🏁 v2.2.1 Release

Merge pull request #62 from ddelange/garbage-collector
♻️ Deduplicate definitions from deployment and cronjob
2026-02-19 22:59:50 +00:00 · 2022-08-15 14:47:24 -07:00 · 2022-08-15 14:40:33 -07:00 · 2022-08-15 14:38:24 -07:00 · 2022-08-15 14:33:33 -07:00 · 2022-08-11 09:34:52 +02:00
18 changed files with 595 additions and 196 deletions
--- a/.github/workflows/pr_diff.yaml
+++ b/.github/workflows/pr_diff.yaml
@@ -0,0 +1,52 @@
+name: PR Diff for Helm chart
+on:
+  pull_request:
+  pull_request_target:
+  
+permissions:
+  pull-requests: write
+
+jobs:
+  diff:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: azure/setup-helm@v3
+      - name: Run diff
+        id: diff
+        run: |
+          OPTIONS=(
+            --set serviceAccount.create=true
+            --set priorityClassName=high
+            --set podAnnotations.test=annotation
+            --set extraEnvVars[0].name=TEST_NAME
+            --set extraEnvVars[0].value=TEST_VALUE
+            --set secrets.htpasswd=abc
+            --set tlsSecretName=abc
+            --set garbageCollect.enabled=true
+            --set proxy.enabled=true
+            --set storage=s3
+            --set secrets.s3.secretKey=abc
+            --set secrets.s3.accessKey=def
+            --set s3.region=us-42
+            --set s3.bucket=abc
+            --set s3.encrypt=abc
+          )
+          helm template --debug ${OPTIONS[@]} --output-dir before ${{ github.server_url }}/${{ github.repository }}/archive/refs/heads/${{ github.base_ref }}.tar.gz
+          helm template --debug ${OPTIONS[@]} --output-dir after .
+          # https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+          echo 'HELM_DIFF<<EOF' >> $GITHUB_ENV
+          echo "$(diff -ur before after)" >> $GITHUB_ENV
+          echo 'EOF' >> $GITHUB_ENV
+      - uses: marocchino/sticky-pull-request-comment@39c5b5dc7717447d0cba270cd115037d32d28443
+        with:
+          message: |
+            Running a `helm template` smoketest on commit ${{ github.ref }} results in the following diff against `${{ github.base_ref }}`:
+            
+            <details><summary>diff</summary><p>
+            
+            ```diff
+            ${{ env.HELM_DIFF }}
+            ```
+            
+            </p></details>
--- a/Chart.yaml
+++ b/Chart.yaml
@@ -1,10 +1,10 @@
 apiVersion: v1
 description: A Helm chart for Docker Registry
 name: docker-registry
-version: 1.12.0
+version: 2.2.1
 appVersion: 2.7.1
 home: https://hub.docker.com/_/registry/
-icon: https://hub.docker.com/public/images/logos/mini-logo.svg
+icon: https://helm.twun.io/docker-registry.png
 maintainers:
 - email: devin@canterberry.cc
  name: Devin Canterberry
--- a/README.md
+++ b/README.md
@@ -43,6 +43,9 @@ their default values.
 | `persistence.size`          | Amount of space to claim for PVC                                                           | `10Gi`          |
 | `persistence.storageClass`  | Storage Class to use for PVC                                                               | `-`             |
 | `persistence.existingClaim` | Name of an existing PVC to use for config                                                  | `nil`           |
+| `serviceAccount.create`     | Create ServiceAccount                                                                      | `false`         |
+| `serviceAccount.name`       | ServiceAccount name                                                                        | `nil`           |
+| `serviceAccount.annotations` | Annotations to add to the ServiceAccount                                                  | `{}`            |
 | `service.port`              | TCP port on which the service is exposed                                                   | `5000`          |
 | `service.type`              | service type                                                                               | `ClusterIP`     |
 | `service.clusterIP`         | if `service.type` is `ClusterIP` and this is non-empty, sets the cluster IP of the service | `nil`           |
@@ -58,19 +61,27 @@ their default values.
 | `podDisruptionBudget`       | Pod disruption budget                                                                      | `{}`            |
 | `resources.limits.cpu`      | Container requested CPU                                                                    | `nil`           |
 | `resources.limits.memory`   | Container requested memory                                                                 | `nil`           |
+| `autoscaling.enabled`       | Enable autoscaling using HorizontalPodAutoscaler                                           | `false`         |
+| `autoscaling.minReplicas`   | Minimal number of replicas                                                                 | `1`             |
+| `autoscaling.maxReplicas`   | Maximal number of replicas                                                                 | `2`             |
+| `autoscaling.targetCPUUtilizationPercentage` | Target average utilization of CPU on Pods                                 | `60`            |
+| `autoscaling.targetMemoryUtilizationPercentage` | (Kubernetes ≥1.23) Target average utilization of Memory on Pods        | `60`            |
+| `autoscaling.behavior`      | (Kubernetes ≥1.23) Configurable scaling behavior                                           | `{}`            |
 | `priorityClassName      `   | priorityClassName                                                                          | `""`            |
 | `storage`                   | Storage system to use                                                                      | `filesystem`    |
 | `tlsSecretName`             | Name of secret for TLS certs                                                               | `nil`           |
 | `secrets.htpasswd`          | Htpasswd authentication                                                                    | `nil`           |
 | `secrets.s3.accessKey`      | Access Key for S3 configuration                                                            | `nil`           |
 | `secrets.s3.secretKey`      | Secret Key for S3 configuration                                                            | `nil`           |
+| `secrets.s3.secretRef`      | The ref for an external secret containing the accessKey and secretKey keys                 | `""`            |
 | `secrets.swift.username`    | Username for Swift configuration                                                           | `nil`           |
 | `secrets.swift.password`    | Password for Swift configuration                                                           | `nil`           |
-| `haSharedSecret`            | Shared secret for Registry                                                                 | `nil`           |
+| `secrets.haSharedSecret`    | Shared secret for Registry                                                                 | `nil`           |
 | `configData`                | Configuration hash for docker                                                              | `nil`           |
 | `s3.region`                 | S3 region                                                                                  | `nil`           |
 | `s3.regionEndpoint`         | S3 region endpoint                                                                         | `nil`           |
 | `s3.bucket`                 | S3 bucket name                                                                             | `nil`           |
+| `s3.rootdirectory`          | S3 prefix that is applied to allow you to segment data                                     | `nil`           |
 | `s3.encrypt`                | Store images in encrypted format                                                           | `nil`           |
 | `s3.secure`                 | Use HTTPS                                                                                  | `nil`           |
 | `swift.authurl`             | Swift authurl                                                                              | `nil`           |
@@ -80,6 +91,7 @@ their default values.
