Compare commits

..

No commits in common. "ab86b2a398eeac15af5459d1887812d130befaad" and "747c771fce9712fbc68d8c54fdafdb5078917e12" have entirely different histories.

10 changed files with 163 additions and 21 deletions

2
charts/ansible-semaphore/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
Chart.lock
charts/

View File

@ -0,0 +1,18 @@
---
apiVersion: v2
name: ansible-semaphore
description: Powerful API for Ansible
type: application
version: 1.0.0
appVersion: v2.8.53
kubeVersion: ">=1.27.0"
home: https://semaphoreui.com/
sources:
- https://git.rre.nu/jonas/helm-charts
maintainers:
- name: Jonas Forsberg
email: barregargamel@gmail.com
dependencies:
- name: lib
repository: "file://../../../lib/"
version: 1.0.1

View File

@ -0,0 +1,2 @@
doc:
frigate gen --output-format markdown --no-deps --no-credits ./ > README.md

View File

@ -0,0 +1,62 @@
Ansible-semaphore
===========
Powerful API for Ansible
## Configuration
The following table lists the configurable parameters of the Ansible-semaphore chart and their default values.
| Parameter | Description | Default |
| ------------------------ | ----------------------- | -------------- |
| `image.repository` | | `"ansiblesemaphore/semaphore"` |
| `config.bolt.host` | Path to the BoltDB database file | `null` |
| `config.mysql.host` | MySQL database host | `null` |
| `config.mysql.name` | MySQL database (schema) name | `null` |
| `config.mysql.user` | MySQL user name | `null` |
| `config.mysql.pass` | MySQL user's password | `null` |
| `config.postgres.host` | Postgres database host | `null` |
| `config.postgres.name` | Postgres database (schema) name | `null` |
| `config.postgres.user` | Postgres user name | `null` |
| `config.postgres.pass` | Postgres user's password | `null` |
| `config.dialect` | Can be mysql, postgres or bolt | `"bolt"` |
| `config.port` | TCP port on which the web interface will be available. Default: 3000 | `3000` |
| `config.interface` | Useful if your server has multiple network interfaces | `null` |
| `config.tmp_path` | Path to directory where cloned repositories and generated files are stored. Default: /tmp/semaphore | `"/tmp/semaphore"` |
| `config.access_key_encryption` | Secret key used for encrypting access keys in database. Read more in [Database encryption reference](https://docs.semaphoreui.com/administration-guide/security#database-encryption). | `null` |
| `config.web_host` | Can be useful if you want to use Semaphore by the subpath, for example: http://yourdomain.com/semaphore. Do not add a trailing /. | `null` |
| `config.email_sender` | | `null` |
| `config.email_host` | | `null` |
| `config.email_port` | | `null` |
| `config.email_secure` | | `null` |
| `config.email_username` | | `null` |
| `config.email_password` | | `null` |
| `config.email_alert` | | `null` |
| `config.telegram_alert` | | `null` |
| `config.slack_alert` | Set to True to enable pushing alerts to slack. It should be used in combination with slack_url | `null` |
| `config.slack_url` | The slack webhook url. Semaphore will used it to POST Slack formatted json alerts to the provided url | `null` |
| `config.rocketchat_alert` | Set to True to enable pushing alerts to Rocket.Chat. It should be used in combination with rocketchat_url. Available since v2.9.56. | `null` |
| `config.rocketchat_url` | The rocketchat webhook url. Semaphore will used it to POST Rocket.Chat formatted json alerts to the provided url. Available since v2.9.56. | `null` |
| `config.ldap_enable` | | `null` |
| `config.ldap_needtls` | | `null` |
| `config.ldap_binddn` | | `null` |
| `config.ldap_bindpassword` | | `null` |
| `config.ldap_server` | | `null` |
| `config.ldap_searchdn` | | `null` |
| `config.concurrency_mode` | Can be unset/empty or project or node. When set to project, tasks will run in parallel if and only if they do not share the same project id, with no regard to the nodes/hosts that are affected. When set to node, a task will run in parallel if and only if the hosts affected by tasks already running does not intersect with the hosts that would be affected by the task in question. If concurrency_mode is not specified or left empty, no task will start before the previous one has finished. | `null` |
| `max_parallel_tasks` | | `null` |
| `oidc_providers` | OpenID provider settings. You can provide multiple OpenID providers. More about OpenID configuration read in [OpenID](https://docs.semaphoreui.com/administration-guide/openid/). | `null` |
| `password_login_disable` | Disable login with using password. Only LDAP and OpenID. | `false` |
| `non_admin_can_create_project` | Allow non-admin users to create new projects. | `false` |
| `service.http.enabled` | | `true` |
| `service.http.ports.http.port` | | `80` |
| `service.http.ports.http.targetPort` | | `3000` |
| `volumes` | | `[{"name": "config", "secret": {"secretName": "ansible-semaphore-config", "optional": false}}]` |
| `volumeMounts` | | `[{"name": "config", "mountPath": "/etc/semaphore", "readOnly": true}]` |

View File

@ -0,0 +1 @@
{{ include "lib.all" . }}

View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: Secret
metadata:
name: ansible-semaphore-config
namespace: {{- .Values.namespace }}
labels:
{{- include "lib.labels" . | nindent 4}}
type: Opauge
data:
config.json: {{ toJson .Values.config | b64enc }}

