From f59a44f210ab8d5a3a06297123f92a3a84605a29 Mon Sep 17 00:00:00 2001 From: tharanath Date: Mon, 25 Mar 2024 15:00:00 +0530 Subject: [PATCH] geoserver standalone v0.1.5 --- .github/workflows/release.yaml | 14 +- charts/geoserver-standalone/README.md | 2 +- charts/geoserver-standalone/v0.1.5/Chart.yaml | 28 ++ charts/geoserver-standalone/v0.1.5/README.md | 91 +++++ .../geoserver-standalone/v0.1.5/app-readme.md | 6 + .../v0.1.5/charts/postgis-0.2.4.tgz | Bin 0 -> 12539 bytes .../v0.1.5/ci/values.yaml | 19 ++ .../v0.1.5/templates/NOTES.txt | 7 + .../v0.1.5/templates/_helpers.tpl | 203 +++++++++++ .../v0.1.5/templates/configmap.yaml | 31 ++ .../v0.1.5/templates/deployment.yaml | 232 +++++++++++++ .../v0.1.5/templates/externaldb-secrets.yaml | 20 ++ .../v0.1.5/templates/hpa.yaml | 32 ++ .../v0.1.5/templates/ingress.yaml | 40 +++ .../v0.1.5/templates/rbac.yaml | 30 ++ .../v0.1.5/templates/secrets.yaml | 21 ++ .../v0.1.5/templates/service.yaml | 36 ++ .../v0.1.5/templates/serviceaccount.yaml | 13 + .../v0.1.5/templates/volume.yaml | 21 ++ .../v0.1.5/values.schema.json | 312 +++++++++++++++++ .../geoserver-standalone/v0.1.5/values.yaml | 318 ++++++++++++++++++ 21 files changed, 1462 insertions(+), 14 deletions(-) create mode 100644 charts/geoserver-standalone/v0.1.5/Chart.yaml create mode 100644 charts/geoserver-standalone/v0.1.5/README.md create mode 100644 charts/geoserver-standalone/v0.1.5/app-readme.md create mode 100644 charts/geoserver-standalone/v0.1.5/charts/postgis-0.2.4.tgz create mode 100644 charts/geoserver-standalone/v0.1.5/ci/values.yaml create mode 100644 charts/geoserver-standalone/v0.1.5/templates/NOTES.txt create mode 100644 charts/geoserver-standalone/v0.1.5/templates/_helpers.tpl create mode 100644 charts/geoserver-standalone/v0.1.5/templates/configmap.yaml create mode 100644 charts/geoserver-standalone/v0.1.5/templates/deployment.yaml create mode 100644 charts/geoserver-standalone/v0.1.5/templates/externaldb-secrets.yaml create mode 100644 charts/geoserver-standalone/v0.1.5/templates/hpa.yaml create mode 100644 charts/geoserver-standalone/v0.1.5/templates/ingress.yaml create mode 100644 charts/geoserver-standalone/v0.1.5/templates/rbac.yaml create mode 100644 charts/geoserver-standalone/v0.1.5/templates/secrets.yaml create mode 100644 charts/geoserver-standalone/v0.1.5/templates/service.yaml create mode 100644 charts/geoserver-standalone/v0.1.5/templates/serviceaccount.yaml create mode 100644 charts/geoserver-standalone/v0.1.5/templates/volume.yaml create mode 100644 charts/geoserver-standalone/v0.1.5/values.schema.json create mode 100644 charts/geoserver-standalone/v0.1.5/values.yaml diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index af2d049..f085609 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v2 with: fetch-depth: 0 @@ -20,18 +20,6 @@ jobs: git config user.name "$GITHUB_ACTOR" git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - - name: Dereference README symlink - run: | - # Define the path to the dependency chart directory - DEPENDENCY_CHART_DIR="charts/common" - - # Find the README symlink - README_SYMLINK="${DEPENDENCY_CHART_DIR}/README.md" - - # Dereference the symlink - # Replace the symlink with the actual README content - cat "${README_SYMLINK}" > "${README_SYMLINK}.tmp" && mv "${README_SYMLINK}.tmp" "${README_SYMLINK}" - - name: Run chart-releaser uses: lucernae/chart-releaser-action@rancher-1.0 with: diff --git a/charts/geoserver-standalone/README.md b/charts/geoserver-standalone/README.md index f4f4b55..f5bd57e 120000 --- a/charts/geoserver-standalone/README.md +++ b/charts/geoserver-standalone/README.md @@ -1 +1 @@ -v0.1.4/README.md \ No newline at end of file +v0.1.5/README.md \ No newline at end of file diff --git a/charts/geoserver-standalone/v0.1.5/Chart.yaml b/charts/geoserver-standalone/v0.1.5/Chart.yaml new file mode 100644 index 0000000..3f48fc9 --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/Chart.yaml @@ -0,0 +1,28 @@ +apiVersion: v2 +name: geoserver-standalone + +version: 0.1.4 +appVersion: 2.24.2 + +description: Chart for GeoServer + +keywords: + - GeoServer + - GIS + +home: http://geoserver.org +sources: + - https://github.com/geoserver/geoserver +maintainers: + - name: tharanath-kartoza + email: charts4kubernetes@gmail.com + +dependencies: +- condition: postgis.enabled + name: postgis + repository: https://kartoza.github.io/charts + tags: + - geoserver-database + version: 0.2.4 + +icon: https://raw.githubusercontent.com/kartoza/charts/master/assets/logo/GeoServer_500.png diff --git a/charts/geoserver-standalone/v0.1.5/README.md b/charts/geoserver-standalone/v0.1.5/README.md new file mode 100644 index 0000000..bb5c3b3 --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/README.md @@ -0,0 +1,91 @@ +# GeoServer + +This is Kartoza's GeoServer Chart + +GeoServer is an open source server for sharing geospatial data. + + +# How to Use + +For helm: + +```bash +helm install release-name kartoza/geoserver-standalone +``` + +# Intro + +This chart bootstrap a GeoServer installation. +Most GeoServer packages are shipped with Jetty or Tomcat Server to be directly used in production instance. +On top of that you can cascade with Nginx or Apache if you need more control over the routing mechanism. + +# What it can do + +The default install uses kartoza/geoserver image, which can do the following: + +- Default TLS enabled +- Generate new datadir at startup if volume empty +- Some plugins are shipped + +Full list of options can be seen in: https://github.com/kartoza/docker-geoserver/ + +# Parameters + +| Parameter | Description | +|---|---| +| image.registry | Docker image registry | +| image.repository | Docker image repository | +| image.tag | Docker image tag | +| image.digest | Apache image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | +| image.pullPolicy | Docker image pull policy | +| global.imageRegistry | Global Docker image registry | +| global.imagePullSecrets | Global Docker registry secret names as an array | +| nameOverride | String to partially override common.names.fullname | +| fullnameOverride | String to fully override common.names.fullname | +| replicas | Number of replicas of the Geoserver deployment | +| geoserverUser | GeoServer super user name | +| geoserverPassword | GeoServer password for super user. If you fill it, it will then stored in k8s secret. | +| annotations | Pod annotations | +| labels | Extra labels for Apache pods | +| affinity | Affinity for pod assignment | +| nodeSelector | Node labels for pod assignment | +| tolerations | Tolerations for pod assignment | +| existingSecret | [tpl string] The name of the secret to get the geoserver password | +| extraPodEnv | [tpl string] Provide extra environment that will be passed into pods. Useful for non default image. | +| extraSecret | [tpl string] Provide extra secret that will be included in the pods. Useful for non default