 | `proxy.username`            | Remote registry login username                                                             | `nil`           |
 | `proxy.password`            | Remote registry login password                                                             | `nil`           |
 | `proxy.secretRef`           | The ref for an external secret containing the proxyUsername and proxyPassword keys         | `""`            |
+| `namespace`                 | specify a namespace to install the chart to - defaults to `.Release.Namespace`             | `{{ .Release.Namespace }}` |
 | `nodeSelector`              | node labels for pod assignment                                                             | `{}`            |
 | `affinity`                  | affinity settings                                                                          | `{}`            |
 | `tolerations`               | pod tolerations                                                                            | `[]`            |
@@ -89,8 +101,23 @@ their default values.
 | `ingress.path`              | Ingress service path                                                                       | `/`             |
 | `ingress.hosts`             | Ingress hostnames                                                                          | `[]`            |
 | `ingress.tls`               | Ingress TLS configuration (YAML)                                                           | `[]`            |
+| `ingress.className`         | Ingress controller class name                                                              | `nginx`         |
+| `metrics.enabled`           | Enable metrics on Service                                                                  | `false`         |
+| `metrics.port`              | TCP port on which the service metrics is exposed                                           | `5001`          |
+| `metrics.serviceMonitor.annotations` | Prometheus Operator ServiceMonitor annotations                                    | `{}`            |
+| `metrics.serviceMonitor.enable` | If true, Prometheus Operator ServiceMonitor will be created                            | `false`         |
+| `metrics.serviceMonitor.labels` | Prometheus Operator ServiceMonitor labels                                              | `{}`            |
+| `metrics.prometheusRule.annotations` | Prometheus Operator PrometheusRule annotations                                    | `{}`            |
+| `metrics.prometheusRule.enable` | If true, Prometheus Operator prometheusRule will be created                            | `false`         |
+| `metrics.prometheusRule.labels` | Prometheus Operator prometheusRule labels                                              | `{}`            |
+| `metrics.prometheusRule.rules` | PrometheusRule defining alerting rules for a Prometheus instance                        | `{}`            |
 | `extraVolumeMounts`         | Additional volumeMounts to the registry container                                          | `[]`            |
 | `extraVolumes`              | Additional volumes to the pod                                                              | `[]`            |
+| `extraEnvVars`              | Additional environment variables to the pod                                                | `[]`            |
+| `initContainers`            | Init containers to be created in the pod                                                   | `[]`            |
+| `garbageCollect.enabled`    | If true, will deploy garbage-collector cronjob                                             | `false`         |
+| `garbageCollect.deleteUntagged` | If true, garbage-collector will delete manifests that are not currently referenced via tag | `true` |    |
+| `garbageCollect.schedule`   | CronTab schedule, please use standard crontab format                                        | `0 1 * * *` |  |

 Specify each parameter using the `--set key=value[,key=value]` argument to
 `helm install`.
--- a/templates/_helpers.tpl
+++ b/templates/_helpers.tpl
@@ -22,3 +22,188 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
 {{- end -}}
 {{- end -}}
 {{- end -}}
+
+{{- define "docker-registry.envs" -}}
+- name: REGISTRY_HTTP_SECRET
+  valueFrom:
+    secretKeyRef:
+      name: {{ template "docker-registry.fullname" . }}-secret
+      key: haSharedSecret
+
+{{- if .Values.secrets.htpasswd }}
+- name: REGISTRY_AUTH
+  value: "htpasswd"
+- name: REGISTRY_AUTH_HTPASSWD_REALM
+  value: "Registry Realm"
+- name: REGISTRY_AUTH_HTPASSWD_PATH
+  value: "/auth/htpasswd"
+{{- end }}
+
+{{- if .Values.tlsSecretName }}
+- name: REGISTRY_HTTP_TLS_CERTIFICATE
+  value: /etc/ssl/docker/tls.crt
+- name: REGISTRY_HTTP_TLS_KEY
+  value: /etc/ssl/docker/tls.key
+{{- end -}}
+
+{{- if eq .Values.storage "filesystem" }}
+- name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY
+  value: "/var/lib/registry"
+{{- else if eq .Values.storage "azure" }}
+- name: REGISTRY_STORAGE_AZURE_ACCOUNTNAME
+  valueFrom:
+    secretKeyRef:
+      name: {{ template "docker-registry.fullname" . }}-secret
+      key: azureAccountName
+- name: REGISTRY_STORAGE_AZURE_ACCOUNTKEY
+  valueFrom:
+    secretKeyRef:
+      name: {{ template "docker-registry.fullname" . }}-secret
+      key: azureAccountKey
+- name: REGISTRY_STORAGE_AZURE_CONTAINER
+  valueFrom:
+    secretKeyRef:
+      name: {{ template "docker-registry.fullname" . }}-secret
+      key: azureContainer
+{{- else if eq .Values.storage "s3" }}
+- name: REGISTRY_STORAGE_S3_REGION
+  value: {{ required ".Values.s3.region is required" .Values.s3.region }}
+- name: REGISTRY_STORAGE_S3_BUCKET
+  value: {{ required ".Values.s3.bucket is required" .Values.s3.bucket }}
+{{- if or (and .Values.secrets.s3.secretKey .Values.secrets.s3.accessKey) .Values.secrets.s3.secretRef }}
+- name: REGISTRY_STORAGE_S3_ACCESSKEY
+  valueFrom:
+    secretKeyRef:
+      name: {{ if .Values.secrets.s3.secretRef }}{{ .Values.secrets.s3.secretRef }}{{ else }}{{ template "docker-registry.fullname" . }}-secret{{ end }}
+      key: s3AccessKey
+- name: REGISTRY_STORAGE_S3_SECRETKEY
+  valueFrom:
+    secretKeyRef:
+      name: {{ if .Values.secrets.s3.secretRef }}{{ .Values.secrets.s3.secretRef }}{{ else }}{{ template "docker-registry.fullname" . }}-secret{{ end }}