View File

@ -0,0 +1,64 @@
image:
repository: ansiblesemaphore/semaphore
config:
bolt:
host: # Path to the BoltDB database file
mysql:
host: # MySQL database host
name: # MySQL database (schema) name
user: # MySQL user name
pass: # MySQL user's password
postgres:
host: # Postgres database host
name: # Postgres database (schema) name
user: # Postgres user name
pass: # Postgres user's password
dialect: bolt # Can be mysql, postgres or bolt
port: 3000 # TCP port on which the web interface will be available. Default: 3000
interface: # Useful if your server has multiple network interfaces
tmp_path: /tmp/semaphore # Path to directory where cloned repositories and generated files are stored. Default: /tmp/semaphore
access_key_encryption: # Secret key used for encrypting access keys in database. Read more in [Database encryption reference](https://docs.semaphoreui.com/administration-guide/security#database-encryption).
web_host: # Can be useful if you want to use Semaphore by the subpath, for example: http://yourdomain.com/semaphore. Do not add a trailing /.
email_sender:
email_host:
email_port:
email_secure:
email_username:
email_password:
email_alert:
telegram_alert:
slack_alert: # Set to True to enable pushing alerts to slack. It should be used in combination with slack_url
slack_url: # The slack webhook url. Semaphore will used it to POST Slack formatted json alerts to the provided url
rocketchat_alert: # Set to True to enable pushing alerts to Rocket.Chat. It should be used in combination with rocketchat_url. Available since v2.9.56.
rocketchat_url: # The rocketchat webhook url. Semaphore will used it to POST Rocket.Chat formatted json alerts to the provided url. Available since v2.9.56.
ldap_enable:
ldap_needtls:
ldap_binddn:
ldap_bindpassword:
ldap_server:
ldap_searchdn:
concurrency_mode: # Can be unset/empty or project or node. When set to project, tasks will run in parallel if and only if they do not share the same project id, with no regard to the nodes/hosts that are affected. When set to node, a task will run in parallel if and only if the hosts affected by tasks already running does not intersect with the hosts that would be affected by the task in question. If concurrency_mode is not specified or left empty, no task will start before the previous one has finished.
max_parallel_tasks:
oidc_providers: # OpenID provider settings. You can provide multiple OpenID providers. More about OpenID configuration read in [OpenID](https://docs.semaphoreui.com/administration-guide/openid/).
password_login_disable: false # Disable login with using password. Only LDAP and OpenID.
non_admin_can_create_project: false # Allow non-admin users to create new projects.
service:
http:
enabled: true
ports:
http:
port: 80
targetPort: 3000
volumes:
- name: config
secret:
secretName: ansible-semaphore-config
optional: false
volumeMounts:
- name: config
mountPath: /etc/semaphore
readOnly: true

View File

@ -8,9 +8,3 @@ metadata:
type: Opauge type: Opauge
data: data:
config.json: {{ toJson .Values.config | b64enc }} config.json: {{ toJson .Values.config | b64enc }}
{{- with .Values.packages }}
packages.txt: {{ . | b64enc }}
{{- end }}
{{- with .Values.requirements }}
requirements.txt: {{ . | b64enc }}
{{- end }}

View File

@ -10,17 +10,17 @@ data:
#!/bin/sh #!/bin/sh
echo "creating /etc/semaphore/config.json" echo "creating /etc/semaphore/config.json"
cp /var/semaphoreui-secret/config.json /etc/semaphore/config.json cp /var/semaphoreui-secret/config.json /etc/semaphore/config.json
if test -f /var/semaphoreui-secret/packages.txt; then if test -f /etc/semaphore/packages.txt; then
echo "Installing additional system dependencies" echo "Installing additional system dependencies"
apk add --no-cache --upgrade \ apk add --no-cache --upgrade \
$(cat /var/semaphoreui-secret/packages.txt | xargs) $(cat /etc/semaphore/packages.txt | xargs)
else else
echo "No additional system dependencies to install" echo "No additional system dependencies to install"
fi fi
if test -f /var/semaphoreui-secret/requirements.txt; then if test -f /etc/semaphore/requirements.txt; then
echo "Installing additional python dependencies" echo "Installing additional python dependencies"
pip3 install --upgrade \ pip3 install --upgrade \
-r /var/semaphoreui-secret//requirements.txt -r /etc/semaphore/requirements.txt
else else
echo "No additional python dependencies to install" echo "No additional python dependencies to install"
fi fi

View File

@ -65,17 +65,6 @@ ingress:
annotations: annotations:
{} {}
packages: # extra packages that needs to be installed
requirements: # Requirements files serve as a list of items to be installed by pip, when using [pip install](https://pip.pypa.io/en/stable/cli/pip_install/#pip-install)
livenessProbe:
httpGet:
path: /
port: http
readinessProbe:
httpGet:
path: /
port: http
controller: controller:
command: ["/bin/sh"] # Need to override server-wrapper due to stupid DB ping in container command: ["/bin/sh"] # Need to override server-wrapper due to stupid DB ping in container