platform
provider: stakater
version: v0.0.114
version: v1.0.20
spec:
containers:
- image: "ghcr.io/stakater/reloader:v0.0.114"
- image: "ghcr.io/stakater/reloader:v1.0.20"
imagePullPolicy: IfNotPresent
name: reloader-reloader
@@ -135,12 +140,13 @@ spec:
containerPort: 9090
livenessProbe:
httpGet:
path: /metrics
path: /live
port: http
timeoutSeconds: 5
failureThreshold: 5
periodSeconds: 10
successThreshold: 1
initialDelaySeconds: 10
readinessProbe:
httpGet:
path: /metrics
@@ -149,6 +155,10 @@ spec:
failureThreshold: 5
periodSeconds: 10
successThreshold: 1
initialDelaySeconds: 10
securityContext:
{}
securityContext:
runAsNonRoot: true
runAsUser: 65534