+      key: s3SecretKey
+{{- end -}}
+
+{{- if .Values.s3.regionEndpoint }}
+- name: REGISTRY_STORAGE_S3_REGIONENDPOINT
+  value: {{ .Values.s3.regionEndpoint }}
+{{- end -}}
+
+{{- if .Values.s3.rootdirectory }}
+- name: REGISTRY_STORAGE_S3_ROOTDIRECTORY
+  value: {{ .Values.s3.rootdirectory | quote }}
+{{- end -}}
+
+{{- if .Values.s3.encrypt }}
+- name: REGISTRY_STORAGE_S3_ENCRYPT
+  value: {{ .Values.s3.encrypt | quote }}
+{{- end -}}
+
+{{- if .Values.s3.secure }}
+- name: REGISTRY_STORAGE_S3_SECURE
+  value: {{ .Values.s3.secure | quote }}
+{{- end -}}
+
+{{- else if eq .Values.storage "swift" }}
+- name: REGISTRY_STORAGE_SWIFT_AUTHURL
+  value: {{ required ".Values.swift.authurl is required" .Values.swift.authurl }}
+- name: REGISTRY_STORAGE_SWIFT_USERNAME
+  valueFrom:
+    secretKeyRef:
+      name: {{ template "docker-registry.fullname" . }}-secret
+      key: swiftUsername
+- name: REGISTRY_STORAGE_SWIFT_PASSWORD
+  valueFrom:
+    secretKeyRef:
+      name: {{ template "docker-registry.fullname" . }}-secret
+      key: swiftPassword
+- name: REGISTRY_STORAGE_SWIFT_CONTAINER
+  value: {{ required ".Values.swift.container is required" .Values.swift.container }}
+{{- end -}}
+
+{{- if .Values.proxy.enabled }}
+- name: REGISTRY_PROXY_REMOTEURL
+  value: {{ required ".Values.proxy.remoteurl is required" .Values.proxy.remoteurl }}
+- name: REGISTRY_PROXY_USERNAME
+  valueFrom:
+    secretKeyRef:
+      name: {{ if .Values.proxy.secretRef }}{{ .Values.proxy.secretRef }}{{ else }}{{ template "docker-registry.fullname" . }}-secret{{ end }}
+      key: proxyUsername
+- name: REGISTRY_PROXY_PASSWORD
+  valueFrom:
+    secretKeyRef:
+      name: {{ if .Values.proxy.secretRef }}{{ .Values.proxy.secretRef }}{{ else }}{{ template "docker-registry.fullname" . }}-secret{{ end }}
+      key: proxyPassword
+{{- end -}}
+
+{{- if .Values.persistence.deleteEnabled }}
+- name: REGISTRY_STORAGE_DELETE_ENABLED
+  value: "true"
+{{- end -}}
+
+{{- with .Values.extraEnvVars }}
+{{ toYaml . }}
+{{- end -}}
+
+{{- end -}}
+
+{{- define "docker-registry.volumeMounts" -}}
+- name: "{{ template "docker-registry.fullname" . }}-config"
+  mountPath: "/etc/docker/registry"
+
+{{- if .Values.secrets.htpasswd }}
+- name: auth
+  mountPath: /auth
+  readOnly: true
+{{- end }}
+
+{{- if eq .Values.storage "filesystem" }}
+- name: data
+  mountPath: /var/lib/registry/
+{{- end }}
+
+{{- if .Values.tlsSecretName }}
+- mountPath: /etc/ssl/docker
+  name: tls-cert
+  readOnly: true
+{{- end }}
+
+{{- with .Values.extraVolumeMounts }}
+{{- toYaml . }}
+{{- end }}
+
+{{- end -}}
+
+{{- define "docker-registry.volumes" -}}
+- name: {{ template "docker-registry.fullname" . }}-config
+  configMap:
+    name: {{ template "docker-registry.fullname" . }}-config
+
+{{- if .Values.secrets.htpasswd }}
+- name: auth
+  secret:
+    secretName: {{ template "docker-registry.fullname" . }}-secret
+    items:
+    - key: htpasswd
+      path: htpasswd
+{{- end }}
+
+{{- if eq .Values.storage "filesystem" }}
+- name: data
+  {{- if .Values.persistence.enabled }}
+  persistentVolumeClaim:
+    claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "docker-registry.fullname" . }}{{- end }}
+  {{- else }}
+  emptyDir: {}
+  {{- end -}}
+{{- end }}
+
+{{- if .Values.tlsSecretName }}
+- name: tls-cert
+  secret:
+    secretName: {{ .Values.tlsSecretName }}
+{{- end }}
+
+{{- with .Values.extraVolumes }}
+{{- toYaml . }}
+{{- end }}
+{{- end -}}
--- a/templates/configmap.yaml
+++ b/templates/configmap.yaml
@@ -2,6 +2,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
  name: {{ template "docker-registry.fullname" . }}-config
+  namespace: {{ .Values.namespace | default .Release.Namespace }}
  labels:
    app: {{ template "docker-registry.name" . }}
    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
--- a/templates/cronjob.yaml
+++ b/templates/cronjob.yaml
@@ -0,0 +1,67 @@
+{{- if .Values.garbageCollect.enabled }}
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: {{ template "docker-registry.fullname" . }}-garbage-collector
+  namespace: {{ .Values.namespace | default .Release.Namespace }}
+  labels:
+    app: {{ template "docker-registry.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  schedule: {{ .Values.garbageCollect.schedule | quote }}
+  jobTemplate:
+    metadata:
+      labels:
+        app: {{ template "docker-registry.name" . }}
+        release: {{ .Release.Name }}
+        {{- with .Values.podLabels }}
+        {{ toYaml . | nindent 8 }}
+        {{- end }}
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+        checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
+        {{- if .Values.podAnnotations }}
+        {{ toYaml .Values.podAnnotations | nindent 8 }}
+        {{- end }}
+    spec:
+      template:
+        spec:
+          {{- if or (eq .Values.serviceAccount.create true) (ne .Values.serviceAccount.name "") }}
+          serviceAccountName: {{ .Values.serviceAccount.name | default (include "docker-registry.fullname" .) }}
+          {{- end }}
+          {{- if .Values.imagePullSecrets }}
+          imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 12 }}
+          {{- end }}
+          {{- if .Values.priorityClassName }}
+          priorityClassName: "{{ .Values.priorityClassName }}"
+          {{- end }}
+          {{- if .Values.securityContext.enabled }}
+          securityContext:
+            fsGroup: {{ .Values.securityContext.fsGroup }}
+            runAsUser: {{ .Values.securityContext.runAsUser }}
+          {{- end }}
+          containers:
+            - name: {{ .Chart.Name }}
+              image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+              imagePullPolicy: {{ .Values.image.pullPolicy }}
+              command:
+              - /bin/registry
+              - garbage-collect
+              - --delete-untagged={{ .Values.garbageCollect.deleteUntagged }}
+              - /etc/docker/registry/config.yml
+              env: {{ include "docker-registry.envs" . | nindent 16 }}
+              volumeMounts: {{ include "docker-registry.volumeMounts" . | nindent 16 }}
+          restartPolicy: OnFailure
+          {{- if .Values.nodeSelector }}