image. | +| configMaps | [tpl string] Provide extra config map that will be included in the pods. Useful for non default image. | +| extraVolumeMounts | [tpl string] Provide extra volume mounts declaration that will be included in the pods. Useful if you want to mount extra things. | +| extraVolume | [tpl string] Configuration pair with extraVolumeMounts. Declare which volume to mount in the pods. | +| strategy.type | specifies the strategy used to replace old Pods by new ones | +| persistence.enabled | For geoserverDataDir volume. Default to true. If set, it will make a volume claim. | +| persistence.existingClaim | For geoserverDataDir volume. Default to false. If set, it will use an existing claim name provided. | +| persistence.mountPath | For geoserverDataDir volume. The path where the volume will be in the pods. Make sure that it corresponds to your geoserverDataDir key | +| persistence.subPath | For geoserverDataDir volume. The path inside the the volume to mount to. Useful if you want to reuse the same volume but mount the subpath for different services. | +| persistence.size | For geoserverDataDir volume. Size of the volume | +| persistence.accessModes | For geoserverDataDir volume. K8s Access mode of the volume. | +| persistentVolumeClaimRetentionPolicy | describes the lifecycle of persistent volume claims created from volumeClaimTemplates | +| service.type | The type of kubernetes service to be created. Leave it be for Headless service | +| service.loadBalancerIP | Only used if you use LoadBalancer service.type | +| service.externalIPs | External IPs to use for the service | +| service.nodePort | Node port for the service | +| service.port | External port to use/expose | +| rbac.enabled | Enable Role and rolebinding for priveledged PSP | +| serviceAccount.create | Wether to create a serviceaccount or use an existing one | +| serviceAccount.annotations | Serviceaccount annotations | +| serviceAccount.name | The name of the sevice account that the deployment will use | +| resources.limits | The resources limits for the container | +| resources.requests | The requested resources for the container | +| autoscaling.enabled | Enable Horizontal POD autoscaling | +| autoscaling.minReplicas | Minimum number of replicas | +| autoscaling.maxReplicas | Maximum number of replicas | +| autoscaling.targetCPUUtilizationPercentage | Target CPU utilization percentage | +| autoscaling.targetMemoryUtilizationPercentage | Target Memory utilization percentage | +| podSecurityContext | Optional security context for the Geoserver Pod | +| containerSecurityContext | Optional security context for the Geoserver Container | +| ingress.enabled | Switch to true to enable ingress resource | +| ingress.host | The host name/site name the ingress will serve | +| ingress.tls.enabled | Set it to true to enable HTTPS | +| ingress.className | IngressClass that will be be used to implement the Ingress | +| ingress.annotations | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations | +| ingress.tls.secretName | Providing this will activate HTTPS ingress based on the provided certificate | +| customProbes | An override options for pod probe/health check | diff --git a/charts/geoserver-standalone/v0.1.5/app-readme.md b/charts/geoserver-standalone/v0.1.5/app-readme.md new file mode 100644 index 0000000..223ad22 --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/app-readme.md @@ -0,0 +1,6 @@ +# GeoServer + +This is Kartoza's GeoServer Kubernetes charts + +GeoServer is an open source server for sharing geospatial data. + diff --git a/charts/geoserver-standalone/v0.1.5/charts/postgis-0.2.4.tgz b/charts/geoserver-standalone/v0.1.5/charts/postgis-0.2.4.tgz new file mode 100644 index 0000000000000000000000000000000000000000..fafc07141f1b0fb58e3b0c0649296095ca76ee5c GIT binary patch literal 12539 zcmVDc zVQyr3R8em|NM&qo0PKBfcic9z=zJaiikg<^MC}pTi#AU`+xIGxlK4ipbtTzz@;o^< znnZUqViPn0O72*Czx^Go1h-yfSy`r;97`gxQ~_0mLZMKV5X#0O?Ho=}%DfqxMt`~Y zr`zpz_jY!~&u+I{{@LB%-T6yzr?<1ex6|G0@BXFR>+g5Fe}V4(gHnAm%24{3?icq} zM(z*tpd@^YQyP+Z09SnnC5id7x9x6wJtx2kjsqO~A*KVzg&0lo0DLl?lGp)AaYAUw zNIDz9D2(u+)A2n1zbw(Y>UmwS=Kx%pcEyVTQ$Gz8CSD2ZgAqwV(W5gVyq5`M2_1Ag z>a7=J)^S3gSJ9tRbnT5pHpzw=#i>tXhGXXWWZJnzDI>q4j?WvXohhOWryWEoX0#KL zF)__1@z}Ys! z6vj9e?cym4qX9%HMqc8NQvBaz{)R*AfEw5+^Klv@?8rYgD3oNWFDF1_F0n448W8^y zr>?GKhP>1YyZ}+#${J*!mx90zcc)k{Qhht3H0O$nuclQRv z;ePO>hqre|qtVVzxA)H{!yUY{zrBO|!QK<(_fcmx+u2$3|3f?*;JUC$hQDB+b@=KjRx3B0qA_m63;qM9C~-F6 zzhlD0`gSo(Ft5dF#SsMu4uEJ#mQV3Gq%55Y`5}KDfLxlqkd(`60aKDTdP&o3S)mp~ zV+Z)Z187M#rKJmOUOu5YBD5m_l>eS)QFKb8(4T3{67$9Z>yH7v7`-CwG{qFh%yDGH zl%-)jZkx3qXqMm^%G|U-cSr|5>i<<#iKBaaA23HpQ;?jQ&rT=o5Afo!G1WJ$@X=NAcTVlFGdg( zwgn-B>oAI7h(&#rF=FI1;47TYSUANX^e)Jfaf$*Q@HK)rGtj?$my#*}13(VOk9c;5 zNAitQhScwucs8&!G1p*PnwS8OP!=)BfzcY9XwKPya0G0EK~Mu9-GrnJLbfGP1tiuz zPvug@>OKRZ5u zfAsCEgO|sivjG#0o>SK@u6zN zk!Ua{PyC6c2oe(1jtgz>iKXb21jq3e?*?E)YbHM)|Mb2m$WDP>x;ez95CZ87- zVlPpm`r?`>@2th^gWB`8mZiok5@k~iQ8)sBS+SzPCuiJOkG(<&YGxqir8cTdKZUdmd+9q#>}G=S&C*uS*E#2ic#=7 zj%EX3X@*xElg%)O1cfPFhin2B#M?^@(bpIp-^_oJ#K)LWoL=EnmsZ#&h)vpXD&^z( z|DFgD3qhEAa6;rJ9j+%h#X=ZfqnL5Br;Man5Cdh1;ZYVj8=_`O(jJBB06HXLosy2y z5rv&vHH2b6OG7q0;GTkmO zlx8s(j42_^lrYUyi#RNzxn43PBx=KPELKrQ1Wju=g~(L;ikwY89u~+DQi%9`Rw z3YyF)0~ApLShiXkB(F3YnmYKXu!!rSvR*KN5sE0Ts!&p;BO^d?XaRE>#sRPiVv^8k z8CpjxLa&tSQ))IFa$I`wu?*gUA09X3m_ks{P?gn!}tk6D5Ta42nkFHUP4@%2|u z7=n;qkyxtvKVTF@m{K^GWkvnhY=YD4kYX_ij6kc!{~d={7?2qO)hdWiO&0^vb}blO z5fCy*RKGYp1)&;%_@T6i+KMp=@TsVrZw)Z$w{p1`*zngU1O?xs2*o~5xsnX8bUAzE zsAR@>DIWd2sg0SJ*$}5OW|(>*;VYmZ8XqUjz(U;^vul!GhVj_Ix4~O9hr3sF%8ebs6vdfT z&rpoUIDk`)4g;yv30^*oP&gIUUyML)9Jk=~?V(&!xin9)phwf-5RbSvqm)a%UmB7u z78@F|2bK~fq{VGiPS0DSBqdu)TSe0(QiCcm=Szq*Vgrf6JHrv?duft_C(bnHv4h^w z3e*Y=AvH)2pIG#GZzU{*F3W*sTYU6KS;Uo)7&02hV+g|02&Xuf-COIBFg*wfXlwk< z%4B)EI7l=b8dB2hv4V~frDQW=zzSp0N`SBIO*j>k%GaXPw_<3gS;WFbC`6JSJ+odI zs=}#gDx-3Kg%asSgtC8(_@w3(z6F#B^=TT8C#~ zi{oeCeD=5`@GP4!hxPUwxPc*}cy9+>H^4p#aJvAeHuya}sCCth-Ma#Fb1)b7Fn1^^cX0&*RTfw3$VTgLnn5V4$B zfJXiqW}K4cZp};{CwN0vI#sl=7`?_EI(y)!IE~C2L#JU z3!qXKq%wh=y?%Xhczky8%vhKTpT#E&A^Y2p$3H!@ra+U{3uRpk>4Y=lRfw<42CVNMiIN}>xk0tly3bH`|>-YD1CH-%=zqj`PdXVSy=gwp2 z46`ha)p2y`*hDxyKJMJ!3J#F_erV--iYIF66X;h$3vyNIN5N3+Vg}EECQ-=5AFZtx zY$j9?F8UAb`PSZEumF-d7-so{UFUCc#EFV}Ga8+9gH ztM%1GbVy?9*Ar7{r zAtJydoN@uGv6ikHjtl0@=Yk~q566YvRp6-L8{xvKf@)xXQ$Tre5?|CZMl zE0a}wGmMK(*t%L9JYl}J2)a~Pk;Hs{;LW$eGb3)A6MF8V28-0F+WLW5eDKJ4>eRMX z*lq|cTMdJz=Zxd6o6I}WWMOq;;B0|s$VS$HoW}>9&fn?a@ASX#yH$&};>ap7VSNUH# zg59Gl_yYd#ZSR!tf9!6r?|(haQ^)_30wnX>+z|@@UyF`ycTmX!C5!C9wo%mRW;Zb0 z+rhC9H}Ekd4Cj3GsKydHcvfMOf=)Bnh$`A`sK3YrTjX?sR2_Wtut6!B3dJe(8MJhj zR&6^irSck4s`p`TmPVrYT0OCub(yl{Lg} zqpU?PqZ(>~vy2M2s%|LPf~A_K3HArVHB)TDUoENsx)bHxCvP=Hp^xYQdJaIA1c>2t zmLi77GkNwe9SP4!6ov8ljVK_xjD$0VEHg#SpPZPn;SWlZC3SKBq$I)vkhh>6FqKs6 z*6i>nDs)t-ET77tCnPwrW->2TT{fPSid989oXx+G$_I&??Su5 zeTyhQMQj4C(vG&(7E>;7rqXO`17f;RO7QZ1*jn?v9_q&IpiHZI(M>gS?Inj!ldHN` zRq+0H8Xzc@%UfSKbCr3sT}?EE?kbx`{m5&DwROa&`Uh=PQH!t>nz%BJWXIJxGN~UHHVA18yLg?i!