Michal.Wrobel/openbao-helm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
161 commits 11 branches 48 tags 1.4 MiB
Commit graph

86 commits

Author SHA1 Message Date
Jason O'Donnell
3fbbf7b8df
Remove readOnlyRootFilesystem configurable (#110) 2019-11-12 19:55:31 -05:00
Sergii
ea0e66760f Add extra label to Ingress (#108) 2019-11-07 11:23:56 -05:00
Jason O'Donnell
a9e6a0a938
Add preStop lifecycle hook (#105) 
* Add preStop lifecycle hook

* Fix typo in comment
 2019-11-06 11:06:57 -05:00
Janusz Bialy
a2b2d32e92 Add support for image pull policy and secrets (#92) 
* add image pull policy and pull secrets

Signed-off-by: Janusz Bialy <jbialy@gmail.com>

* add unit tests

Signed-off-by: Janusz Bialy <jbialy@gmail.com>
 2019-10-24 12:58:32 -04:00
Jason O'Donnell
e1b89d6396
Make readOnlyRootFilesystem configurable (#93) 2019-10-24 12:40:19 -04:00
Yves Blusseau
75ceb1af5a Fix PodDisruptionBudget template (#88) 
* Fix bad selectors.
* Fix bad calculation of maxUnavailable.

Signed-off-by: JrCs <90z7oey02@sneakemail.com>
 2019-10-21 09:51:02 -04:00
Jason O'Donnell
b41d36c621
Require vault to run as non root (#80) 
* Require vault to run as non root

* Fix unit tests

* Make uid/gid configurable, remove home emptydir
 2019-10-18 12:42:25 -04:00
savagete2860
f7aa2576d0 Add load balancer source range for UI service (#83) 
* add load balancer source range for UI service

* add load balancer source range for UI service

* adding unit test

* adding unit test
 2019-10-18 12:41:53 -04:00
Jason O'Donnell
9fd0ad6e20
Fix audit storage mount in HA mode (#79) 
* Fix audit storage mount in HA mode

* Add explicit fsgroup
 2019-10-10 10:03:44 -04:00
Ryan Wholey
f957c52acc Add support for setting service type (#65) 2019-10-06 16:06:45 -04:00
StupidScience
c6adb89d4b added possibility to add extraLabels for server pod (#59) 2019-10-06 15:50:48 -04:00
Jason O'Donnell
d696408fae Allow annotations on ui dev service 2019-09-27 09:20:30 -07:00
Alejandro Garrido Mota
9dd6bad741 Support for ingress (#48) 
* Added ingress support

* Added small header with documentation about ingress

* Added unit tests
 2019-09-27 10:42:24 -05:00
Jeff Malnick
1773a5759d
Merge pull request #52 from mogaal/service-annotations 
Service annotations support
 2019-09-26 19:45:51 -07:00
Jason O'Donnell
09f56da548
Remove privileged, add mlock configurable (#50) 2019-09-23 01:11:04 -04:00
Alejandro Garrido Mota
865b98f55d Added support for service annotations 2019-09-11 16:39:25 +01:00
Arun Kumar
3f5b0b7b7e Changed vault service port and targetPort to values file (#43) 
* Changed vault service port and targetPort to values file

* Fixed typo in vaules, adding server-service changes and tests

* Changed port and targetPort to server.service
 2019-09-06 11:13:23 -04:00
Vincent Desjardins
2852fbba9b annotation configuration on service account (#47) 
Signed-off-by: Vincent Desjardins <vdesjardins@gmail.com>
 2019-09-06 10:48:12 -04:00
Alexander Schramm
5a64f9cc9e feat: allow setting loadBalancerIP and externalPort for service-ui (#44) 
* feat: allow setting loadBalancerIP and externalPort for service-ui

* test: remove tests with wrong value

There is no `ui.service.enabled` field, `ui.enabled` is used to create
the service and that is tested in line 29.