+          nodeSelector: {{ toYaml .Values.nodeSelector | nindent 12 }}
+          {{- end }}
+          {{- if .Values.affinity }}
+          affinity: {{ toYaml .Values.affinity | nindent 12 }}
+          {{- end }}
+          {{- if .Values.tolerations }}
+          tolerations: {{ toYaml .Values.tolerations | nindent 12 }}
+          {{- end }}
+          volumes: {{ include "docker-registry.volumes" . | nindent 12 }}
+{{- end }}
--- a/templates/deployment.yaml
+++ b/templates/deployment.yaml
@@ -2,6 +2,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: {{ template "docker-registry.fullname" . }}
+  namespace: {{ .Values.namespace | default .Release.Namespace }}
  labels:
    app: {{ template "docker-registry.name" . }}
    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
@@ -13,37 +14,43 @@ spec:
      app: {{ template "docker-registry.name" . }}
      release: {{ .Release.Name }}
  replicas: {{ .Values.replicaCount }}
-{{- if .Values.updateStrategy }}
-  strategy:
-{{ toYaml .Values.updateStrategy | indent 4 }}
-{{- end }}
+  {{- if .Values.updateStrategy }}
+  strategy: {{ toYaml .Values.updateStrategy | nindent 4 }}
+  {{- end }}
  minReadySeconds: 5
  template:
    metadata:
      labels:
        app: {{ template "docker-registry.name" . }}
        release: {{ .Release.Name }}
-        {{- if .Values.podLabels }}
-{{ toYaml .Values.podLabels | indent 8 }}
+        {{- with .Values.podLabels }}
+        {{ toYaml . | nindent 8 }}
        {{- end }}
      annotations:
        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
-{{- if $.Values.podAnnotations }}
-{{ toYaml $.Values.podAnnotations | indent 8 }}
-{{- end }}
+        checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
+        {{- if .Values.podAnnotations }}
+        {{ toYaml .Values.podAnnotations | nindent 8 }}
+        {{- end }}
    spec:
-      {{- if .Values.imagePullSecrets }}
-      imagePullSecrets:
-{{ toYaml .Values.imagePullSecrets | indent 8 }}
+      {{- if or (eq .Values.serviceAccount.create true) (ne .Values.serviceAccount.name "") }}
+      serviceAccountName: {{ .Values.serviceAccount.name | default (include "docker-registry.fullname" .) }}
      {{- end }}
-{{- if .Values.priorityClassName }}
+      {{- if .Values.imagePullSecrets }}
+      imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }}
+      {{- end }}
+      {{- if .Values.priorityClassName }}
      priorityClassName: "{{ .Values.priorityClassName }}"
-{{- end }}
-{{- if .Values.securityContext.enabled }}
+      {{- end }}
+      {{- if .Values.securityContext.enabled }}
      securityContext:
        fsGroup: {{ .Values.securityContext.fsGroup }}
        runAsUser: {{ .Values.securityContext.runAsUser }}
-{{- end }}
+      {{- end }}
+      {{- with .Values.initContainers }}
+      initContainers:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
      containers:
        - name: {{ .Chart.Name }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
@@ -54,182 +61,35 @@ spec:
          - /etc/docker/registry/config.yml
          ports:
            - containerPort: 5000
+            {{- if .Values.metrics.enabled }}
+            - containerPort: {{ (split ":" .Values.configData.http.debug.addr)._1 }}
+              name: http-metrics
+              protocol: TCP
+            {{- end }}
          livenessProbe:
            httpGet:
-{{- if .Values.tlsSecretName }}
+              {{- if .Values.tlsSecretName }}
              scheme: HTTPS
-{{- end }}
+              {{- end }}
              path: /
              port: 5000
          readinessProbe:
            httpGet:
-{{- if .Values.tlsSecretName }}
+              {{- if .Values.tlsSecretName }}
              scheme: HTTPS
-{{- end }}
+              {{- end }}
              path: /
              port: 5000
-          resources:
-{{ toYaml .Values.resources | indent 12 }}
-          env:
-{{- if .Values.secrets.htpasswd }}
-            - name: REGISTRY_AUTH
-              value: "htpasswd"
-            - name: REGISTRY_AUTH_HTPASSWD_REALM
-              value: "Registry Realm"
-            - name: REGISTRY_AUTH_HTPASSWD_PATH
-              value: "/auth/htpasswd"
-{{- end }}
-            - name: REGISTRY_HTTP_SECRET
-              valueFrom:
-                secretKeyRef:
-                  name: {{ template "docker-registry.fullname" . }}-secret
-                  key: haSharedSecret
-{{- if .Values.tlsSecretName }}
-            - name: REGISTRY_HTTP_TLS_CERTIFICATE
-              value: /etc/ssl/docker/tls.crt
-            - name: REGISTRY_HTTP_TLS_KEY
-              value: /etc/ssl/docker/tls.key
-{{- end }}
-{{- if eq .Values.storage "filesystem" }}
-            - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY
-              value: "/var/lib/registry"
-{{- else if eq .Values.storage "azure" }}
-            - name: REGISTRY_STORAGE_AZURE_ACCOUNTNAME
-              valueFrom:
-                secretKeyRef:
-                  name: {{ template "docker-registry.fullname" . }}-secret
-                  key: azureAccountName
-            - name: REGISTRY_STORAGE_AZURE_ACCOUNTKEY
-              valueFrom:
-                secretKeyRef:
-                  name: {{ template "docker-registry.fullname" . }}-secret
-                  key: azureAccountKey
-            - name: REGISTRY_STORAGE_AZURE_CONTAINER
-              valueFrom:
-                secretKeyRef:
-                  name: {{ template "docker-registry.fullname" . }}-secret
-                  key: azureContainer
-{{- else if eq .Values.storage "s3" }}
-            {{- if and .Values.secrets.s3.secretKey .Values.secrets.s3.accessKey }}
-            - name: REGISTRY_STORAGE_S3_ACCESSKEY
-              valueFrom:
-                secretKeyRef:
-                  name: {{ template "docker-registry.fullname" . }}-secret
-                  key: s3AccessKey
-            - name: REGISTRY_STORAGE_S3_SECRETKEY
-              valueFrom:
-                secretKeyRef:
-                  name: {{ template "docker-registry.fullname" . }}-secret
-                  key: s3SecretKey
-            {{- end }}
-            - name: REGISTRY_STORAGE_S3_REGION
-              value: {{ required ".Values.s3.region is required" .Values.s3.region }}
-          {{- if .Values.s3.regionEndpoint }}