#T92oShnX(OS5A` z9W3YPC+`oB&o177_u`}hl8%p4*0GMAYa99T_@|}XQ0LS2fE+ArB0m@}Al<+&)s2?C z>{wT}DuK(ArJ*ZxU$Balyc?)5R@+bgwL*ikeG6_`A+TVkg`aB?2+K9rCbwk-i{&la zP*r`un{Zo#aydCP`Tdzt|O8`^v#`uL` zfa^o+-vRqa3!XzKz*il0mm_}?oQ5Pg$3BSzI)J@y;VaFAlkdeO#dJcVK<-8JXN1Bi zOR@ERyYQWbQ%o{unzt7P;b4^|Ycg2{m_G}d>@H0veCWfqJXsZ(-wC1YKA1SEtWb># z^Lc{(Mb?VFIo1lP&031=a>`zVCL=dpMRK(+bkFtHEmTszH7`kk2hiQw={DQR=Bq4U zVoXv)f#P7UPG9@YzExK@a3zi3)MXNEc^l8E>OIT!!5^Q$%q_KwCW?nbM&&6TYA)Eg zG@u|Ztckb~pNmZ|8o$lPzHJ2C5`?RKc(e)9+*B(YaG?t5+ySlF%jHvRh~*8XC>~>Y zbcttM@JPBR4xW`o+~?1tggG;n<>ncFD=%z=X3Z77A~>~(6>EEY9vmYe?y zE852l)ACMO-MMYve}=!-+DYo{IM(&uR^g!HN%^4lt{xyY=YLneIlZ`_1HeW1|Ms@4 z=YPGm|M!DD_5L5y;dF>-=+E&1TkNdrm5=mlj~~<>s=~=p{c65re>N;y5mJqP)JVDI zJJO=48ur7Az)^GQ%Y4-?GR7>|Y>ty*Iht>fsbUPJW6Y$fuBH*=(S31vT6N24ns&|n zclZ9YPe1>Rb8p?Vtc}0&yPx8SpkQb&OWt{!qv4-)g6+$sB2I+7O7h}#5e!zzyC7Q% zX|mK+)87ldxvtybuO+&vb=b1k8KLBQo|iYY!lmZBb!;S^vfk4_2Jk z_&_|w`d`)m7*}aKdP#S4ufjVkgNyXPet)m1|Mk23`}=GC?;)N#+D%AML${nREFaT3 zzF*~%cVA!(74jzQ7J~_nrXHPiCWKrLL`W1P$x|#0)7l^86}}R(yzHV<{HMI;QZdZsAh@=n$A=g1&tAX2xYZf83ORr}@68s%8xuB7 zBH%SQlk1?}IXgZ$dU@Sem05_bLqzn zrML}$dv{RDF1VnFyn@@?c6o(`-8fD)nV|Fd@egE*6TT07{1~3rr4@YcI2#-AGEdm& zI5+T0ZlI2*D2(6+-lP%SI5*(Bt_$*q{zbgkx%=RzHpd^_fQU=J0p~*M!XXK;<5&PK zOz9_~Jd>f?L>N~N=9$Tx1O{d`ZX7PxdTt6o_;1b)ysOFS_VZ@V%QoDo+;DIsGrh?` z>n9{0!%?2m(Q!nEl#s%Y5{+-Dj4KpUI76{N!Kq9SL>))J4=JEnm|9~2I2qN2B9gi& z3IZIM1U@5@I_C*uA&Nv)8xGMAsZzy)0??@^P1p~*?k;3?&5XO}8Ek`Oh@gn3} zCGV67{o6V<9LI(4RmLTmu}TDVNlAn$h-?SKJ8H{__}>d@dOsNq-JqlxF6C#6zBl4m4Kfn3L$3}n7CF_njs|3sD! z4m1}CZ$xOkkjc>5+N`ZFEjrG(GdIw+0-PF~Zj&UxdPz zLu$A0!FORw*_J`fK{14sW-6$z$U#!hSfX4?R3a|VIkbBg5x>|3$GW$2ZQiWRViSt^ zX9RR!Cr?T)Iw4sUzyu`;j&*o;fl%I{=BI-s@f=5H4#QSXH5H+9ID=6rF069$hYu{G zA9P|LA{GJaIp1O*aYEHeG~k+~mm=rV$#!Q4PS6aeTc!374@^LLB-j`SFq}DpBVM1E z)3WGLjxsnTr$Cp6;}{nLmJ0e3sq4h(=^6ZmcN30do%ZJ%rLl;2_5-=boYyIt;yg~8 z3@GV{S&$Jad8NaHEfs%W3`GprLexqEpOV1vL2k|2a&mDx!~+OI%4NkCATCq4OrD1= zxWZ{Tnz=qQzmBpfl5~Ci3HuonSc_$s0vd5Xv?ZF9tkiMN$rQ72ifLi+uxLWk5MPhx zG!#~iU=i>Fz>w!{ohkWh2wv&D<$tLjE zu@7`YKh>PHpE^&OPz)wG98cJ@){|~G`P6#u{Pij0>-KZ!ul%>?KjPWb4x8vdFJ=k0 z|5kcR@s&}()ocDkHu;ndNidTo)921p7Cd*HrwGE}S*sX|r6se9JZo_+ousYj#m`SW zh}Z1!24pLFn#tn(4<9~=tfSSWkwT-ki>{cRQrGQpRO&IZ18mh`WPh&5NHB6eI?LxH ztRT8D3F307$-AQUc*$?|NJSxK#kWrb%upE7=gw1_O{XZGJ^#n?rv$~p(~f>o!u@xY zl~awc!C{H9Zq7uy^w6It*l!$r{&7i)y4%=4VBXNV!@EQV)a6FBQS6v+cj3@^sY#b) z%Z7xg%V8y#>3Xc>x39>ezk@`acVNwBQ;@DQ0kY1#X^ z+*Z2pP@1%wGSz8o&_sTrBzD9Vw+izwn@nvX4$7CO1hsfug|j~4{+AG2UH<*L?ECe( z_vdBaFXi1YX5IgyocoO#_vaFyY-TBSsT}#IetN6|)tOobwR(DM*(lX$gO%Y}5*cYn7#H^1RjX$elRn!(M#r%v*OQXCCyL%Ga#yc*Kdt9mZhyvT}V zSFcX$^RE1qGO)8JK{&FG@U>e?$hJi0RI#a_PLWG-f@JMT<@PPKvL&c8v`;M(LZ!<{ zoz1d*eZvzAl+2W6xk$*iG^_h%*LS^5PstE3BXuh`Gv>^JE;48TYu$VJ;@xkaAYJKs zg5^wNA(&lZa(0F67>l&NebjuR+qBrHGO#9)-f|$aHsy3HGk!<(!4nEDPSt zTD95)E<1fIAg`}a%|Tlixzk3wM#$96>k<%izO4eu-!8Oeh*Ay8xQNkJr+AC#UD}yP zIWPq{*4q)WjOBB~7rr20Nry`;ZKZJ372HbS7h+i||0PnU98udc=ZZC4t@I=MeM+P| zn>xs@aX%90hO*!QdfgttM$Xw|{+gFav-p6%5t&qa-ENl`O0$@6IZ{HHDPfwa7FpVk zYdh8mH#W2@^ogHT{~ot&~~u^rxnUCNjPX11z#Dq96#R zKXJh(Af0rkh;IswPmTx2^&7t>*3L>mkVgDXiF)c*#X6=~gQ$5$VqCXb+(YoL+|%YYRiG#s3|LR~V4tXYKfBb-xgG83&>fZ~6I-Q?7H0{my2)7_gxk z^+K`v^Ij~w(!$E;bAk&2E{umJnA3K(Oi6ScnXEO3jyT_HUi3oKh!)xd5H$G zXhrX7+RReEo3$ryG29LJVk;;#l&cqdC{0nr@lrjdo~WIrburg?nF~_I!mzpoI(caA zDhm0x6_sBZ*}HB{%7(&-Xq?8y#^>;0NkDZ-@_JD9*A;*4J8|eHxNGP!_!7sklDD_#!C$6*6%_pAvO1qMTmFD`~w2(^s^F zerQL!uN@Qp@eZ?iiDygC;>F21->okPupP0X2ITznz3hr5fMf(n(3+mA%P-k?uA!WH$oxG#mHse43x3iA4#4lt_kkvY;-KA{Lc^a6vNPP))!IHM7%SQVFW7$ z0-U5+n)m-DuguITEH3iWa~%q5PNT+seNL%~y2g7F#&}M#X?~4&anCBU@8W`~b?vrP zdVK|UeFb)X1$KP}c6|kQeFb)X1$KP}c6|kQeFgRpe+Blw@4(jS)WV3awdo(&G^*9V zxvuJRg7mJW!QneX*xWrz9*j)Y$Tjt~;lg_K{vRcY%ca{C-+v6SMe+aoy+O{iaHx>h?kdSK2CyxTr|UhqY&R^&VKSMCGJTlj!FDP?#WXI9r~{x*LI+^d z7Mlad0pzKb_3@Q_Cr+5Em-=H8;By=ay-qrh3a=J*dHpL0NsIrdVH{4gsbT&5Nc|GTz;Sr-lA}r zqI4#9@g$KaxhAQS3wVmcXiysh+a!O|p|Twn*hVz$m?XO{%n6CDXqBZHcX-!D;&r5` zQ7}4JMRb1a@&3I%_56RoTYyFU&wnrR|K5Io&HoSa)X#sO4e-6XqG=9y?m!fa<$u4F z|F5^dzn1?G^4R(NDpSppNG9(qtP(xvGK_;kejMr4WMI?j{$v~C=tX4zGYRsoyyZ>( zw^WHr;~5JhZ;I0~Zo#HF$Pd74fWN)YEj901mj45sL}WI_@g3B{h5Ns~()mxn-|wyM zKM(TM@Sio+wE_So3GEmuaAZm^DF$?YPFmRSOcC=ZCsrzH;QcI;J<%HC$BW!Mo<}chnh%Qs-Au<^?U*mlmI_qDyN1027>sOy}V@C3V1)LSYUK zO^{#Hs(AgU5)sSte?o$ZM^+BE*{^wIY-|}}#f+bgen@{Ri?1Th& zT(LEj|8Xn!{XR?c|CRss_6;)odAcaRA6o!?a; zD6rQ8VU=fD{#SP>?<4{i^8a2%|KIMf*Z&83YFJQB^?VT^W6>Zb%H)-ctc{yBXHtO38PXev$F^5SVB|4(p~;8dKT-j&AY^M9{;|GVGqZm;?O zL7vZ_JCB`19brTVHR0ScgO3@C!cm9=&Q>6!6#WYWOS4$U+F`J_Ev)qvhAPaBh!5=GU@XUZO z(`iXg-ZU@Or4e5EwT?QaU#jGy_P2K4zV6cQV>3y^n2n(Ick2F~wo39tfYdh4>jq4} zy6L=;metLT9AiGZ{MT@Lo{dJ~Cuq4j(w0>`LASz={sj-%&#OX}) zFsqZ6DxeZuYlPMBYI%Sg5fTLX7+U{mLF;{MHFP9CXP9NF$xM^rRNW9z!BIGdjgYHE ztY-Ff-pW^M2KA&A(`DM_b=JtH8v1))hoNz`Ab)uSjGT)|uc~n8vGW6trqK6#Jsl1~ zMoL1IhGUuHM}&Bl@x?_1E0gj^r^F9q&aEbY8udwnx13?dKsEkPK>&TP*M)#!8h^tI zd5I{2YiweTnb0pf6NHN+iXkH7(D$5!h!Pny4e@3;mm{EIJdQ*-Va@pw`gNwW;)!T{ z6k@^v#VQt7K40Oe#CLi{uKg$n^Gr{ZS-fTOoGv?mrvpKn^JQ8Zi+`bqFKWHgazP{<;WWI$Kqn~8LzYQ#EQ0=ta8^QOIWIHHWC$Y}#)|@pK~0Uk z3ew1IviWl>3^Iq{uYxIL3+Gk|6IIv}q^-)7mD{wM)QKUNYOYw=Y9+taSCHr|iRJ?R zsIAI0K=G)Z_hD9@;<7-CNG+N*6-@3c&6;%JFVC89-c|;ucAoN9%m9_jnQWdCnw)WQRlmqOeNZdY+lt|UdG{}tdiTYzrC`*fynpO zSm{SR(`4FYz9`~pa$pr=88UQk zIMQi-77X00g6_q|wT=K^!*5j?*HR?XQ0Y;-C@9Tx;F)Ri>^TxD+k&p<)vW1{uUeb< zBWzaYt|IF+7VR7#n~>WDz?N^Wd95h7VQp(GbsJZP3Q?ta#0j=p8MLU@ux`_^UgB9p zze=ey-I7!jsY<27xj2tPz`yI5n0#JBW>gtLG;_q8X!Wg3TW3?M?5Bi6mEa6!g|Saj z92`W+1ii|p(CaQ5XcszYr6d-2W;Hu&Mpke1`ecWs)p2(z-ym@Y6iQorUKJ6`Yf}o>cH`LFhKgK0CJA3m zWNu0?f1g9azoumR6PiXj<86j%VeSRzb#jP+R>&gkT z;N#7==hHPSNBy-D_$uWd2hB8F$O~++Qh>@v2G77JD8kgoP^e&5+@=J=dB}vimwG+7 zzgcWk1cHCCOB(ZCu~>Oo(~_)-V}5Hx$baZlZ~yZqIGW0^!1vI{!t=lFO8lq2-F5u8 z2YEK&6fuU=m>D6MXlttlo!}@ETMlW9599F`-<}}G z_b?*2PW~RnfwKWI9!vAUrbtfvNd;1ezqLJh&G#}S7Bx9Ykl+-eFvgza9i6{FXC%dW z^!K-i=MaP`b-Z!NI^tgmzT*vlO*`UW{bDli@PG85^eXP;4GochnI$rMuk+ZW*NOAk z8=_0+vB#$Tcanx<=kfn@HsCEvLy}Q=adb=_FG&g4tsO56FzU$SDfz|muBcA}-1#HO zw0izG*%d`{nqryWQ^k{Qp57$Jx-qSDe4SE5?4wvlNEYu}3GuitmM_BXYWQ zRAE(kYUeHUEpUS%jaBBE($!F+(YC!{6Rr*nwFVG|tPqs^~IpACv>vENDM3 zza;#Q(-8c|+1P-Wc>o;8xdC;Acsxa61UK*|jo`+)0oQe1kU#V<;=PWA12?rXbKnNx zMs#y7bZ-qnE9zOpb1i%9R-|uag*Z=+A+W+Ta9$~;RCm247B1y0^H5AGi35c)K zb{Kk`sfQ2ZnI+Q)hjyz=xsakR*RD)+=Y+IHegX)qi zKX#G6DDvUMhtHo&g`~4kv2A(A4zfng_*|TxfI5<1a)|C}OpG&`K4%j4Y75Wq{f?H% z4$p^2b>;ntXK;HvfSa;q>utdfTsxe(OIN>Yo-Z1;pw(&~{hA@q2YreX2Y|!Lf4s5~ zS#SLJO!4KPDtM4vlPX*QjrboTro$Da}u2Twct zg#kh-60Mds(D-8s`j+4}ZPu>SO&VErlk+}!r4cVQ-!9m7SM9|J$CY}Lm>a|!