* test: loadBalancerIP is used if set.
 2019-09-06 10:27:31 -04:00
Sophian Mehboub
bb7ce9409b add namespace in vault manifest definition (#38) 2019-08-28 09:58:48 -04:00
Jason O'Donnell
0c86c6420a
Add privileged for mlock requirements (#35) 
* Add privilged for mlock requirements

* Update Chart version
 2019-08-22 16:32:30 -04:00
Miroslav E. Hadzhiev
4b12c39099 Address K8s Deprecation of Kubelet security controls. Remove Whitespaces. (#24) 2019-08-22 11:05:31 -04:00
Jason O'Donnell
a6c17ed48a
Remove step-down preStop (#31) 2019-08-21 17:34:31 -04:00
Sri Hari Vignesh
e99b03855c Correct volume indents (#28) 2019-08-21 11:15:47 -04:00
Dat Truong
54c7c34af7 Use correct name label for UI Service object (#30) 2019-08-21 10:06:05 -04:00
Jason O'Donnell
acd1638b28
Add VAULT_API_ADDR as environment var (#26) 2019-08-20 17:09:06 -04:00
Jason O'Donnell
abb2b6e56e
Remove version label from resources (#27) 2019-08-20 17:08:49 -04:00
Dat Truong
c0f5c7acc0 Add TLS support (#21) 
* Add Secret env vars

* Add custom path for volume mounting

* Add HTTPS support

* Add test for tls

* Simplify network setup

* Make tls_disable true as default

* Update values variable to camelCase
 2019-08-20 11:40:47 -04:00
Amos Kyler
e312f00a03 Support UI service annotations (#19) 
* support ui service annotations

* Update templates/ui-service.yaml

Co-Authored-By: Dat Truong <mr.anhdat@gmail.com>

* fix service annotation indent and write unit tests
 2019-08-16 11:59:51 -04:00
JoeStack
a049b48379 Update ui-service.yaml (#23) 
port 80 doesn't work in case of https. So the default behavior in all of our docs is to use <vault-ip>:8200
 2019-08-16 11:58:35 -04:00
Dat Truong
2154e341ea Add secret env vars and custom mounting path (#16) 
* Add Secret env vars

* Add custom path for volume mounting
 2019-08-14 16:29:07 -04:00
Alexandre Garcia
be6e58375b fix ui service selector (#15) 2019-08-12 10:04:08 -04:00
Alexandre Garcia
0b2218d1d9 Only include clusterIp on vault service if set in values (#12) 2019-08-12 09:57:56 -04:00
Jason O'Donnell
0b8aacb590
Add clusterrolebinding, fix service, update Vault (#10) 
* Add clusterrolebinding, fix service, update Vault

* Change authDelegator to false by default

* Clarify clusterIP comment
 2019-08-08 14:14:58 -04:00
Khris Richardson
bd02c9ba5f remove field only valid for pod from container securityContext (#9) 2019-08-07 19:23:51 -04:00
Jason O'Donnell
db571d8dda
Update helm labels (#8) 2019-08-07 14:55:32 -04:00
Jason O'Donnell
8e1bd927f2
Add tolerations, nodeselector and annotations (#5) 2019-08-05 12:31:06 -04:00
Jason O'Donnell
b7469914e2
Refactor chart for 1.0, add tests, update TF (#2) 
* Refactor chart for 1.0, add tests, update TF

* Fix typo in helper comment

* Add NOTES for post install instructions

* Fix typo in NOTES

* Fix replication port for enterprise

* Change updateStrategy to OnDelete

* Add icon

* Remove cluster address from config

* Update README, add contributing doc

* Update README

* Change HA replicas to 3
 2019-07-31 14:26:12 -04:00
Jason O'Donnell
ca40087add
Remove unused DNS service (#1) 2019-07-02 13:29:36 -04:00
Clint Shryock
0e61f4f581
add/update how disruption budget works 2018-12-03 11:30:50 -06:00
Clint Shryock
81b11691ae
add service disruption back for HA setup 2018-11-30 16:29:46 -06:00
Clint Shryock
dc808dc106
rename extra config file generated 2018-11-30 16:02:53 -06:00
Clint Shryock
66211943e8
update values, single-server and test 2018-11-27 15:45:32 -06:00
Clint Shryock
34e0b377d9
rename consulHA to serverHA; add dev mode, update config and values 2018-11-26 16:12:03 -06:00
Clint Shryock
666cdb75cc
add dev mode 2018-11-26 15:35:52 -06:00
Clint Shryock
bcc8a8db5f
re-add seperate config map file for single server. Update config/values and statefulsets. Add auto-unseal config to single server 2018-11-26 11:44:05 -06:00
Clint Shryock
678c50bb72
update config - only on HA for now, may need to split things out 2018-11-19 15:09:59 -06:00
Clint Shryock
b0944d48df
consolidate config-map 2018-11-19 14:49:30 -06:00
Clint Shryock
0d3280254c
update values, correct security spot for contianers 2018-11-16 16:46:29 -06:00
Clint Shryock
5a4c3e69b1
refactoring for statefulset 2018-11-16 16:34:10 -06:00