-            - name: REGISTRY_STORAGE_S3_REGIONENDPOINT
-              value: {{ .Values.s3.regionEndpoint }}
-          {{- end }}
-            - name: REGISTRY_STORAGE_S3_BUCKET
-              value: {{ required ".Values.s3.bucket is required" .Values.s3.bucket }}
-          {{- if .Values.s3.encrypt }}
-            - name: REGISTRY_STORAGE_S3_ENCRYPT
-              value: {{ .Values.s3.encrypt | quote }}
-          {{- end }}
-          {{- if .Values.s3.secure }}
-            - name: REGISTRY_STORAGE_S3_SECURE
-              value: {{ .Values.s3.secure | quote }}
-          {{- end }}
-{{- else if eq .Values.storage "swift" }}
-            - name: REGISTRY_STORAGE_SWIFT_AUTHURL
-              value: {{ required ".Values.swift.authurl is required" .Values.swift.authurl }}
-            - name: REGISTRY_STORAGE_SWIFT_USERNAME
-              valueFrom:
-                secretKeyRef:
-                  name: {{ template "docker-registry.fullname" . }}-secret
-                  key: swiftUsername
-            - name: REGISTRY_STORAGE_SWIFT_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: {{ template "docker-registry.fullname" . }}-secret
-                  key: swiftPassword
-            - name: REGISTRY_STORAGE_SWIFT_CONTAINER
-              value: {{ required ".Values.swift.container is required" .Values.swift.container }}
-{{- end }}
-{{- if .Values.proxy.enabled }}
-            - name: REGISTRY_PROXY_REMOTEURL
-              value: {{ required ".Values.proxy.remoteurl is required" .Values.proxy.remoteurl }}
-            - name: REGISTRY_PROXY_USERNAME
-              valueFrom:
-                secretKeyRef:
-                  name: {{ if .Values.proxy.secretRef }}{{ .Values.proxy.secretRef }}{{ else }}{{ template "docker-registry.fullname" . }}-secret{{ end }}
-                  key: proxyUsername
-            - name: REGISTRY_PROXY_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: {{ if .Values.proxy.secretRef }}{{ .Values.proxy.secretRef }}{{ else }}{{ template "docker-registry.fullname" . }}-secret{{ end }}
-                  key: proxyPassword
-{{- end }}
-{{- if .Values.persistence.deleteEnabled }}
-            - name: REGISTRY_STORAGE_DELETE_ENABLED
-              value: "true"
-{{- end }}
-          volumeMounts:
-{{- if .Values.secrets.htpasswd }}
-            - name: auth
-              mountPath: /auth
-              readOnly: true
-{{- end }}
-{{- if eq .Values.storage "filesystem" }}
-            - name: data
-              mountPath: /var/lib/registry/
-{{- end }}
-            - name: "{{ template "docker-registry.fullname" . }}-config"
-              mountPath: "/etc/docker/registry"
-{{- if .Values.tlsSecretName }}
-            - mountPath: /etc/ssl/docker
-              name: tls-cert
-              readOnly: true
-{{- end }}
-{{- with .Values.extraVolumeMounts }}
-            {{- toYaml . | nindent 12 }}
-{{- end }}
-{{- if .Values.nodeSelector }}
-      nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 8 }}
-{{- end }}
-{{- if .Values.affinity }}
-      affinity:
-{{ toYaml .Values.affinity | indent 8 }}
-{{- end }}
-{{- if .Values.tolerations }}
-      tolerations:
-{{ toYaml .Values.tolerations | indent 8 }}
-{{- end }}
-      volumes:
-{{- if .Values.secrets.htpasswd }}
-        - name: auth
-          secret:
-            secretName: {{ template "docker-registry.fullname" . }}-secret
-            items:
-            - key: htpasswd
-              path: htpasswd
-{{- end }}
-{{- if eq .Values.storage "filesystem" }}
-        - name: data
-      {{- if .Values.persistence.enabled }}
-          persistentVolumeClaim:
-            claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "docker-registry.fullname" . }}{{- end }}
-      {{- else }}
-          emptyDir: {}
-      {{- end -}}
-{{- end }}
-        - name: {{ template "docker-registry.fullname" . }}-config
-          configMap:
-            name: {{ template "docker-registry.fullname" . }}-config
-{{- if .Values.tlsSecretName }}
-        - name: tls-cert
-          secret:
-            secretName: {{ .Values.tlsSecretName }}
-{{- end }}
-{{- with .Values.extraVolumes }}
-        {{- toYaml . | nindent 8 }}
-{{- end }}
+          resources: {{ toYaml .Values.resources | nindent 12 }}
+          env: {{ include "docker-registry.envs" . | nindent 12 }}
+          volumeMounts: {{ include "docker-registry.volumeMounts" . | nindent 12 }}
+      {{- if .Values.nodeSelector }}
+      nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
+      {{- end }}
+      {{- if .Values.affinity }}
+      affinity: {{ toYaml .Values.affinity | nindent 8 }}
+      {{- end }}
+      {{- if .Values.tolerations }}
+      tolerations: {{ toYaml .Values.tolerations | nindent 8 }}
+      {{- end }}
+      volumes: {{ include "docker-registry.volumes" . | nindent 8 }}
--- a/templates/hpa.yaml
+++ b/templates/hpa.yaml
@@ -0,0 +1,42 @@
+{{- if .Values.autoscaling.enabled }}
+{{- $apiVersions := .Capabilities.APIVersions -}}
+{{- if $apiVersions.Has "autoscaling/v2" }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ template "docker-registry.fullname" . }}
+  labels:
+    app: {{ template "docker-registry.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ template "docker-registry.fullname" . }}
+  minReplicas: {{ .Values.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+  metrics:
+{{- with .Values.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: {{ . }}
+{{- end }}
+{{- with .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        target:
+          type: Utilization
+          averageUtilization: {{ . }}
+{{- end }}
+{{- with .Values.autoscaling.behavior }}
+  behavior:
+    {{- toYaml . | nindent 4 }}
+{{- end }}
+{{- end }}
+{{- end }}
--- a/templates/hpaV1.yaml
+++ b/templates/hpaV1.yaml
@@ -0,0 +1,22 @@
+{{- if .Values.autoscaling.enabled }}
+{{- $apiVersions := .Capabilities.APIVersions -}}
+{{- if not ($apiVersions.Has "autoscaling/v2") }}
+apiVersion: autoscaling/v1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ template "docker-registry.fullname" . }}
+  labels:
+    app: {{ template "docker-registry.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ template "docker-registry.fullname" . }}