$CD3d z$Bbv?RHh^h`B>Eo!29GyE-veN&=UaEpDS>2_4Pp0uwCL=6*QIN`txVr$?a_=xwZZv z(puLo!A68fzXQq`Il zx238#l1!ntOqXuSo|@F@HMAenBtkPl5Qjd7v)o%S3gb(vIe;psK(|_=fllo0r=S+g z6H#JOIPA6-T@io0(`ng9ua+0%;F(Zy8cM(88kAM~_V(w^%Byx^G2m4^UC_%vH+m$T zS*QV3j3Y*P>A{e=-`JyR3~|Oa)wyx4=ce$3|K^yJeop%`MIVm+P;!9nqIeL6NW8p( z1(t%Qsq)V30R+*GX;uuJfd2Njt-fh2c;TYI;=O~RdY;>{WQoEb>+{_8vwqgk`uW2= R|33f#|NpC9EXn{d0RZxYi0J?T literal 0 HcmV?d00001 diff --git a/charts/geoserver-standalone/v0.1.5/ci/values.yaml b/charts/geoserver-standalone/v0.1.5/ci/values.yaml new file mode 100644 index 0000000..7abd442 --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/ci/values.yaml @@ -0,0 +1,19 @@ +--- + +geoserverUser: superadmin +geoserverPassword: superpasswordlol + +persistence: + geoserverDataDir: + enabled: true + storageClass: "default" + mountPath: /opt/mygeoserver/data_dir + +ingress: + enabled: true + host: geoserver.test + annotations: + cert-manager.io/cluster-issuer: selfsigned-issuer + tls: + enabled: true + secretName: geoserver-tls diff --git a/charts/geoserver-standalone/v0.1.5/templates/NOTES.txt b/charts/geoserver-standalone/v0.1.5/templates/NOTES.txt new file mode 100644 index 0000000..f9eb3cc --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/templates/NOTES.txt @@ -0,0 +1,7 @@ +Check that the Geoserver is up and running: + + kubectl get deployment/{{ include "geoserver.fullname" . }} -n {{ .Release.Namespace }} + +Check that the secret has been created: + + kubectl get secret/{{ include "geoserver.fullname" . }} -n {{ .Release.Namespace }} diff --git a/charts/geoserver-standalone/v0.1.5/templates/_helpers.tpl b/charts/geoserver-standalone/v0.1.5/templates/_helpers.tpl new file mode 100644 index 0000000..9382ab1 --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/templates/_helpers.tpl @@ -0,0 +1,203 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "geoserver.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "geoserver.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "geoserver.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "geoserver.labels" -}} +helm.sh/chart: {{ include "geoserver.chart" . }} +{{ include "geoserver.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "geoserver.selectorLabels" -}} +app.kubernetes.io/name: {{ include "geoserver.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + + +{{/* +Get the configMap key. +*/}} +{{- define "geoserver.configName" -}} +{{- if .Values.existingConfig -}} + {{- printf "%s" (tpl .Values.existingConfig $) -}} +{{- else -}} + {{- printf "%s" (include "geoserver.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Get the password secret. +*/}} +{{- define "geoserver.secretName" -}} +{{- if .Values.existingSecret -}} + {{- printf "%s" (tpl .Values.existingSecret $) -}} +{{- else -}} + {{- printf "%s" (include "geoserver.fullname" .) -}} +{{- end -}} +{{- end -}} + + +{{/* +Return GeoServer user +*/}} +{{- define "geoserver.user" -}} +{{- if .Values.geoserverUser -}} + {{- .Values.geoserverUser -}} +{{- else -}} + {{- randAlphaNum 7 -}} +{{- end -}} +{{- end -}} + + +{{/* +Return GeoServer password +*/}} +{{- define "geoserver.password" -}} +{{- if .Values.geoserverPassword -}} + {{- .Values.geoserverPassword -}} +{{- else -}} + {{- randAlphaNum 12 -}} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "geoserver.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "geoserver.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Return GeoServer Data Dir storageClass declaration +*/}} +{{- define "geoserver.geoserverDataDir.storageClass" -}} +{{- if .Values.global -}} + {{- if .Values.global.storageClass -}} + {{- if (eq "-" .Values.global.storageClass) -}} + {{- printf "storageClassName: \"\"" -}} + {{- else }} + {{- printf "storageClassName: %s" .Values.global.storageClass -}} + {{- end -}} + {{- else -}} + {{- if .Values.persistence.geoserverDataDir.storageClass -}} + {{- if (eq "-" .Values.persistence.geoserverDataDir.storageClass) -}} + {{- printf "storageClassName: \"\"" -}} + {{- else }} + {{- printf "storageClassName: %s" .Values.persistence.geoserverDataDir.storageClass -}} + {{- end -}} + {{- end -}} + {{- end -}} +{{- else -}} + {{- if .Values.persistence.geoserverDataDir.storageClass -}} + {{- if (eq "-" .Values.persistence.geoserverDataDir.storageClass) -}} + {{- printf "storageClassName: \"\"" -}} + {{- else }} + {{- printf "storageClassName: %s" .Values.persistence.geoserverDataDir.storageClass -}} + {{- end -}} + {{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Postgis Hostname +*/}} +{{- define "geoserver.databaseHost" -}} +{{- if .Values.postgis.enabled }} + {{- printf "%s" (include "geoserver.fullname" .) -}} +{{- else -}} + {{- printf "%s" .Values.externalDatabase.host -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Postgis Port +*/}} +{{- define "geoserver.databasePort" -}} +{{- if .Values.postgis.enabled }} + {{- printf "5432" -}} +{{- else -}} + {{- printf "%d" (.Values.externalDatabase.port | int ) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Postgis Database Name +*/}} +{{- define "geoserver.databaseName" -}} +{{- if .Values.postgis.enabled }} + {{- printf "%s" .Values.postgis.auth.database -}} +{{- else -}} + {{- printf "%s" .Values.externalDatabase.database -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Postgis User +*/}} +{{- define "geoserver.databaseUser" -}} +{{- if .Values.postgis.enabled }} + {{- printf "%s" .Values.postgis.auth.username -}} +{{- else -}} + {{- printf "%s" .Values.externalDatabase.user -}} +{{- end -}} +{{- end -}} + + +{{/* +Return the Postgis Secret Name +*/}} +{{- define "geoserver.databaseSecretName" -}} +{{- if and (.Values.postgis.enabled) (not .Values.postgis.existingSecret) -}} + {{- printf "%s" (include "geoserver.fullname" .) -}} +{{- else if and (.Values.postgis.enabled) (.Values.postgis.existingSecret) -}} + {{- printf "%s" .Values.postgis.auth.existingSecret -}} +{{- else }} + {{- if .Values.externalDatabase.existingSecret -}} + {{- printf "%s" .Values.externalDatabase.existingSecret -}} + {{- else -}} + {{- printf "%s-%s" .Release.Name "externaldb" -}} + {{- end -}} +{{- end -}} +{{- end -}} + diff --git a/charts/geoserver-standalone/v0.1.5/templates/configmap.yaml b/charts/geoserver-standalone/v0.1.5/templates/configmap.yaml new file mode 100644 index 0000000..a57c5cf --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/templates/configmap.yaml @@ -0,0 +1,31 @@ +{{- if or (not .Values.existingConfig) .Values.extraConfig }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "geoserver.configName" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "geoserver.fullname" . }} + chart: {{ template "geoserver.chart" . }} + release: {{ .Release.Name | quote }} + heritage: {{ .Release.Service | quote }} + {{- with .Values.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} +data: + {{- if not .Values.existingConfig }} + httpHost: {{ .Values.httpHost | quote }} + httpProxyName: {{ .Values.httpProxyName | quote }} + communityExtensions: {{ .Values.communityExtensions | quote }} + stableExtensions: {{ .Values.stableExtensions | quote }} + initialMemory: {{ .Values.initialMemory | quote }} + maximumMemory: {{ .Values.maximumMemory | quote }} + csrfWhitelist: {{ .Values.csrfWhitelist | quote }} + {{- end }} + {{- with .Values.extraConfig }} + {{- tpl . $ | nindent 2 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/geoserver-standalone/v0.1.5/templates/deployment.yaml b/charts/geoserver-standalone/v0.1.5/templates/deployment.yaml new file mode 100644 index 0000000..b0cbeec --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/templates/deployment.yaml @@ -0,0 +1,232 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "geoserver.