From 0dac4c2e773835914a086b9a510c341b184eda7c Mon Sep 17 00:00:00 2001 From: hechmi-dammak-xenit <107396375+hechmi-dammak-xenit@users.noreply.github.com> Date: Tue, 22 Nov 2022 10:47:31 +0100 Subject: [PATCH] XM2C-68 remove auto-created pull secrets * XM2C-68 remove auto-created pull secrets * XM2C-68 format readme --- README.md | 427 ++++++++++++------ .../testing/k8s/kind/HelmAlfrescoTest.java | 7 - local-values.yaml | 7 - .../templates/acs/acs-deployment.yaml | 4 +- .../templates/active-mq/mq-deployement.yaml | 3 + .../digital-workspace-deployment.yaml | 4 +- .../templates/docker-registry-secrets.yaml | 37 -- .../helpers/_alfrescoImagePullSecret.tpl | 5 - .../helpers/_privateImagePullSecret.tpl | 5 - .../{storage => helpers}/_volume-helper.tpl | 0 .../templates/ooi/ooi-deployment.yaml | 4 +- .../postgres/postgresql-deployment.yaml | 4 +- .../templates/share/share-deployment.yaml | 3 + .../templates/solr/solr-stateful-set.yaml | 4 +- .../sync-service/sync-service-deployment.yaml | 4 +- .../shared-file-store-deployment.yaml | 7 +- .../transform-core-aio-deployment.yaml | 6 + .../transform-router-deployment.yaml | 7 +- xenit-alfresco/values.yaml | 8 +- 19 files changed, 344 insertions(+), 202 deletions(-) delete mode 100644 xenit-alfresco/templates/docker-registry-secrets.yaml delete mode 100644 xenit-alfresco/templates/helpers/_alfrescoImagePullSecret.tpl delete mode 100644 xenit-alfresco/templates/helpers/_privateImagePullSecret.tpl rename xenit-alfresco/templates/{storage => helpers}/_volume-helper.tpl (100%) diff --git a/README.md b/README.md index 769552f..9d9557c 100644 --- a/README.md +++ b/README.md @@ -1,23 +1,27 @@ -# Xenit Alfresco Helm Chart +# Xenit Alfresco Helm Chart + [![Latest version of 'alfresco' @ Cloudsmith](https://api-prd.cloudsmith.io/v1/badges/version/xenit/open-source/helm/alfresco/latest/x/?render=true&show_latest=true)](https://cloudsmith.io/~xenit/repos/open-source/packages/detail/helm/alfresco/latest/) This is a helm chart for installing Alfresco ## Helm + [![Hosted By: Cloudsmith](https://img.shields.io/badge/OSS%20hosting%20by-cloudsmith-blue?logo=cloudsmith&style=for-the-badge)](https://cloudsmith.com) -Package repository hosting is graciously provided by [Cloudsmith](https://cloudsmith.com). -Cloudsmith is the only fully hosted, cloud-native, universal package management solution, that -enables your organization to create, store and share packages in any format, to any place, with total -confidence. +Package repository hosting is graciously provided by [Cloudsmith](https://cloudsmith.com). Cloudsmith is the only fully +hosted, cloud-native, universal package management solution, that enables your organization to create, store and share +packages in any format, to any place, with total confidence. + +You can install this helm chart on you K8s cluster. Keep in mind that you will need to add some `--set` statements for +this to work: -You can install this helm chart on you K8s cluster. Keep in mind that you will need to add some `--set` statements for this to work: ```bash helm install alfresco \ --repo 'https://repo.xenit.eu/public/open-source/helm/charts/' ``` Or you can use it as a dependency in your `requirements.yaml` in your own chart. + ```yaml dependencies: - name: alfresco @@ -25,10 +29,10 @@ dependencies: repository: https://repo.xenit.eu/public/open-source/helm/charts/ ``` - - ## Dev Requirements + Make sure you have the following installed: + * Kubectl: https://kubernetes.io/docs/tasks/tools/#kubectl * docker: https://www.docker.com/get-started/ * Helm: https://helm.sh/docs/intro/install/ @@ -36,7 +40,9 @@ Make sure you have the following installed: * skaffold: https://skaffold.dev/docs/install/ ## Start Local Cluster -* To start the cluster you have to create one using kind with the config file as a parameter that is under the directory kind: + +* To start the cluster you have to create one using kind with the config file as a parameter that is under the directory + kind: ```bash kind create cluster --config=kind/config.yaml ``` @@ -49,36 +55,52 @@ Make sure you have the following installed: kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml ``` -* set up the credentials in local_values.yaml for LDAP and alfresco +* set up the image pull secrets like in the example and add them to the ```general.imagePullSecrets``` + Example : + +``` +apiVersion: v1 +kind: Secret +metadata: + name: secretName + namespace: {{ .Release.Namespace | quote }} +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" <> <> <> (printf "%s:%s" .username .password | b64enc) | b64enc }} +``` + * wait for the ingress controller to be ready you can check by running this command : ```bash kubectl wait --namespace ingress-nginx --for=condition=ready pod --selector=app.kubernetes.io/component=controller --timeout=90s ``` * some the services are disabled by default to minimize the resource usage such as : - - solr - - transformServices - - digitalWorkspace - + - solr + - transformServices + - digitalWorkspace + to enable them modify the values inside local-values.yaml -* finally, run skaffold (instead of helm) and wait for the ingress controller to be ready first: +* finally, run skaffold (instead of helm) and wait for the ingress controller to be ready first: ```bash skaffold dev ``` + ## Image Requirements -This helm chart supports a lot of features like share and desktop sync. You are however yourself responsible to provide an ACS image with the correct amps installed to support these features. -Please note that this helm chart is build to support the xenit open source images. These are build on the official Alfresco Images but have additional K8S support. + +This helm chart supports a lot of features like share and desktop sync. You are however yourself responsible to provide +an ACS image with the correct amps installed to support these features. Please note that this helm chart is build to +support the xenit open source images. These are build on the official Alfresco Images but have additional K8S support. The deployments that rely on Xenit Images are the following: + * acs * share * postgresql * solr -For more information take a look at +For more information take a look at * https://hub.docker.com/u/xenit * https://github.com/xenit-eu - ## Configuration ### General @@ -86,20 +108,21 @@ For more information take a look at #### `general.strategy` * Required: false -* Default: +* Default: ```yaml type: RollingUpdate rollingUpdate: maxSurge: 1 maxUnavailable: 0 ``` -* Description: You can overwrite here the rollout strategy of deployments. This will be effective on ALL deployments in the helm chart that have strategy type RollingUpdate (default) +* Description: You can overwrite here the rollout strategy of deployments. This will be effective on ALL deployments in + the helm chart that have strategy type RollingUpdate (default) #### `general.podAnnotations` * Required: false * Default: None -* Example: +* Example: ```yaml annotation1Key: annotation1Value annotation2Key: annotation2Value @@ -110,32 +133,38 @@ For more information take a look at * Required: false * Default: None -* Example: +* Example: ```yaml - name: privateDockerRepo1Secret - name: privateDockerRepo2Secret ``` -* Description: If you use an image that is hosted on a private repo besides the xenit repo or the quay alfresco repo you can create secrets on your cluster and reference them here. The secrets will be referenced in all Deployments and StatefullSets. +* Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and + reference them here. The secrets will be referenced in all Deployments and StatefullSets. #### `general.serviceType` * Required: false * Default: None -* Description: will set a serviceType on the services that are exposed via an ingress. This might be useful for example when you are working on AWS infra with an AWS ALB which requires NodePort services +* Description: will set a serviceType on the services that are exposed via an ingress. This might be useful for example + when you are working on AWS infra with an AWS ALB which requires NodePort services #### `general.db.username` * Required: false * Default: None -* Description: Used in the ACS and SyncService pod to access the Database and to set the username of the rootuser of the postgres (if enabled) -* Note: If not specified the helm chart will try to reuse the value used in previous deployments. If these are not there a random user will be used. +* Description: Used in the ACS and SyncService pod to access the Database and to set the username of the rootuser of the + postgres (if enabled) +* Note: If not specified the helm chart will try to reuse the value used in previous deployments. If these are not there + a random user will be used. #### `general.db.password` * Required: false * Default: None -* Description: Used in the ACS and SyncService pod to access the Database and to set the password of the rootuser of the postgres (if enabled) -* Note: If not specified the helm chart will try to reuse the value used in previous deployments. If these are not there a random password will be used. +* Description: Used in the ACS and SyncService pod to access the Database and to set the password of the rootuser of the + postgres (if enabled) +* Note: If not specified the helm chart will try to reuse the value used in previous deployments. If these are not there + a random password will be used. #### `general.networkPolicies.enabled` @@ -147,16 +176,20 @@ For more information take a look at * Required: false * Default: cilium -* Description: A field to tell the helm chart what cni provider your cluster is using. By default we assume cilium. If this is not the case you will need to add a network policy to allow the following +* Description: A field to tell the helm chart what cni provider your cluster is using. By default we assume cilium. If + this is not the case you will need to add a network policy to allow the following * Alfresco to access heartbeat #### `general.secrets.acs.selfManaged` * Required: false * Default: false -* Description: Whether or not you want to provide secrets for the helm chart yourself. This is useful when working on a prod environment and you want a secure secret solution (for example Bitnami' Sealed secrets) -* Please note that when you enable this you are yourself responsible to provide a secret acs-secret in the namespace that you will install this chart in. +* Description: Whether or not you want to provide secrets for the helm chart yourself. This is useful when working on a + prod environment and you want a secure secret solution (for example Bitnami' Sealed secrets) +* Please note that when you enable this you are yourself responsible to provide a secret acs-secret in the namespace + that you will install this chart in. * Secret data expected: + ``` GLOBAL_objectstorage.store.myS3ContentStore.value.accessKey GLOBAL_objectstorage.store.myS3ContentStore.value.secretKey @@ -166,9 +199,12 @@ For more information take a look at * Required: false * Default: false -* Description: Whether or not you want to provide secrets for the helm chart yourself. This is useful when working on a prod environment and you want a secure secret solution (for example Bitnami' Sealed secrets) -* Please note that when you enable this you are yourself responsible to provide a secret mq-secret in the namespace that you will install this chart in. +* Description: Whether or not you want to provide secrets for the helm chart yourself. This is useful when working on a + prod environment and you want a secure secret solution (for example Bitnami' Sealed secrets) +* Please note that when you enable this you are yourself responsible to provide a secret mq-secret in the namespace that + you will install this chart in. * Secret data expected: + ``` ACTIVEMQ_ADMIN_LOGIN ACTIVEMQ_ADMIN_PASSWORD @@ -180,9 +216,12 @@ For more information take a look at * Required: false * Default: false -* Description: Whether or not you want to provide secrets for the helm chart yourself. This is useful when working on a prod environment and you want a secure secret solution (for example Bitnami' Sealed secrets) -* Please note that when you enable this you are yourself responsible to provide a secret db-secret in the namespace that you will install this chart in. +* Description: Whether or not you want to provide secrets for the helm chart yourself. This is useful when working on a + prod environment