+  minReplicas: {{ .Values.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+  targetCPUUtilizationPercentage: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+{{- end }}
+{{- end }}
--- a/templates/ingress.yaml
+++ b/templates/ingress.yaml
@@ -1,11 +1,13 @@
 {{- if .Values.ingress.enabled -}}
+{{- $apiVersions := .Capabilities.APIVersions -}}
 {{- $serviceName := include "docker-registry.fullname" . -}}
 {{- $servicePort := .Values.service.port -}}
 {{- $path := .Values.ingress.path -}}
-apiVersion: {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} networking.k8s.io/v1beta1 {{- else }} extensions/v1beta1 {{- end }}
+apiVersion: {{- if $apiVersions.Has "networking.k8s.io/v1" }} networking.k8s.io/v1 {{- else }} networking.k8s.io/v1beta1 {{- end }}
 kind: Ingress
 metadata:
  name: {{ template "docker-registry.fullname" . }}
+  namespace: {{ .Values.namespace | default .Release.Namespace }}
  labels:
    app: {{ template "docker-registry.name" . }}
    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
@@ -19,15 +21,27 @@ metadata:
      {{ $key }}: {{ $value | quote }}
    {{- end }}
 spec:
+{{- if $apiVersions.Has "networking.k8s.io/v1" }}
+  ingressClassName: {{ .Values.ingress.className }}
+{{- end }}
  rules:
    {{- range $host := .Values.ingress.hosts }}
    - host: {{ $host }}
      http:
        paths:
          - path: {{ $path }}
+{{- if $apiVersions.Has "networking.k8s.io/v1" }}
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ $serviceName }}
+                port:
+                  number: {{ $servicePort }}
+{{- else }}
            backend:
              serviceName: {{ $serviceName }}
              servicePort: {{ $servicePort }}
+{{- end }}
    {{- end -}}
  {{- if .Values.ingress.tls }}
  tls:
--- a/templates/poddisruptionbudget.yaml
+++ b/templates/poddisruptionbudget.yaml
@@ -3,6 +3,7 @@ apiVersion: policy/v1beta1
 kind: PodDisruptionBudget
 metadata:
  name: {{ template "docker-registry.fullname" . }}
+  namespace: {{ .Values.namespace | default .Release.Namespace }}
  labels:
    app: {{ template "docker-registry.name" . }}
    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
--- a/templates/prometheusrules.yaml
+++ b/templates/prometheusrules.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled -}}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ template "docker-registry.fullname" . }}
+  labels:
+    app.kubernetes.io/component: controller
+  {{- if .Values.metrics.prometheusRule.labels }}
+    {{- toYaml .Values.metrics.prometheusRule.labels | nindent 4 }}
+  {{- end }}
+spec:
+{{- if .Values.metrics.prometheusRule.rules }}
+  groups:
+  - name: {{ template "docker-registry.fullname" . }}
+    rules: {{- toYaml .Values.metrics.prometheusRule.rules | nindent 4 }}
+{{- end }}
+{{- end }}
--- a/templates/pvc.yaml
+++ b/templates/pvc.yaml
@@ -4,6 +4,7 @@ kind: PersistentVolumeClaim
 apiVersion: v1
 metadata:
  name: {{ template "docker-registry.fullname" . }}
+  namespace: {{ .Values.namespace | default .Release.Namespace }}
  labels:
    app: {{ template "docker-registry.fullname" . }}
    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
--- a/templates/secret.yaml
+++ b/templates/secret.yaml
@@ -2,6 +2,7 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: {{ template "docker-registry.fullname" . }}-secret
+  namespace: {{ .Values.namespace | default .Release.Namespace }}
  labels:
    app: {{ template "docker-registry.name" . }}
    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
@@ -35,10 +36,5 @@ data:
  swiftPassword: {{ .Values.secrets.swift.password | b64enc | quote }}
    {{- end }}
  {{- end }}
-  
-  {{- if .Values.proxy.username }}
-  proxyUsername: {{ .Values.proxy.username | b64enc | quote }}
-  {{- end }}
-  {{- if .Values.proxy.password }}
-  proxyPassword: {{ .Values.proxy.password | b64enc | quote }}
-  {{- end }}
+  proxyUsername: {{ .Values.proxy.username | default "" | b64enc | quote }}
+  proxyPassword: {{ .Values.proxy.password | default "" | b64enc | quote }}
--- a/templates/service.yaml
+++ b/templates/service.yaml
@@ -2,6 +2,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: {{ template "docker-registry.fullname" . }}
+  namespace: {{ .Values.namespace | default .Release.Namespace }}
  labels:
    app: {{ template "docker-registry.name" . }}
    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
@@ -36,6 +37,12 @@ spec:
      targetPort: 5000
 {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }}
      nodePort: {{ .Values.service.nodePort }}
+{{- end }}
+{{- if .Values.metrics.enabled }}
+    - port: {{ .Values.metrics.port }}
+      protocol: TCP
+      name: http-metrics
+      targetPort: {{ (split ":" .Values.configData.http.debug.addr)._1 }}
 {{- end }}
  selector:
    app: {{ template "docker-registry.name" . }}
--- a/templates/serviceaccount.yaml
+++ b/templates/serviceaccount.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    app: {{ template "docker-registry.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+{{- if .Values.serviceAccount.name }}
+  name: {{ .Values.serviceAccount.name }}
+{{- else  }}
+  name: {{ include "docker-registry.fullname" . }}
+{{- end }}
+{{- if .Values.serviceAccount.annotations }}
+  annotations:
+{{ toYaml .Values.serviceAccount.annotations | indent 4 }}
+{{- end }}
+{{- end -}}
--- a/templates/servicemonitor.yaml
+++ b/templates/servicemonitor.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled -}}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "docker-registry.fullname" . }}-servicemonitor
+  labels:
+    app: {{ template "docker-registry.name" . }}-metrics
+    release: {{ .Release.Name }}
+{{- if .Values.metrics.serviceMonitor.labels }}
+{{ toYaml .Values.metrics.serviceMonitor.labels | indent 4 }}
+{{- end }}
+spec:
+  selector:
+    matchLabels:
+      app: {{ template "docker-registry.name" . }}
+      release: {{ .Release.Name }}
+      heritage: {{ .Release.Service }}
+  endpoints:
+  - port: http-metrics
+    interval: 15s
+{{- end }}
--- a/values.yaml
+++ b/values.yaml
@@ -12,6 +12,11 @@ updateStrategy: {}
 podAnnotations: {}
 podLabels: {}

+serviceAccount:
+  create: false
+  name: ""
+  annotations: {}
+
 image:
  repository: registry
  tag: 2.7.1
@@ -32,6 +37,7 @@ service:
  # foo.io/bar: "true"
 ingress:
  enabled: false
+  className: nginx
  path: /
  # Used to create an Ingress record.
  hosts:
@@ -76,7 +82,9 @@ secrets:
 #     accountKey: ""
 #     container: ""
 # Secrets for S3 access and secret keys
+# Use a secretRef with keys (accessKey, secretKey) for secrets stored outside the chart
 #   s3:
+#     secretRef: ""
 #     accessKey: ""
 #     secretKey: ""
 # Secrets for Swift username and password
@@ -89,6 +97,7 @@ secrets:
 #  region: us-east-1
 #  regionEndpoint: s3.us-east-1.amazonaws.com
 #  bucket: my-bucket
+#  rootdirectory: /object/prefix
 #  encrypt: false
 #  secure: true

@@ -107,6 +116,19 @@ proxy:
  # Keys: proxyUsername, proxyPassword
  secretRef: ""

+metrics:
+  enabled: false
+  port: 5001
+  # Create a prometheus-operator servicemonitor
+  serviceMonitor:
+    enabled: false
+    labels: {}
+  # prometheus-operator PrometheusRule defining alerting rules for a Prometheus instance
+  prometheusRule:
+    enabled: false
+    labels: {}
+    rules: {}
+
 configData:
  version: 0.1
  log:
@@ -119,6 +141,11 @@ configData:
    addr: :5000
    headers:
      X-Content-Type-Options: [nosniff]
+    debug:
+      addr: :5001
+      prometheus:
+        enabled: false
+        path: /metrics
  health:
    storagedriver:
      enabled: true
@@ -136,6 +163,30 @@ podDisruptionBudget: {}
  # maxUnavailable: 1
  # minAvailable: 2

+autoscaling:
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 2
+  targetCPUUtilizationPercentage: 60
+  targetMemoryUtilizationPercentage: 60 # available only on Kubernetes ≥1.23 [required "autoscaling/v2"]
+  behavior: {} # available only on Kubernetes ≥1.23 [required "autoscaling/v2"]
+#   scaleDown:
+#     stabilizationWindowSeconds: 300
+#     policies:
+#     - type: Percent
+#       value: 100
+#       periodSeconds: 15
+#   scaleUp:
+#     stabilizationWindowSeconds: 0
+#     policies:
+#     - type: Percent
+#       value: 100
+#       periodSeconds: 15
+#     - type: Pods
+#       value: 4
+#       periodSeconds: 15
+#     selectPolicy: Max
+
 nodeSelector: {}

 affinity: {}
@@ -157,3 +208,19 @@ extraVolumes: []
 #        - key: cloudfront.pem
 #          path: cloudfront.pem
 #          mode: 511
+
+extraEnvVars: []
+## Additional ENV variables to set
+# - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY
+#   value: "/var/lib/example"
+
+initContainers: []
+## Init containers to add to the Deployment
+# - name: init
+#   image: busybox
+#   command: []
+
+garbageCollect:
+  enabled: false
+  deleteUntagged: true
+  schedule: "0 1 * * *"
Author	SHA1	Message	Date
Devin Canterberry	95ab1afa98	🏁 v2.2.1 Release	2022-08-15 14:47:24 -07:00
Devin Canterberry	471cb14632	Merge pull request #62 from ddelange/garbage-collector ♻️ Deduplicate definitions from deployment and cronjob	2022-08-15 14:40:33 -07:00
Devin Canterberry	8707c92f64	Merge pull request #70 from ddelange/patch-1 👷 Add sticky helm diff PR comment	2022-08-15 14:38:24 -07:00
Devin Canterberry	7e099191b3	🎨 Specify commit hash in sticky PR comment Co-authored-by: ddelange <14880945+ddelange@users.noreply.github.com>	2022-08-15 14:33:33 -07:00
ddelange	23608f3fa7	Bar permissions and allow forks to run in base scope (#6 ) * Test permissions * Add back pull_request * Use full SHA	2022-08-11 09:34:52 +02:00
ddelange	9023f38343	Revert	2022-08-10 15:09:19 +02:00
ddelange	4a6440da88	Test the smoketest	2022-08-10 15:07:35 +02:00
ddelange	4b69284642	Fix collapsible markdown	2022-08-10 15:06:52 +02:00
ddelange	4091345244	Collapse the diff	2022-08-10 15:04:58 +02:00
ddelange	9b65310c58	Make filenames show up in diff	2022-08-10 15:00:12 +02:00
ddelange	d6f9bdc4f1	Fix https://github.com/rlespinasse/git-commit-data-action/pull/12/files	2022-08-10 13:30:17 +02:00
ddelange	c4e5c3860c	Try without alias	2022-08-10 13:23:42 +02:00
ddelange	f7c99a3dd4	Fix alias expansion https://github.com/actions/toolkit/issues/766#issuecomment-928305811	2022-08-10 13:17:23 +02:00
ddelange	94d36dc9cd	Fix multiline output	2022-08-10 13:09:44 +02:00
ddelange	186e23c219	👷 Add sticky helm diff PR comment	2022-08-10 11:13:47 +02:00
ddelange	b4b319496c	Fix more indentations	2022-08-10 10:08:13 +02:00
ddelange	52a5d4ba15	Fix extraEnvVars indentation, remove env whitespaces	2022-08-10 09:05:50 +02:00
ddelange	5a831ab9d3	🔥 Remove merge remnant	2022-08-09 22:00:43 +03:00
ddelange	f22f42d2b2	Merge branch 'main' into garbage-collector	2022-08-09 20:26:35 +02:00
Devin Canterberry	411fd99f68	🏁 v2.2.0 Release	2022-08-09 10:13:42 -07:00
Devin Canterberry	171632afef	Merge pull request #68 from ddelange/garbage-collector-additive Add option to enable garbage collector	2022-08-09 10:10:53 -07:00
Devin Canterberry	25bf25dda1	🔥 Remove default value for persistence.deleteEnabled The default value is documented in the README as `nil`, and where referenced, a falsey value is adequate. Co-authored-by: ddelange <14880945+ddelange@users.noreply.github.com>	2022-08-09 10:09:14 -07:00
ddelange	76ff283a25	PR Suggestions	2022-08-08 10:58:50 +02:00
ddelange	fb2132a0c7	PR Suggestions	2022-08-08 10:57:43 +02:00
ddelange	d78c010ca5	Revert "Make the changes additive" This reverts commit `fd7fdcaa44`.	2022-08-05 14:11:37 +02:00
ddelange	fd7fdcaa44	Make the changes additive	2022-08-05 14:04:37 +02:00
ddelange	3b4ff679f8	Revert version bump in Chart.yaml	2022-08-04 08:45:05 +02:00
Devin Canterberry	79c14893af	Merge pull request #61 from joneteus/patch-1 Fix reference in README	2022-06-27 11:25:02 -07:00
Joni Ollikainen	257d223141	Fix reference in README `f158323875/templates/secret.yaml (L17)` According to `secret.yaml` `haSharedSecret` should be inside `secrets` object	2022-06-27 13:18:19 +03:00
ddelange	29a0863ee2	Merge branch 'main' of https://github.com/twuni/docker-registry.helm into garbage-collector Includes moving additions to demployment.yaml to _helpers.tpl ref https://github.com/twuni/docker-registry.helm/compare/v1.13.0...v2.1.0 * 'main' of https://github.com/twuni/docker-registry.helm: (22 commits) Updated README with initContainers value Add initContainer support 🏁 v2.1.0 Release Added support for autoscaling using hpa 🏁 v2.0.1 Release 🌐 make protocol selection work with istio fix(templates): Add checksum on secret.yaml file 🏁 v2.0.0 Release Fix #19 (new kubernetes API version) 🏁 v1.16.0 Release Conditionally create service account and add to deployment 🏁 v1.15.0 Release Support deployment to a namespace Updated typo to enable(d) 🏁 v1.14.0 Release Enable metrics via Prometheus Operator Support additional env variables 🏁 v1.13.2 Release Add support for S3 bucket to prefix all data 🏁 v1.13.1 Release ...	2022-06-24 09:31:37 +02:00