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "geoserver.fullname" . }} + chart: {{ template "geoserver.chart" . }} + release: {{ .Release.Name | quote }} + heritage: {{ .Release.Service | quote }} + {{- with .Values.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicas }} + {{- end }} + updateStrategy: + {{- toYaml .Values.strategy | nindent 4 }} + selector: + matchLabels: + app: {{ template "geoserver.fullname" . }} + release: {{ .Release.Name | quote }} + template: + metadata: + labels: + app: {{ template "geoserver.fullname" . }} + chart: {{ template "geoserver.chart" . }} + release: {{ .Release.Name | quote }} + heritage: {{ .Release.Service | quote }} + spec: + {{- if .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- range .Values.global.imagePullSecrets }} + - name: {{ . }} + {{- end }} + {{- end }} + serviceAccountName: {{ include "geoserver.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.containerSecurityContext | nindent 12 }} + {{- if .Values.image.digest }} + image: "{{ .Values.image.repository }}@{{ .Values.image.digest }}" + {{- else }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: HTTP_HOST + valueFrom: + configMapRef: + name: {{ include "geoserver.configName" . }} + key: httpHost + - name: HTTP_PORT + value: {{ .Values.httpPort | quote }} + - name: HTTP_PROXY_NAME + valueFrom: + configMapRef: + name: {{ include "geoserver.configName" . }} + key: httpProxyName + - name: HTTP_SCHEME + value: {{ .Values.httpScheme | quote }} + - name: COMMUNITY_EXTENSIONS + valueFrom: + configMapRef: + name: {{ include "geoserver.configName" . }} + key: communityExtensions + - name: STABLE_EXTENSIONS + valueFrom: + configMapRef: + name: {{ include "geoserver.configName" . }} + key: stableExtensions + - name: INITIAL_MEMORY + valueFrom: + configMapRef: + name: {{ include "geoserver.configName" . }} + key: initialMemory + - name: MAXIMUM_MEMORY + valueFrom: + configMapRef: + name: {{ include "geoserver.configName" . }} + key: maximumMemory + - name: CSRF_WHITELIST + valueFrom: + configMapRef: + name: {{ include "geoserver.configName" . }} + key: csrfWhitelist + - name: GEOSERVER_ADMIN_USER + valueFrom: + secretKeyRef: + name: {{ template "geoserver.secretName" . }} + key: geoserver-user + - name: GEOSERVER_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "geoserver.secretName" . }} + key: geoserver-password + {{- if .Values.postgis.enabled }} + - name: POSTGRES_PASS + valueFrom: + secretKeyRef: + name: {{ include "geoserver.databaseSecretName" . }} + key: database-password + {{- end }} + {{- if .Values.postgis.enabled }} + - name: POSTGRES_USER + value: {{ .Values.postgis.auth.username | quote }} + {{- end }} + {{- if not .Values.postgis.enabled }} + - name: DATABASE_USER + valueFrom: + secretKeyRef: + name: {{ include "geoserver.databaseSecretName" . }} + key: database-user + - name: DATABASE_HOST + valueFrom: + secretKeyRef: + name: {{ include "geoserver.databaseSecretName" . }} + key: database-host + - name: DATABASE_DB + valueFrom: + secretKeyRef: + name: {{ include "geoserver.databaseSecretName" . }} + key: database-db + - name: DATABASE_PASS + valueFrom: + secretKeyRef: + name: {{ include "geoserver.databaseSecretName" . }} + key: database-password + - name: DATABASE_PORT + valueFrom: + secretKeyRef: + name: {{ include "geoserver.databaseSecretName" . }} + key: database-port + - name: DATABASE_URL + valueFrom: + secretKeyRef: + name: {{ include "geoserver.databaseSecretName" . }} + key: database-url + {{- end }} + {{- with .Values.extraPodEnv }} + {{- tpl . $ | nindent 12 }} + {{- end }} + ports: + - name: http-geoserver + containerPort: 8080 + protocol: TCP + {{- if .Values.customProbes }} + {{- with .Values.customProbes }} + {{- tpl . $ | nindent 10 }} + {{- end }} + {{- else }} + {{- with .Values.livenessProbe }} + {{- if .enabled }} + livenessProbe: + tcpSocket: + port: http-geoserver + initialDelaySeconds: {{ .initialDelaySeconds }} + periodSeconds: {{ .periodSeconds }} + successThreshold: {{ .successThreshold }} + failureThreshold: {{ .failureThreshold }} + {{- end }} + {{- end }} + {{- with .Values.readinessProbe }} + {{- if .enabled }} + readinessProbe: + tcpSocket: + port: http-geoserver + initialDelaySeconds: {{ .initialDelaySeconds }} + periodSeconds: {{ .periodSeconds }} + successThreshold: {{ .successThreshold }} + failureThreshold: {{ .failureThreshold }} + {{- end }} + {{- end }} + {{- with .Values.startupProbe }} + {{- if .enabled }} + startupProbe: + tcpSocket: + port: http-geoserver + periodSeconds: {{ .periodSeconds }} + failureThreshold: {{ .failureThreshold }} + {{- end }} + {{- end }} + {{- end }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + {{- if .Values.persistence.geoserverDataDir.enabled }} + - name: geoserver-data + mountPath: {{ .Values.persistence.geoserverDataDir.mountPath }} + {{- if .Values.persistence.geoserverDataDir.subPath }} + subPath: {{ .Values.persistence.geoserverDataDir.subPath }} + {{- end }} + {{- end }} + {{- if .Values.extraVolumeMounts }} + {{- toYaml .Values.extraVolumeMounts | nindent 8 }} + {{- end }} + restartPolicy: Always + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + {{- if .Values.extraVolumes }} + {{- toYaml .Values.extraVolumes | nindent 8 }} + {{- end }} + - name: geoserver-data + {{- if .Values.persistence.geoserverDataDir.enabled }} + {{- if .Values.persistence.geoserverDataDir.existingClaim }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.geoserverDataDir.existingClaim}} + {{- else }} + persistentVolumeClaim: + claimName: {{ template "geoserver.fullname" . }}-data + {{- end }} + {{- else }} + emptyDir: {} + {{ end }} \ No newline at end of file diff --git a/charts/geoserver-standalone/v0.1.5/templates/externaldb-secrets.yaml b/charts/geoserver-standalone/v0.1.5/templates/externaldb-secrets.yaml new file mode 100644 index 0000000..5c863e1 --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/templates/externaldb-secrets.yaml @@ -0,0 +1,20 @@ +{{- if (not (or .Values.postgis.enabled .Values.externalDatabase.existingSecret)) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-%s" .Release.Name "externaldb" }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "geoserver.fullname" . }} + chart: {{ template "geoserver.chart" . }} + release: {{ .Release.Name | quote }} + heritage: {{ .Release.Service | quote }} +type: Opaque +data: + database-user: {{ default "" .Values.externalDatabase.user | b64enc | quote }} + database-db: {{ default "" .Values.externalDatabase.database | b64enc | quote }} + database-port: {{ default "" .Values.externalDatabase.port | toString | b64enc | quote }} + database-host: {{ default "" .Values.externalDatabase.host | b64enc | quote }} + database-password: {{ default "" .Values.externalDatabase.password | b64enc | quote }} + database-url: {{ default "" .Values.externalDatabase.url | b64enc | quote }} +{{- end }} \ No newline at end of file diff --git a/charts/geoserver-standalone/v0.1.5/templates/hpa.yaml b/charts/geoserver-standalone/v0.1.5/templates/hpa.yaml new file mode 100644 index 0000000..2634faa --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ template "geoserver.