and you want a secure secret solution (for example Bitnami' Sealed secrets) +* Please note that when you enable this you are yourself responsible to provide a secret db-secret in the namespace that + you will install this chart in. * Secret data expected: + ``` DB_USERNAME DB_PASSWORD @@ -190,14 +229,6 @@ For more information take a look at POSTGRES_PASSWORD ``` -#### `general.secrets.imageCredentials.selfManaged` - -* Required: false -* Default: false -* Description: Whether or not you want to provide secrets for the helm chart yourself. This is useful when working on a prod environment and you want a secure secret solution (for example Bitnami' Sealed secrets) -* Please note that when you enable this you are yourself responsible to provide a secret privatecred alfrescocred in the namespace that you will install this chart in. -* Secret data expected: Both secrets should be dockerconfigjson secrets - ### Ingress #### `ingress.host` @@ -222,12 +253,12 @@ For more information take a look at ``` * Description: Annotations for ingress - #### `ingress.additionalPaths` * Required: false * Default: None * Example: + ```yaml - path: /service-path pathType: Prefix @@ -237,7 +268,9 @@ For more information take a look at port: number: service-port ``` + * Description: used to add more path to ingress under the same host name for new services + ### ACS #### `acs.replicas` @@ -280,7 +313,8 @@ For more information take a look at * Required: false * Default: 1 -* Description: Specify the livenessProbe success thresh hold for how many consecutive successes for the probe to be considered successful after having failed +* Description: Specify the livenessProbe success thresh hold for how many consecutive successes for the probe to be + considered successful after having failed #### `acs.livenessProbe.timeoutSeconds` @@ -310,7 +344,8 @@ For more information take a look at * Required: false * Default: 1 -* Description: Specify the readinessProbe success thresh hold for how many consecutive successes for the probe to be considered successful after having failed +* Description: Specify the readinessProbe success thresh hold for how many consecutive successes for the probe to be + considered successful after having failed #### `acs.readinessProbe.timeoutSeconds` @@ -357,14 +392,17 @@ For more information take a look at environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value ``` -* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information +* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the + docker container. These will be stored in a config and are hence not safe for sensitive information #### `acs.envFrom` * Required: false * Default: None -* Description: This allows you to add to the acs-container envFrom section. This was added to allow to integrate secrets that are not added by this helm chart. +* Description: This allows you to add to the acs-container envFrom section. This was added to allow to integrate secrets + that are not added by this helm chart. * Example: + ```yaml - secretRef: name: s3-secret @@ -385,7 +423,8 @@ For more information take a look at * Required: false * Default: None -* Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart +* Description: If your pods need to run with a service account you can specify that here. Please note that you are + yourself responsible to create the serviceAccount referenced in the namespace of this helm chart #### `acs.resources.requests` @@ -397,13 +436,25 @@ For more information take a look at cpu: "2" ``` * Description: The resources a node should keep reserved for your pod -* + #### `acs.resources.limits` * Required: false * Default: None * Description: The maximum resources a pod may consume from a node +#### `acs.imagePullSecrets` + +* Required: false +* Default: None +* Example: + ```yaml + - name: privateDockerRepo1Secret + - name: privateDockerRepo2Secret + ``` +* Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and + reference them here. + ### Digital Workspace #### `digitalWorkspace.enabled` @@ -451,7 +502,8 @@ For more information take a look at environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value ``` -* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information +* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the + docker container. These will be stored in a config and are hence not safe for sensitive information #### `digitalWorkspace.podAnnotations` @@ -468,7 +520,8 @@ For more information take a look at * Required: false * Default: None -* Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart +* Description: If your pods need to run with a service account you can specify that here. Please note that you are + yourself responsible to create the serviceAccount referenced in the namespace of this helm chart #### `digitalWorkspace.resources.requests` @@ -480,13 +533,25 @@ For more information take a look at cpu: "150m" ``` * Description: The resources a node should keep reserved for your pod -* + #### `digitalWorkspace.resources.limits` * Required: false * Default: None * Description: The maximum resources a pod may consume from a node +#### `digitalWorkspace.imagePullSecrets` + +* Required: false +* Default: None +* Example: + ```yaml + - name: privateDockerRepo1Secret + - name: privateDockerRepo2Secret + ``` +* Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and + reference them here. + ### Share #### `share.enabled` @@ -528,7 +593,8 @@ For more information take a look at environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value ``` -* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information +* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the + docker container. These will be stored in a config and are hence not safe for sensitive information #### `share.podAnnotations` @@ -545,7 +611,8 @@ For more information take a look at * Required: false * Default: None -* Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart +* Description: If your pods need to run with a service account you can specify that here. Please note that you are + yourself responsible to create the serviceAccount referenced in the namespace of this helm chart #### `share.resources.requests` @@ -558,12 +625,25 @@ For more