Devin Canterberry	f158323875	Merge pull request #40 from g-linville/initContainer Add initContainer support	2022-04-14 17:04:43 -07:00
Grant Linville	39788072e6	Updated README with initContainers value	2022-04-14 10:28:01 -04:00
Grant Linville	0b6729f21d	Add initContainer support	2022-04-14 10:27:29 -04:00
Devin Canterberry	b5ad18ea83	🏁 v2.1.0 Release	2022-02-02 19:45:14 -08:00
Devin Canterberry	297f860dd6	Merge pull request #38 from SimonRupar/hpa Added support for pod autoscaling using Horizontal Pod Autoscaler	2022-02-02 14:20:12 -08:00
SimonRupar	c91c8139c5	Added support for autoscaling using hpa	2022-02-01 20:45:03 +01:00
Devin Canterberry	4b5531d4ef	Merge pull request #49 from Eriwyr/patch-1 fix(templates): Add checksum on secret.yaml file	2022-01-30 19:22:42 -08:00
Devin Canterberry	489a5a25d9	🏁 v2.0.1 Release	2022-01-30 19:14:41 -08:00
Devin Canterberry	2884368a08	Merge pull request #51 from jsievenpiper/metrics 🌐 make protocol selection work with istio	2022-01-30 19:10:37 -08:00
Justin Sievenpiper	5d738bd9e7	🌐 make protocol selection work with istio	2022-01-27 15:20:49 -08:00
CHABRIER Valentin	98bdab8c45	fix(templates): Add checksum on secret.yaml file Too bad it's lacking a check in addition to the config that the secret file has not changed too in the deployment :)	2022-01-07 16:53:46 +01:00
Devin Canterberry	2703d08224	🏁 v2.0.0 Release	2022-01-03 19:31:44 -08:00
Devin Canterberry	62c5b344a9	Merge pull request #48 from retupmoca/main Fix #19 (new kubernetes API version)	2022-01-03 09:06:29 -08:00
Travis Loyd	266b0ea8d8	Fix #19 (new kubernetes API version) This is a signed squash of unsigned commits made by both Andrew <andrew@egeler.us> and Travis Loyd <fun.tloyd@gmail.com>. It is a slight cleanup of Travis Loyd's PR #27 Travis Loyd <fun.tloyd@gmail.com>: * Fix for issue number 19, current api version and previous api version need to be updated * Added helm if statement to handle previous ingress 'http paths' style and current 'http paths' style * adjusted helm if statement to accomidate scoping by setting as a variable up top * moved new apiVersion variable to the top just under check for ingress enabled * added ingressClassName and set a default value of 'nginx' in the values file Andrew <andrew@egeler.us>: * PR Change Cleanup * rename $apiVersion to $apiVersions * rename ingress.ingressClassName to ingress.className * add documentation entry for ingress.className * fix README default value	2022-01-02 14:57:12 -05:00
Devin Canterberry	e224a31190	🏁 v1.16.0 Release	2021-12-11 14:20:24 -08:00
Devin Canterberry	a36de54d0c	Merge pull request #44 from MrSimonEmms/main Conditionally create service account and add to deployment	2021-12-11 14:19:18 -08:00
Simon Emms	2b24174cea	Conditionally create service account and add to deployment Signed-off-by: Simon Emms <simon@simonemms.com>	2021-12-07 11:54:11 +00:00
Devin Canterberry	2fd6d8fbf0	🏁 v1.15.0 Release	2021-12-05 22:28:32 -08:00
Devin Canterberry	6305476063	Merge pull request #37 from SimonRupar/main Enable metrics via Prometheus Operator	2021-12-05 22:25:32 -08:00
Devin Canterberry	cfb7daa4e4	Merge pull request #42 from MrSimonEmms/main Support deployment to a namespace	2021-12-05 15:50:35 -08:00
Simon Emms	851575797a	Support deployment to a namespace Signed-off-by: Simon Emms <simon@simonemms.com>	2021-12-05 15:21:31 +00:00
SimonRupar	489a0cfe5e	Updated typo to enable(d)	2021-11-22 11:25:20 +01:00
Devin Canterberry	f9fbd04f6f	🏁 v1.14.0 Release	2021-10-19 23:56:15 -07:00
SimonRupar	f38b9b4a58	Enable metrics via Prometheus Operator	2021-10-14 17:11:09 +02:00
Devin Canterberry	935935622c	Merge pull request #35 from vvanouytsel/main Support additional env variables	2021-10-13 08:44:22 -07:00
Vincent Van Ouytsel	4c49800452	Support additional env variables	2021-10-13 09:32:25 +02:00
Devin Canterberry	b321438d4e	🏁 v1.13.2 Release	2021-09-30 19:59:16 -07:00
Devin Canterberry	84535c1d96	Merge pull request #29 from SimonRupar/main Add support for S3 bucket data prefix	2021-09-30 12:38:05 -07:00
SimonRupar	7076faea33	Add support for S3 bucket to prefix all data	2021-09-30 20:20:14 +02:00
Devin Canterberry	dfcd91722c	🏁 v1.13.1 Release	2021-09-26 23:50:41 -07:00
Devin Canterberry	932a31b2fa	Merge pull request #25 from pavankumar-go/patch-1 Add keys proxyUsername and proxyPassword with empty string to docker-registry-secret if values are not set	2021-09-26 23:48:24 -07:00
pavankumar-go	88528289cf	uses default function instead of if-else condition	2021-09-27 11:30:06 +05:30
Vladimir Kuznichenkov	a95a3480c6	Garbage collector job to keep registry tiny We don't have unlimited storage, and we would like to run built-in garbage collector to keep storage usage low.	2021-09-18 12:40:25 +03:00
Vladimir Kuznichenkov	c855e53b9e	Add empty objects to default envs to prevent validation errors In case of S3 we can use IAM role to access bucket, in that case we do not need to define anything in secrets. At the same time due to missed parent level field chart will fail with an error.	2021-09-18 12:36:22 +03:00
Vladimir Kuznichenkov	944cf7eb62	Use a single style of indents `nindent` function insert fist newline before actual content and allow you use it on any level of yaml without breaking visual structure.	2021-09-18 12:34:57 +03:00
Vladimir Kuznichenkov	2726d10083	Move common sections to defined template to prevent code duplication Cronjob should have the same env variables and volumes to proceed correctly	2021-09-18 12:33:43 +03:00
Devin Canterberry	35c1365b5c	🐞 Replace broken icon URL with a pattern under the control of this chart repo	2021-09-03 16:16:36 -07:00
Devin Canterberry	a713a3d91c	🏁 Increment chart version for v1.13.0 release	2021-09-03 15:47:40 -07:00
Devin Canterberry	9697305e39	Merge pull request #23 from joaosa/main Add support for having external s3 secrets	2021-09-03 15:27:28 -07:00
Pavan Kumar	d412af5f95	Add keys proxyUsername and proxyPassword with empty string Setting up docker-registry proxy with no password & username created the secret to be created without `proxyUsername` and `proxyPassword` fields, causing pod to fail if `proxy.enabled = true` with error ``` error: "couldn't find key proxyUsername in Secret <namespace>/docker-registry-secret" ```	2021-08-26 18:44:03 +05:30
Joao Andrade	45daca1981	Add support for external s3 secrets	2021-08-09 12:13:07 +01:00