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "geoserver.fullname" . }} + chart: {{ template "geoserver.chart" . }} + release: {{ .Release.Name | quote }} + heritage: {{ .Release.Service | quote }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: StatefulSet + name: {{ include "geoserver.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/geoserver-standalone/v0.1.5/templates/ingress.yaml b/charts/geoserver-standalone/v0.1.5/templates/ingress.yaml new file mode 100644 index 0000000..f74bd8c --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/templates/ingress.yaml @@ -0,0 +1,40 @@ +{{- if .Values.ingress.enabled }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + {{- with .Values.ingress.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + app: {{ template "geoserver.fullname" . }} + chart: {{ template "geoserver.chart" . }} + release: {{ .Release.Name | quote }} + heritage: {{ .Release.Service | quote }} + {{- with .Values.ingress.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ template "geoserver.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + {{- if .Values.ingress.className }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + rules: + - host: {{ .Values.ingress.host }} + http: + paths: + - backend: + service: + name: {{ template "geoserver.fullname" . }} + port: + number: 8080 + path: /geoserver + pathType: ImplementationSpecific + {{- if .Values.ingress.tls.enabled }} + tls: + - hosts: + - {{ .Values.ingress.host }} + secretName: {{ .Values.ingress.tls.secretName }} + {{- end }} +{{- end }} diff --git a/charts/geoserver-standalone/v0.1.5/templates/rbac.yaml b/charts/geoserver-standalone/v0.1.5/templates/rbac.yaml new file mode 100644 index 0000000..351db44 --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/templates/rbac.yaml @@ -0,0 +1,30 @@ +{{- if .Values.rbac.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "geoserver.fullname" . }}-privileged + namespace: {{ .Release.Namespace }} +rules: +- apiGroups: + - extensions + resourceNames: + - privileged + resources: + - podsecuritypolicies + verbs: + - use +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "geoserver.fullname" . }}-privileged + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "geoserver.fullname" . }}-privileged +subjects: +- kind: ServiceAccount + name: {{ .Values.serviceAccount.name }} + namespace: {{ .Release.Namespace | quote }} +{{- end }} \ No newline at end of file diff --git a/charts/geoserver-standalone/v0.1.5/templates/secrets.yaml b/charts/geoserver-standalone/v0.1.5/templates/secrets.yaml new file mode 100644 index 0000000..df76613 --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/templates/secrets.yaml @@ -0,0 +1,21 @@ +{{- if or (not .Values.existingSecret) .Values.extraSecret }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "geoserver.secretName" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "geoserver.fullname" . }} + chart: {{ template "geoserver.chart" . }} + release: {{ .Release.Name | quote }} + heritage: {{ .Release.Service | quote }} +type: Opaque +data: + {{- if not .Values.existingSecret }} + geoserver-user: {{ include "geoserver.user" . | b64enc | quote }} + geoserver-password: {{ include "geoserver.password" . | b64enc | quote }} + {{- end }} + {{- with .Values.extraSecret }} + {{- tpl . $ | nindent 2 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/geoserver-standalone/v0.1.5/templates/service.yaml b/charts/geoserver-standalone/v0.1.5/templates/service.yaml new file mode 100644 index 0000000..92e3953 --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/templates/service.yaml @@ -0,0 +1,36 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "geoserver.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "geoserver.fullname" . }} + chart: {{ template "geoserver.chart" . }} + release: {{ .Release.Name | quote }} + heritage: {{ .Release.Service | quote }} + {{- with .Values.service.labels }} + {{- tpl . $ | nindent 4 }} + {{- end }} + annotations: + {{- with .Values.service.annotations }} + {{- tpl . $ | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + {{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerIP }} + loadBalancerIP: {{ default "" .Values.service.loadBalancerIP }} + {{- end }} + ports: + - port: {{ .Values.service.port }} + targetPort: http-geoserver + protocol: TCP + name: http-geoserver + {{- if eq .Values.service.type "NodePort" }} + nodePort: {{ default "" .Values.service.nodePort}} + {{- end }} + {{- if .Values.service.externalIPs }} + externalIPs: {{- toYaml .Values.service.externalIPs | nindent 4 }} + {{- end }} + selector: + app: {{ template "geoserver.fullname" . }} + release: {{ .Release.Name | quote }} diff --git a/charts/geoserver-standalone/v0.1.5/templates/serviceaccount.yaml b/charts/geoserver-standalone/v0.1.5/templates/serviceaccount.yaml new file mode 100644 index 0000000..d791747 --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "geoserver.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "geoserver.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/geoserver-standalone/v0.1.5/templates/volume.yaml b/charts/geoserver-standalone/v0.1.5/templates/volume.yaml new file mode 100644 index 0000000..7baa5cd --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/templates/volume.yaml @@ -0,0 +1,21 @@ + +{{- if and .Values.persistence.geoserverDataDir.enabled (not .Values.persistence.geoserverDataDir.existingClaim) }} +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "geoserver.fullname" . }}-data + {{- with .Values.