information take a look at ``` * Description: The resources a node should keep reserved for your pod * + #### `share.resources.limits` * Required: false * Default: None * Description: The maximum resources a pod may consume from a node +#### `share.imagePullSecrets` + +* Required: false +* Default: None +* Example: + ```yaml + - name: privateDockerRepo1Secret + - name: privateDockerRepo2Secret + ``` +* Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and + reference them here. + ### Active MQ #### `mq.adminLogin` @@ -571,14 +651,16 @@ For more information take a look at * Required: false * Default: None * Description: Sets the username of the admin user of the MQ -* Note: If not specified the helm chart will try to reuse the value used in previous deployments. If these are not there a random login will be used. +* Note: If not specified the helm chart will try to reuse the value used in previous deployments. If these are not there + a random login will be used. #### `mq.adminPassword` * Required: false * Default: None * Description: Sets the password of the admin user of the MQ -* Note: If not specified the helm chart will try to reuse the value used in previous deployments. If these are not there a random password will be used. +* Note: If not specified the helm chart will try to reuse the value used in previous deployments. If these are not there + a random password will be used. #### `mq.enabled` @@ -619,7 +701,8 @@ For more information take a look at environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value ``` -* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information +* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the + docker container. These will be stored in a config and are hence not safe for sensitive information #### `mq.podAnnotations` @@ -636,7 +719,8 @@ For more information take a look at * Required: false * Default: None -* Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart +* Description: If your pods need to run with a service account you can specify that here. Please note that you are + yourself responsible to create the serviceAccount referenced in the namespace of this helm chart #### `mq.resources.requests` @@ -649,12 +733,25 @@ For more information take a look at ``` * Description: The resources a node should keep reserved for your pod * + #### `mq.resources.limits` * Required: false * Default: None * Description: The maximum resources a pod may consume from a node +#### `mq.imagePullSecrets` + +* Required: false +* Default: None +* Example: + ```yaml + - name: privateDockerRepo1Secret + - name: privateDockerRepo2Secret + ``` +* Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and + reference them here. + ### PostgresQl #### `postgresql.enabled` @@ -696,7 +793,8 @@ For more information take a look at environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value ``` -* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information +* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the + docker container. These will be stored in a config and are hence not safe for sensitive information #### `postgresql.podAnnotations` @@ -713,7 +811,8 @@ For more information take a look at * Required: false * Default: None -* Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart +* Description: If your pods need to run with a service account you can specify that here. Please note that you are + yourself responsible to create the serviceAccount referenced in the namespace of this helm chart #### `postgresql.resources.requests` @@ -732,6 +831,18 @@ For more information take a look at * Default: None * Description: The maximum resources a pod may consume from a node +#### `postgresql.imagePullSecrets` + +* Required: false +* Default: None +* Example: + ```yaml + - name: privateDockerRepo1Secret + - name: privateDockerRepo2Secret + ``` +* Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and + reference them here. + ### SOLR #### `solr.enabled` @@ -773,7 +884,8 @@ For more information take a look at environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value ``` -* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information +* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the + docker container. These will be stored in a config and are hence not safe for sensitive information #### `solr.podAnnotations` @@ -790,7 +902,8 @@ For more information take a look at * Required: false * Default: None -* Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart +* Description: If your pods need to run with a service account you can specify that here. Please note that you are + yourself responsible to create the serviceAccount referenced in the namespace of this helm chart #### `solr.resources.requests` @@ -803,12 +916,25 @@ For more information take a look at ``` * Description: The resources a node should keep reserved for your pod * + #### `solr.resources.limits` * Required: false * Default: None * Description: The maximum resources a pod may consume from a node +#### `solr.imagePullSecrets` + +* Required: false +* Default: None +* Example: + ```yaml + - name: privateDockerRepo1Secret + - name: privateDockerRepo2Secret + ``` +* Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and + reference them here. + ### Transform Services #### `transformServices.enabled` @@ -817,6 +943,18 @@ For more information take a look at * Default: `true` * Description: Enable or disable the Transform Services +#### `transformServices.imagePullSecrets` + +* Required: false +* Default: None +* Example: + ```yaml + - name: privateDockerRepo1Secret + - name: privateDockerRepo2Secret + ``` +* Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and + reference them here. they will be referenced in all transform services Deployments. + ### Shared File Store #### `transformServices.sharedFileStore.replicas` @@ -852,7 +990,8 @@ For more information take a look at environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value ``` -* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information +* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the + docker container. These will be stored in a config and are hence not safe for sensitive information #### `transformServices.sharedFileStore.podAnnotations` @@ -869,7 +1008,8 @@ For more information take a look at * Required: false * Default: None -* Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart +* Description: If your pods need to run with a service account you can specify that here. Please note that you are + yourself responsible to create the serviceAccount referenced in the namespace of this helm chart #### `transformServices.sharedFileStore.resources.requests` @@ -888,6 +1028,18 @@ For more information take a look at * Default: None * Description: The maximum resources a pod may consume from a node +#### `transformServices.sharedFileStore.imagePullSecrets` + +* Required: false +* Default: None +* Example: + ```yaml + - name: privateDockerRepo1Secret + - name: privateDockerRepo2Secret + ``` +* Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and + reference them here. + ### Transform Core All In One #### `transformServices.transformCoreAio.replicas` @@ -923,7 +1075,8 @@ For more information take a look at environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value ``` -* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information +* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the + docker container. These will be stored in a config and are hence not safe for sensitive information #### `transformServices.transformCoreAio.podAnnotations` @@ -934,13 +1087,15 @@ For more information take a look at annotation1Key: annotation1Value annotation2Key: annotation2Value ``` -* Description: With this list of parameters you can add 1 or multiple annotations to the Transform Core All In One deployment +* Description: With this list of parameters you can add 1 or multiple annotations to the Transform Core All In One + deployment #### `transformServices.transformCoreAio.serviceAccount` * Required: false * Default: None -* Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart +* Description: If your pods need to run with a service account you can specify that here. Please note that you are + yourself responsible to create the serviceAccount referenced in the namespace of this helm chart #### `transformServices.transformCoreAio.resources.requests` @@ -953,12 +1108,25 @@ For more information take a look at ``` * Description: The resources a node should keep reserved for your pod * + #### `transformServices.transformCoreAio.resources.limits` * Required: false * Default: None * Description: The maximum resources a pod may consume from a node +#### `transformServices.transformCoreAio.imagePullSecrets` + +* Required: false +* Default: None +* Example: + ```yaml + - name: privateDockerRepo1Secret + - name: privateDockerRepo2Secret + ``` +* Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and + reference them here. + ### Transform Router #### `transformServices.transformRouter.replicas` @@ -994,7 +1162,8 @@ For more information take a look at environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value ``` -* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information +* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the + docker container. These will be stored in a config and are hence not safe for sensitive information #### `transformServices.transformRouter.podAnnotations` @@ -1011,7 +1180,8 @@ For more information take a look at * Required: false * Default: None -* Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart +* Description: If your pods need to run with a service account you can specify that here. Please note that you are + yourself responsible to create the serviceAccount referenced in the namespace of this helm chart #### `transformServices.transformRouter.resources.requests` @@ -1024,12 +1194,25 @@ For more information take a look at ``` * Description: The resources a node should keep reserved for your pod * + #### `transformServices.transformRouter.resources.limits` * Required: false * Default: None * Description: The maximum resources a pod may consume from a node +#### `transformServices.transformRouter.imagePullSecrets` + +* Required: false +* Default: None +* Example: + ```yaml + - name: privateDockerRepo1Secret + - name: privateDockerRepo2Secret + ``` +* Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and + reference them here. + ### Sync Service #### `syncService.enabled` @@ -1071,7 +1254,8 @@ For more information take a look at environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value ``` -* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information +* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the + docker container. These will be stored in a config and are hence not safe for sensitive information #### `syncService.podAnnotations` @@ -1088,7 +1272,8 @@ For more information take a look at * Required: false * Default: None -* Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart +* Description: If your pods need to run with a service account you can specify that here. Please note that you are + yourself responsible to create the serviceAccount referenced in the namespace of this helm chart #### `syncService.resources.requests` @@ -1101,12 +1286,25 @@ For more information take a look at ``` * Description: The resources a node should keep reserved for your pod * + #### `syncService.resources.limits` * Required: false * Default: None * Description: The maximum resources a pod may consume from a node### Sync Service +#### `syncService.imagePullSecrets` + +* Required: false +* Default: None +* Example: + ```yaml + - name: privateDockerRepo1Secret + - name: privateDockerRepo2Secret + ``` +* Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and + reference them here. + ### Office Online Integration(OOI) #### `ooi.enabled` @@ -1148,7 +1346,8 @@ For more information take a look at environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value ``` -* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information +* Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the + docker container. These will be stored in a config and are hence not safe for sensitive information #### `ooi.podAnnotations` @@ -1159,13 +1358,15 @@ For more information take a look at annotation1Key: annotation1Value annotation2Key: annotation2Value ``` -* Description: With this list of parameters you can add 1 or multiple annotations to the Office Online Integration deployment +* Description: With this list of parameters you can add 1 or multiple annotations to the Office Online Integration + deployment #### `ooi.serviceAccount` * Required: false * Default: None -* Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart +* Description: If your pods need to run with a service account you can specify that here. Please note that you are + yourself responsible to create the serviceAccount referenced in the namespace of this helm chart #### `ooi.resources.requests` @@ -1178,12 +1379,25 @@ For more information take a look at ``` * Description: The resources a node should keep reserved for your pod * + #### `ooi.resources.limits` * Required: false * Default: None * Description: The maximum resources a pod may consume from a node +#### `ooi.imagePullSecrets` + +* Required: false +* Default: None +* Example: + ```yaml + - name: privateDockerRepo1Secret + - name: privateDockerRepo2Secret + ``` +* Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and + reference them here. + ### Persistent Storage ### Alfresco @@ -1198,7 +1412,8 @@ For more information take a look at * Required: false * Default: `scw-bssd` -* Description: Provide what storageClass should be used. For values other then `scw-bssd` `standard` or `efs-storage-class` you will need to make sure that that storage class is created +* Description: Provide what storageClass should be used. For values other then `scw-bssd` `standard` + or `efs-storage-class` you will need to make sure that that storage class is created #### `persistentStorage.alfresco.storage` @@ -1224,7 +1439,8 @@ For more information take a look at * Required: false * Default: `scw-bssd` -* Description: Provide what storageClass should be used. For values other then `scw-bssd` `standard` or `efs-storage-class` you will need to make sure that that storage class is created +* Description: Provide what storageClass should be used. For values other then `scw-bssd` `standard` + or `efs-storage-class` you will need to make sure that that storage class is created #### `persistentStorage.postgres.storage` @@ -1250,7 +1466,8 @@ For more information take a look at * Required: false * Default: `scw-bssd` -* Description: Provide what storageClass should be used. For values other then `scw-bssd` `standard` or `efs-storage-class` you will need to make sure that that storage class is created +* Description: Provide what storageClass should be used. For values other then `scw-bssd` `standard` + or `efs-storage-class` you will need to make sure that that storage class is created #### `persistentStorage.solr.storage` @@ -1276,7 +1493,8 @@ For more information take a look at * Required: false * Default: `scw-bssd` -* Description: Provide what storageClass should be used. For values other then `scw-bssd` `standard` or `efs-storage-class` you will need to make sure that that storage class is created +* Description: Provide what storageClass should be used. For values other then `scw-bssd` `standard` + or `efs-storage-class` you will need to make sure that that storage class is created #### `persistentStorage.sharedFileStore.storage` @@ -1302,7 +1520,8 @@ For more information take a look at * Required: false * Default: `scw-bssd` -* Description: Provide what storageClass should be used. For values other then `scw-bssd` `standard` or `efs-storage-class` you will need to make sure that that storage class is created +* Description: Provide what storageClass should be used. For values other then `scw-bssd` `standard` + or `efs-storage-class` you will need to make sure that that storage class is created #### `persistentStorage.mq.storage` @@ -1314,48 +1533,4 @@ For more information take a look at * Required: when `persistentStorage.mq.storageClassName` is `scw-bssd` * Default: None -* Description: The volume handle pointing to the AWS EFS location - -### Image Credentials - -### Private - -#### `imageCredentials.private.registry` - -* Required: false -* Default: `hub.xenit.eu` -* Description: The registry where the private images are hosted - -#### `imageCredentials.private.username` - -* Required: true -* Default: None -* Description: The username with which you will pull images from the private repo - -#### `imageCredentials.private.password` - -* Required: true -* Default: None -* Description: The password for the username with which you will pull images from the private repo - -### Alfresco (Quay) - -#### `imageCredentials.alfresco.registry` - -* Required: false -* Default: `quay.io` -* Description: The registry where alfresco private images are hosted - -#### `imageCredentials.alfresco.username` - -* Required: true -* Default: None -* Description: The username with which you will pull alfresco images from the alfresco repo - -#### `imageCredentials.alfresco.password` - -* Required: true -* Default: None -* Description: The password for the username with which you will pull alfresco images from the alfresco repo - - +* Description: The volume handle pointing to the AWS EFS location \ No newline at end of file diff --git a/integration-testing/src/test/java/eu/xenit/testing/k8s/kind/HelmAlfrescoTest.java b/integration-testing/src/test/java/eu/xenit/testing/k8s/kind/HelmAlfrescoTest.java index ab93252..2392e0b 100644 --- a/integration-testing/src/test/java/eu/xenit/testing/k8s/kind/HelmAlfrescoTest.java +++ b/integration-testing/src/test/java/eu/xenit/testing/k8s/kind/HelmAlfrescoTest.java @@ -36,13 +36,6 @@ void smallSetup() throws IOException { host: test protocol: http kubernetes.io/ingress.class: {} - imageCredentials: - private: - username: hello - password: world - alfresco: - username: hello - password: world acs: replicas: 1 resources: diff --git a/local-values.yaml b/local-values.yaml index 244de40..2af5750 100644 --- a/local-values.yaml +++ b/local-values.yaml @@ -2,13 +2,6 @@ ingress: host: test protocol: http kubernetes.io/ingress.class: {} -imageCredentials: - private: - username: #!Important: add your LDAP user name and do not commit them - password: #!Important: add your LDAP password and do not commit them - alfresco: - username: #!Important: add your alfresco user name and do not commit them - password: #!Important: add your alfresco password and do not commit them acs: resources: requests: diff --git a/xenit-alfresco/templates/acs/acs-deployment.yaml b/xenit-alfresco/templates/acs/acs-deployment.yaml index d441260..ed4f720 100644 --- a/xenit-alfresco/templates/acs/acs-deployment.yaml +++ b/xenit-alfresco/templates/acs/acs-deployment.yaml @@ -105,7 +105,9 @@ spec: claimName: alfresco-pvc {{- end }} imagePullSecrets: - - name: privatecred {{- if .Values.general.imagePullSecrets}} {{ toYaml .Values.general.imagePullSecrets | nindent 8 }} + {{- end }} + {{- if .Values.acs.imagePullSecrets}} + {{ toYaml .Values.acs.imagePullSecrets | nindent 8 }} {{- end }} \ No newline at end of file diff --git a/xenit-alfresco/templates/active-mq/mq-deployement.yaml b/xenit-alfresco/templates/active-mq/mq-deployement.yaml index 08d98ec..7f4cfee 100644 --- a/xenit-alfresco/templates/active-mq/mq-deployement.yaml +++ b/xenit-alfresco/templates/active-mq/mq-deployement.yaml @@ -101,6 +101,9 @@ spec: {{- if .Values.general.imagePullSecrets}} {{ toYaml .Values.general.imagePullSecrets | nindent 8 }} {{- end }} + {{- if .Values.mq.imagePullSecrets}} + {{ toYaml .Values.mq.imagePullSecrets | nindent 8 }} + {{- end }} {{- if .Values.persistentStorage.mq.enabled }} volumes: - name: data diff --git a/xenit-alfresco/templates/digital-workspace/digital-workspace-deployment.yaml b/xenit-alfresco/templates/digital-workspace/digital-workspace-deployment.yaml index 8000c51..16b2104 100644 --- a/xenit-alfresco/templates/digital-workspace/digital-workspace-deployment.yaml +++ b/xenit-alfresco/templates/digital-workspace/digital-workspace-deployment.yaml @@ -73,8 +73,10 @@ spec: {{- end }} {{- end }} imagePullSecrets: - - name: alfrescocred {{- if .Values.general.imagePullSecrets}} {{ toYaml .Values.general.imagePullSecrets | nindent 8 }} {{- end }} + {{- if .Values.digitalWorkspace.imagePullSecrets}} + {{ toYaml .Values.digitalWorkspace.imagePullSecrets | nindent 8 }} + {{- end }} {{- end }} \ No newline at end of file diff --git a/xenit-alfresco/templates/docker-registry-secrets.yaml b/xenit-alfresco/templates/docker-registry-secrets.yaml deleted file mode 100644 index a0363c9..0000000 --- a/xenit-alfresco/templates/docker-registry-secrets.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{- if not .Values.general.secrets.imageCredentials.selfManaged }} -apiVersion: v1 -kind: Secret -metadata: - name: privatecred - namespace: {{ .Release.Namespace | quote }} -type: kubernetes.io/dockerconfigjson -data: - # try to get the old secret and sync-service-configmap - # keep in mind, that a dry-run only returns an empty map - {{- $old_private_sec := lookup "v1" "Secret" .Release.Namespace "privatecred" }} - - # check, if a private repo secret isn't already set and no private repo credentials are passed - {{- if and ($old_private_sec) ($old_private_sec.data) (not .Values.imageCredentials.private.username) (not .Values.imageCredentials.private.password) }} - .dockerconfigjson: {{ index $old_private_sec.data ".dockerconfigjson" }} - {{- else }} - .dockerconfigjson: {{ template "privateImagePullSecret" . }} - {{- end }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: alfrescocred - namespace: {{ .Release.Namespace | quote }} -type: kubernetes.io/dockerconfigjson -data: - # try to get the old secret and sync-service-configmap - # keep in mind, that a dry-run only returns an empty map - {{- $old_alfresco_sec := lookup "v1" "Secret" .Release.Namespace "alfrescocred" }} - - # check, if an alfresco repo secret isn't already set and no alfresco repo credentials are passed - {{- if and ($old_alfresco_sec) ($old_alfresco_sec.data) (not .Values.imageCredentials.alfresco.username) (not .Values.imageCredentials.alfresco.password) }} - .dockerconfigjson: {{ index $old_alfresco_sec.data ".dockerconfigjson" }} - {{- else }} - .dockerconfigjson: {{ template "alfrescoImagePullSecret" . }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/xenit-alfresco/templates/helpers/_alfrescoImagePullSecret.tpl b/xenit-alfresco/templates/helpers/_alfrescoImagePullSecret.tpl deleted file mode 100644 index f866d72..0000000 --- a/xenit-alfresco/templates/helpers/_alfrescoImagePullSecret.tpl +++ /dev/null @@ -1,5 +0,0 @@ -{{- define "alfrescoImagePullSecret" }} -{{- with .Values.imageCredentials.alfresco }} -{{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry (required "please pass a username to the alfresco (quay) image repo to your helm installation via the value imageCredentials.alfresco.username" .username) (required "please pass a password to the quay image repo to your helm installation via the value imageCredentials.alfresco.password" .password) .email (printf "%s:%s" .username .password | b64enc) | b64enc }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/xenit-alfresco/templates/helpers/_privateImagePullSecret.tpl b/xenit-alfresco/templates/helpers/_privateImagePullSecret.tpl deleted file mode 100644 index 67dbdae..0000000 --- a/xenit-alfresco/templates/helpers/_privateImagePullSecret.tpl +++ /dev/null @@ -1,5 +0,0 @@ -{{- define "privateImagePullSecret" }} -{{- with .Values.imageCredentials.private }} -{{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry (required "please pass a username to the private image repo to your helm installation via the value imageCredentials.private.username" .username) (required "please pass a password to the private image repo to your helm installation via the value imageCredentials.private.password" .password) .email (printf "%s:%s" .username .password | b64enc) | b64enc }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/xenit-alfresco/templates/storage/_volume-helper.tpl b/xenit-alfresco/templates/helpers/_volume-helper.tpl similarity index 100% rename from xenit-alfresco/templates/storage/_volume-helper.tpl rename to xenit-alfresco/templates/helpers/_volume-helper.tpl diff --git a/xenit-alfresco/templates/ooi/ooi-deployment.yaml b/xenit-alfresco/templates/ooi/ooi-deployment.yaml index 9eb524b..2b80061 100644 --- a/xenit-alfresco/templates/ooi/ooi-deployment.yaml +++ b/xenit-alfresco/templates/ooi/ooi-deployment.yaml @@ -68,8 +68,10 @@ spec: {{- end }} {{- end }} imagePullSecrets: - - name: alfrescocred {{- if .Values.general.imagePullSecrets}} {{ toYaml .Values.general.imagePullSecrets | nindent 8 }} {{- end }} + {{- if .Values.ooi.imagePullSecrets}} + {{ toYaml .Values.ooi.imagePullSecrets | nindent 8 }} + {{- end }} {{- end }} \ No newline at end of file diff --git a/xenit-alfresco/templates/postgres/postgresql-deployment.yaml b/xenit-alfresco/templates/postgres/postgresql-deployment.yaml index 04ea274..ee37795 100644 --- a/xenit-alfresco/templates/postgres/postgresql-deployment.yaml +++ b/xenit-alfresco/templates/postgres/postgresql-deployment.yaml @@ -65,10 +65,12 @@ spec: {{- end }} {{- end }} imagePullSecrets: - - name: privatecred {{- if .Values.general.imagePullSecrets}} {{ toYaml .Values.general.imagePullSecrets | nindent 8 }} {{- end }} + {{- if .Values.postgresql.imagePullSecrets}} + {{ toYaml .Values.postgresql.imagePullSecrets | nindent 8 }} + {{- end }} {{- if .Values.persistentStorage.postgres.enabled }} volumes: - name: data diff --git a/xenit-alfresco/templates/share/share-deployment.yaml b/xenit-alfresco/templates/share/share-deployment.yaml index d9560ea..e22004e 100644 --- a/xenit-alfresco/templates/share/share-deployment.yaml +++ b/xenit-alfresco/templates/share/share-deployment.yaml @@ -63,4 +63,7 @@ spec: {{- if .Values.general.imagePullSecrets}} {{ toYaml .Values.general.imagePullSecrets | nindent 8 }} {{- end }} + {{- if .Values.share.imagePullSecrets}} + {{ toYaml .Values.share.imagePullSecrets | nindent 8 }} + {{- end }} {{- end }} \ No newline at end of file diff --git a/xenit-alfresco/templates/solr/solr-stateful-set.yaml b/xenit-alfresco/templates/solr/solr-stateful-set.yaml index db6248b..c3937ea 100644 --- a/xenit-alfresco/templates/solr/solr-stateful-set.yaml +++ b/xenit-alfresco/templates/solr/solr-stateful-set.yaml @@ -64,10 +64,12 @@ spec: mountPath: /opt/alfresco-search-services/data subPath: solr/data imagePullSecrets: - - name: privatecred {{- if .Values.general.imagePullSecrets}} {{ toYaml .Values.general.imagePullSecrets | nindent 8 }} {{- end }} + {{- if .Values.solr.imagePullSecrets}} + {{ toYaml .Values.solr.imagePullSecrets | nindent 8 }} + {{- end }} {{- with .Values.persistentStorage.solr }} volumeClaimTemplates: - metadata: diff --git a/xenit-alfresco/templates/sync-service/sync-service-deployment.yaml b/xenit-alfresco/templates/sync-service/sync-service-deployment.yaml index 5a8acf8..919d5c2 100644 --- a/xenit-alfresco/templates/sync-service/sync-service-deployment.yaml +++ b/xenit-alfresco/templates/sync-service/sync-service-deployment.yaml @@ -85,8 +85,10 @@ spec: {{- end }} {{- end }} imagePullSecrets: - - name: alfrescocred {{- if .Values.general.imagePullSecrets}} {{ toYaml .Values.general.imagePullSecrets | nindent 8 }} {{- end }} + {{- if .Values.syncService.imagePullSecrets}} + {{ toYaml .Values.syncService.imagePullSecrets | nindent 8 }} + {{- end }} {{- end }} \ No newline at end of file diff --git a/xenit-alfresco/templates/transform-services/shared-file-store/shared-file-store-deployment.yaml b/xenit-alfresco/templates/transform-services/shared-file-store/shared-file-store-deployment.yaml index ed62a10..94ba52f 100644 --- a/xenit-alfresco/templates/transform-services/shared-file-store/shared-file-store-deployment.yaml +++ b/xenit-alfresco/templates/transform-services/shared-file-store/shared-file-store-deployment.yaml @@ -58,10 +58,15 @@ spec: mountPath: /tmp/Alfresco {{- end }} imagePullSecrets: - - name: alfrescocred {{- if .Values.general.imagePullSecrets}} {{ toYaml .Values.general.imagePullSecrets | nindent 8 }} {{- end }} + {{- if .Values.transformServices.imagePullSecrets}} + {{ toYaml .Values.transformServices.imagePullSecrets | nindent 8 }} + {{- end }} + {{- if .Values.transformServices.sharedFileStore.imagePullSecrets}} + {{ toYaml .Values.transformServices.sharedFileStore.imagePullSecrets | nindent 8 }} + {{- end }} {{- if .Values.persistentStorage.sharedFileStore.enabled }} volumes: - name: data diff --git a/xenit-alfresco/templates/transform-services/transform-core-aio/transform-core-aio-deployment.yaml b/xenit-alfresco/templates/transform-services/transform-core-aio/transform-core-aio-deployment.yaml index e8988c8..3a6556b 100644 --- a/xenit-alfresco/templates/transform-services/transform-core-aio/transform-core-aio-deployment.yaml +++ b/xenit-alfresco/templates/transform-services/transform-core-aio/transform-core-aio-deployment.yaml @@ -56,4 +56,10 @@ spec: {{- if .Values.general.imagePullSecrets}} {{ toYaml .Values.general.imagePullSecrets | nindent 8 }} {{- end }} + {{- if .Values.transformServices.imagePullSecrets}} + {{ toYaml .Values.transformServices.imagePullSecrets | nindent 8 }} + {{- end }} + {{- if .Values.transformServices.transformCoreAio.imagePullSecrets}} + {{ toYaml .Values.transformServices.transformCoreAio.imagePullSecrets | nindent 8 }} + {{- end }} {{- end }} \ No newline at end of file diff --git a/xenit-alfresco/templates/transform-services/transform-router/transform-router-deployment.yaml b/xenit-alfresco/templates/transform-services/transform-router/transform-router-deployment.yaml index daf23b9..74c486a 100644 --- a/xenit-alfresco/templates/transform-services/transform-router/transform-router-deployment.yaml +++ b/xenit-alfresco/templates/transform-services/transform-router/transform-router-deployment.yaml @@ -73,8 +73,13 @@ spec: {{- end }} {{- end }} imagePullSecrets: - - name: alfrescocred {{- if .Values.general.imagePullSecrets}} {{ toYaml .Values.general.imagePullSecrets | nindent 8 }} {{- end }} + {{- if .Values.transformServices.imagePullSecrets}} + {{ toYaml .Values.transformServices.imagePullSecrets | nindent 8 }} + {{- end }} + {{- if .Values.transformServices.transformRouter.imagePullSecrets}} + {{ toYaml .Values.transformServices.transformRouter.imagePullSecrets | nindent 8 }} + {{- end }} {{- end }} \ No newline at end of file diff --git a/xenit-alfresco/values.yaml b/xenit-alfresco/values.yaml index 2dc7b50..5888799 100644 --- a/xenit-alfresco/values.yaml +++ b/xenit-alfresco/values.yaml @@ -187,10 +187,4 @@ persistentStorage: storageClassName: "" storage: 1 efs: - volumeHandle: "" - -imageCredentials: - private: - registry: 'hub.xenit.eu' - alfresco: - registry: 'quay.io' + volumeHandle: "" \ No newline at end of file