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} +spec: + accessModes: + {{- range .Values.persistence.geoserverDataDir.accessModes }} + - {{ . | quote }} + {{- end }} + {{- include "geoserver.geoserverDataDir.storageClass" . | nindent 2 }} + resources: + requests: + storage: {{ .Values.persistence.geoserverDataDir.size | quote }} +... +{{- end }} \ No newline at end of file diff --git a/charts/geoserver-standalone/v0.1.5/values.schema.json b/charts/geoserver-standalone/v0.1.5/values.schema.json new file mode 100644 index 0000000..844dac0 --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/values.schema.json @@ -0,0 +1,312 @@ +{ + "title": "Geoserver Chart Values", + "type": "object", + "properties": { + "replicas": { + "type": "number", + "description": "Number of Geoserver replicas to deploy", + "default": 1 + }, + "global": { + "type": "object", + "properties": { + "imageRegistry": { + "type": "string", + "description": "Global Docker image registry", + "default": "" + }, + "imagePullSecrets": { + "type": "array", + "description": "Global Docker registry secret names as an array", + "default": [], + "items": {} + } + } + }, + "image": { + "type": "object", + "properties": { + "registry": { + "type": "string", + "description": "Geoserver image registry", + "default": "docker.io" + }, + "repository": { + "type": "string", + "description": "Geoserver image repository", + "default": "kartoza/geoserver" + }, + "tag": { + "type": "string", + "description": "Geoserver image tag (immutable tags are recommended)", + "default": "2.24.0" + }, + "digest": { + "type": "string", + "description": "Geoserver image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended)", + "default": "" + }, + "pullPolicy": { + "type": "string", + "description": "Geoserver image pull policy", + "pattern": "^(Always|Never|IfNotPresent)$" + } + } + }, + "nameOverride": { + "type": "string", + "description": "String to partially override name", + "default": "" + }, + "fullnameOverride": { + "type": "string", + "description": "String to fully override fullname", + "default": "" + }, + "annotations": { + "type": "object", + "description": "Annotations to add to all deployed objects", + "default": {} + }, + "labels": { + "type": "object", + "description": "Labels to add to all deployed objects", + "default": {} + }, + "geoserverUser": { + "type": "string", + "title": "Geoserver admin user", + "description": "Name of the admin user to be created during the 1st initialization of Geoserver", + "form": true + }, + "geoserverPassword": { + "type": "string", + "title": "Password for the Geoserver admin user", + "description": "Defaults to a random 10-character alphanumeric string if not set", + "form": true + }, + "extraVolumeMounts": { + "type": "array", + "description": "Optionally specify extra list of additional volumeMounts for the Geoserver container(s)", + "default": [], + "items": {} + }, + "extraVolumes": { + "type": "array", + "description": "Optionally specify extra list of additional volumes for the Geoserver pod(s)", + "default": [], + "items": {} + }, + "serviceAccount": { + "type": "object", + "properties": { + "create": { + "type": "boolean", + "description": "Specifies whether a ServiceAccount should be created", + "default": true + }, + "annotations": { + "type": "object", + "description": "Additional Service Account annotations (evaluated as a template)", + "default": {} + }, + "name": { + "type": "string", + "description": "The name of the ServiceAccount to use.", + "default": "" + } + } + }, + "strategy": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Geoserver deployment strategy type. If persistence is enabled, strategy type should be set to OnDelete to avoid dead locks.", + "default": "OnDelete" + } + } + }, + "ingress": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable ingress record generation for Geoserver", + "default": false + }, + "className": { + "type": "string", + "description": "IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)", + "default": "" + }, + "annotations": { + "type": "object", + "description": "Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.", + "default": {} + }, + "host": { + "type": "string", + "description": "Default host for the ingress record", + "default": "geoserver.hostname" + }, + "tls": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable TLS configuration for the host defined at `ingress.host` parameter", + "default": false + } + } + } + }, + "tolerations": { + "type": "array", + "description": "Tolerations for Geoserver pods assignment", + "default": [], + "items": {} + }, + "affinity": { + "type": "object", + "description": "Affinity for Geoserver pods assignment", + "default": {} + }, + "nodeSelector": { + "type": "object", + "description": "Node labels for Geoserver pods assignment", + "default": {} + }, + "livenessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable livenessProbe on Geoserver containers", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for livenessProbe", + "default": 180 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for livenessProbe", + "default": 15 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for livenessProbe", + "default": 1 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for livenessProbe", + "default": 5 + } + } + }, + "readinessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable readinessProbe on Geoserver containers", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for readinessProbe", + "default": 60 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for readinessProbe", + "default": 15 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for readinessProbe", + "default": 1 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for readinessProbe", + "default": 5 + } + } + }, + "startupProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable startupProbe on Geoserver containers", + "default": true + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for startupProbe", + "default": 60 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for startupProbe", + "default": 5 + } + } + }, + "customProbes": { + "type": "object", + "description": "Custom Probes that overrides the default one", + "default": {} + }, + "persistence": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable Geoserver data persistence using VolumeClaimTemplates", + "default": true + }, + "storageClass": { + "type": "string", + "description": "PVC Storage Class for data volume", + "default": "" + }, + "mountPath": { + "type": "string", + "description": "Path to mount the volume at.", + "default": "/opt/geoserver/data_dir" + }, + "subPath": { + "type": "string", + "description": "The subdirectory of the volume to mount to, useful in dev environments and one PV for multiple services", + "default": "" + }, + "size": { + "type": "string", + "description": "PVC Storage Request for Geoserver volume", + "default": "8Gi" + }, + "accessModes": { + "type": "array", + "description": "PVC Access Mode for Geoserver volume", + "default": [ + "ReadWriteOnce" + ], + "items": { + "type": "string" + } + }, + "annotations": { + "type": "object", + "description": "Annotations for the PVC", + "default": {} + } + } + } + } + } +} \ No newline at end of file diff --git a/charts/geoserver-standalone/v0.1.5/values.yaml b/charts/geoserver-standalone/v0.1.5/values.yaml new file mode 100644 index 0000000..ca36224 --- /dev/null +++ b/charts/geoserver-standalone/v0.1.5/values.yaml @@ -0,0 +1,318 @@ +# Default values for geoserver. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +# Number of replicas to be created +replicas: 1 + +global: + ## global.imageRegistry Global Docker image registry + ## + imageRegistry: "" + ## global.imagePullSecrets Global Docker registry secret names as an array + ## e.g. + ## imagePullSecrets: + ## - myRegistryKeySecretName + ## + imagePullSecrets: [] + # Storage class name used to provision PV + storageClass: "" + +image: + # Image registry + registry: docker.io + # Image repository + repository: kartoza/geoserver + # Image tag + tag: "2.24.2" + # Image digest + digest: "" + # (k8s/containers/image/imagePullPolicy) Image pullPolicy + pullPolicy: IfNotPresent + +nameOverride: "" +fullnameOverride: "" + +# Annotations to add to the Geoserver deployment's. Optional. +annotations: {} + + +# Labels to add to the Geoserver deployment's. Optional. +labels: {} + + +geoserverUser: admin + +# For prefilled password +# It will be stored in secret later +geoserverPassword: "" + +httpScheme: https + +httpHost: 0.0.0.0 + +httpPort: 8080 + +httpProxyName: geoserver.hostname + +csrfWhitelist: ['geoserver.hostname'] + +initialMemory: 2Gi + +maximumMemory: 4Gi + +communityExtensions: + +stableExtensions: + +printBaseUrl: geoserver.hostname + +# Use this if you have predefined secrets +existingSecret: | + +# Use this if you have predefined configs +existingConfig: | + +# Define this for extra GeoServer environment variables +# Format: +# extraPodEnv: | +# - name: KEY_1 +# value: "VALUE_1" +# - name: KEY_2 +# value: "VALUE_2" +extraPodEnv: | + +# This will be evaluated as pod spec +extraPodSpec: | +# nodeSelector: +# a.label: value + +# Define this for extra secrets to be included +extraSecret: | +# key_1: value_1 + +# Define this for extra configs to be included +extraConfig: | +# key_1: value_1 + +configMaps: {} + +# Define this for extra volume mounts in the pod +extraVolumeMounts: [] +# You may potentially mount a config map/secret +# - name: custom-config +# mountPath: /docker-entrypoint.sh +# subPath: docker-entrypoint.sh +# readOnly: true + +# Define this for extra volume (in pair with extraVolumeMounts) +extraVolumes: [] +# You may potentially mount a config map/secret +# - name: custom-config +# configMap: +# name: geoserver-config + +serviceAccount: + # Specifies whether a service account should be created + create: false + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + + +service: + # Service Type to be used for the service + type: ClusterIP + # Service Type to be used for the service + port: 8080 + # LoadBalancer IP to add to the service, if the service type is LoadBalancer. + loadBalancerIP: "" + # If there are external IPs that route to one or more cluster nodes, Kubernetes Services can be exposed on those externalIPs + externalIPs: [] + # NodePort to use for the service. Optional. + nodePort: nil + # You can specify extra Labels to add to the service. Optional. + labels: {} + # You can specify extra Annotations to add to the Sevice. Optional. + annotations: {} + +## Strategy used to replace old pods +## IMPORTANT: use with care, it is suggested to leave as that for upgrade purposes +## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy +strategy: + type: OnDelete + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 1 + # maxUnavailable: 0 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + labels: {} + host: geoserver.hostname + tls: + enabled: false + ## Provide secret name if tls is enabled + secretName: geoserver-tls + + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 10 + targetCPUUtilizationPercentage: 80 + targetMemoryUtilizationPercentage: "" + +# whether to enable Role Based Access Control +rbac: + enabled: false + + +## Pod Security Context +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +## +podSecurityContext: {} + # fsGroup: 1001 + +## Container Security Context +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +containerSecurityContext: {} + # runAsUser: 1001 + # runAsNonRoot: true + # privileged: false + # readOnlyRootFilesystem: false + # allowPrivilegeEscalation: false + # capabilities: + # drop: ["ALL"] + # seccompProfile: + # type: "RuntimeDefault" + +# Tolerations to use for the Geoserver deployment. Optional. +tolerations: [] + +# Affinity to use for the Geoserver deployment. Optional. +affinity: {} + +# Node selector to use for the Geoserver deployment. Optional. +nodeSelector: {} + +## Liveness and readiness probe values + +## Liveness and readiness probe values +## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes +## +livenessProbe: + enabled: true + failureThreshold: 15 + successThreshold: 1 + periodSeconds: 5 + initialDelaySeconds: 120 + +readinessProbe: + enabled: true + failureThreshold: 15 + successThreshold: 1 + periodSeconds: 5 + initialDelaySeconds: 120 + +startupProbe: + enabled: false + failureThreshold: 60 + periodSeconds: 5 + + +# (k8s/containers/probe) Probe can be overridden +# If set empty, it will use default probe +# @notationType -- tpl +customProbes: | + + +persistence: + geoserverDataDir: + # Enable persistence. If set to false, the data directory + # will use ephemeral volume + enabled: true + + ## If existingClaim is specified, no PVC will be created and this claim will + ## be used + existingClaim: "" + + # The path the volume will be mounted at, useful when using different + # Geoserver images. + mountPath: /opt/geoserver/data_dir + + # The subdirectory of the volume to mount to, useful in + # dev environments and one PV for multiple services. Default provisioner + # usually have .lost+found directory, so you might want to use this so + # the container can have empty volume + subPath: "data_dir" + + # Size of the PV + size: 8Gi + + # Default Access Modes + accessModes: + - ReadWriteMany + # You can specify extra annotations here + annotations: {} + + # specify storageclass + storageClass: "" + +## Database Parameters +## +postgis: + ## postgis.enabled Deploy a PostgreSQL server to satisfy the applications database requirements + ## To use an external database set this to false and configure the `externalDatabase.*` parameters + ## + enabled: false + auth: + database: app + username: app + password: "" + existingSecret: "" + +## External Database Configuration +## All of these values are only used if `postgis.enabled=false` +## +externalDatabase: + ## externalDatabase.host External Database server host + ## + host: localhost + ## externalDatabase.port External Database server port + ## + port: 5432 + ## externalDatabase.user External Database username + ## + user: app + ## externalDatabase.password External Database user password + ## + password: "" + ## externalDatabase.database External Database database name + ## + database: app + ## externalDatabase.url External Database database url + ## + url: postgres://app:pass@localhost:5432/app + ## externalDatabase.existingSecret The name of an existing secret with database credentials + ## NOTE: When it's set, the `externalDatabase.password` parameter is ignored + ## + existingSecret: ""